Newly provisioned, unprotected SAP applications in cloud environments are getting discovered and compromised in mere hours, Onapsis researchers have found, and vulnerabilities affecting them are being weaponized in less than 72 hours after SAP releases…Read More SAP applications are getting compromised by skilled attackers
Around the world, organizations are facing a tremendous increase in cyber risk. A recent research reveals that 31% of companies now experience a cyberattack at least once a day, a trend that’s expected to skyrocket as cybercriminals employ AI and autom…Read More How do I select an attack detection solution for my business?
While the DMARC enforcement rate increases, 3 billion messages per day are still spoofing the sender’s identity, Valimail reveals. Email continues to be an effective way to communicate and use has increased during a year of global pandemic, and hackers…Read More Only 14% of domains worldwide truly protected from spoofing with DMARC enforcement
Phishers have been exploiting people’s fear and curiosity regarding breakthroughs and general news related to the COVID-19 pandemic from the very start, and will continue to do it for as long it affects out private and working lives. Cybercrimina…Read More Phishers’ perfect targets: Employees getting back to the office
The upheavals of 2020, and the mass global shift to remote work, opened to hackers a new world of opportunity. Naturally, most organizations have worked to shore up their defences and fast-track any lingering digital transformation plans. But cyber thr…Read More Learn what to do before and after being hit with a cyber-attack
On March 24, noted cybersecurity author Brennen Schmidt and Andrew Loschmann, Field Effect COO, will join other experts to explore cost-effective ways to keep themselves secure and steps to take when a breach eventually happens.
The post Learn what to …
Microsoft has released Exchange On-Premises Mitigation Tool (EOMT), which quickly performs the initial steps for mitigating the ProxyLogon flaw (CVE-2021-26855) on any Exchange server and attempts to remediate found compromises. “This tool is not…Read More Microsoft releases one-click Exchange On-Premises Mitigation Tool
Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon (CVE-2021-26855) and three other vulnerabilities patched by Microsoft in early March. While the initial attacks were attributed by Microsoft to a threat actor …Read More As attacks on Exchange servers escalate, Microsoft investigates potential PoC exploit leak
From a networking perspective, the past 12 months have been marked by the sudden dominance of the “home edge” as remote work became the norm for many Canadians. But, as jarring as that transition was for some organizations, it’s hardly the only pressur…Read More Now’s the time to take a Fabric approach to security – here’s why
A new report from Akamai looks back at 2020, examining some of the technological shifts and the patterns that emerged from lockdown-related internet spikes at the beginning of the year, to the resurgent spikes due to a mix of additional lockdowns and c…Read More Defending enterprise systems during a pandemic
Today Yoroi released its last cybersecurity report (available HERE). Following I am copying one of its chapters to give you a little flawor about what you can get for free by downloading it ! Hope you might like its contents. The volume of the malicious code produced and disseminated in the wild is constantly increasing. […]Read More 0-Day Malware (2020)
Cybercriminals have wasted little time in capitalizing on the vulnerabilities that come with remote work, and their attacks have been highly targeted, with a focus on business-related apps, according to GreatHorn. Business-related applications, those t…Read More Cybercriminals increasingly impersonate business-related apps
Microsoft has released out-of-band security updates for seven bugs affecting Microsoft Exchange Servers, four of which are zero-day vulnerabilities being exploited by attackers in the wild to plunder on-premises machines. According to Volexity, the attacks have been going on for nearly two months, possibly even longer. Our team has been tirelessly working several intrusions since January involving multiple 0-day exploits in Microsoft Exchange. We’ve released the details of this threat activity alongside Microsoft’s Out of … More
The post Exchange Servers targeted via zero-day exploits, have yours been hit? appeared first on Help Net Security.Read More Exchange Servers targeted via zero-day exploits, have yours been hit?
Detection is a key point in threat hunting. During the past few weeks, stright in the middle of the winter “holidays” (well, maybe if you live in a place where no COVID-19 lockdown was involved), many people re/started a studying program on cybersecurity. Some of them wrote to me asking if there is a way […]Read More C2 Traffic Patterns: Personal Notes
Today I’d like to share a quick analysis on a quite new and unknown threat spotted in the wild. The file which grabbed my attention is called Loader.js (md5: 59a03086db5ebd33615b819a7c3546a5) and if you wish you can download it from Yomi. A very similar (or maybe the same) threat has been observed in the past months […]Read More Threat Actor: Unkown
Nowadays malware authors use a lot of techniques to hide malicious payloads in order to bypass security products and to make malware analyst life harder and fun. There are many tools that you can use to extract content from malware and there is not a standard process, you can use different tools, different techniques and […]Read More How To Unpack Malware: Personal Notes