Top

Tag: Enterprise


Network security, Security

Norton Small Business wants to keep your start-up safe from security threats

September 28, 2023

Via: TechRadar

Cybersecurity powerhouse Norton has just announced a new security suite aimed purely at small and medium-sized businesses (SMB). The company says Norton Small Business can offer SMBs the same level of security enjoyed by large enterprises, without needing a separate […]


Cloud security, Security

7 Critical Cloud Threats Facing the Enterprise in 2023

February 9, 2023

Via: Dark Reading

Securing the cloud has been an unwieldy and daunting task since the beginning: The idea of using an enterprise architecture built on delivering computing services over the internet naturally represents a unique threat surface. But cloud computing is rapidly becoming […]


Network security, Security

Secure web browsers for the enterprise compared: How to pick the right one

October 10, 2022

Via: CSO Online

The web browser has long been the security sinkhole of enterprise infrastructure. While email is often cited as the most common entry point, malware often enters via the browser and is more difficult to prevent. Phishing, drive-by attacks, ransomware, SQL […]


Cyber-crime, Phishing

Phishers use custom phishing kit to hijack MFA-protected enterprise Microsoft accounts

August 3, 2022

Via: Help Net Security

An ongoing, large-scale phishing campaign is targeting owners of business email accounts at companies in the FinTech, Lending, Insurance, Energy and Manufacturing sectors in the US, UK, New Zealand and Australia, Zscaler researchers are warning. The attackers are using a […]


Threats & Malware, Vulnerabilities

The most common exploit paths enterprises leave open for attackers

June 9, 2022

Via: Help Net Security

Exposed version control repositories, leaked secrets in public code repositories, a subdomain vulnerable to takover, exposed Amazon S3 buckets, and Microsoft Exchange Server servers vulnerable to CVE-2021-42321 exploitation are the most common exploit paths medium to large enterprises left open […]


Network security, Security

40% of enterprises don’t include business-critical systems in their cybersecurity monitoring

June 3, 2022

Via: Help Net Security

Logpoint has announced findings from a recent poll to uncover the security and cost implications enterprises face with their existing IT infrastructure. The poll was targeted at cybersecurity and IT professionals in both the U.S. and UK. The problem with […]


Hacker, Threats & Malware

U.S. warns of North Korean hackers posing as IT freelancers

May 18, 2022

Via: Help Net Security

Companies and other organizations should be careful when employing IT freelancers, lest they end up hiring North Korean hackers. The advice comes from the U.S. Department of State, the U.S. Department of the Treasury, and the Federal Bureau of Investigation, […]


Application security, Security, Threats & Malware, Vulnerabilities

Log4Shell exploitation: Which applications may be targeted next?

April 5, 2022

Via: Help Net Security

Spring4Shell (CVE-2022-22965) has dominated the information security news these last six days, but Log4Shell (CVE-2021-44228) continues to demand attention and action from enterprise defenders as diverse vulnerable applications are being targeted in attacks in the wild. Attackers in the wild […]


Threats & Malware, Vulnerabilities

CISA adds Spring4Shell to list of exploited vulnerabilities

April 5, 2022

Via: Help Net Security

It’s been almost a week since the Spring4Shell vulnerability (CVE-2022-22965) came to light and since the Spring development team fixed it in new versions of the Spring Framework. There have been reports of scanning, exploit attempts and attempts to deploy […]


Threats & Malware, Vulnerabilities

Spring4Shell: No need to panic, but mitigations are advised

March 31, 2022

Via: Help Net Security

Security teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core, a massively popular framework for building modern Java-based enterprise applications, began circulating online. Thanks […]


Cyber-crime, Phishing

Attackers employ novel methods to backdoor French organizations

March 21, 2022

Via: Help Net Security

An advanced threat actor has been spotted using distinctive, novel methods to backdoor French entities in the construction, real estate, and government industries. How the attack unfolds The attack starts with a well-known technique – emails containing a macro-enabled Microsoft […]


Cyber-crime, Phishing

Attackers connect rogue devices to organizations’ network with stolen Office 365 credentials

January 27, 2022

Via: Help Net Security

Attackers are trying out a new technique to widen the reach of their phishing campaigns: by using stolen Office 365 credentials, they try to connect rogue Windows devices to the victim organizations’ network by registering it with their Azure AD. […]


Cyber-crime, Phishing

Scammers are impersonating the DarkSide ransomware gang

June 21, 2021

Via: Help Net Security

Someone out there is impersonating the infamous DarkSide ransomware gang and trying to trick companies in the energy and food industry to part with 100 Bitcoins, Trend Micro warns. But the campaign is not producing the desired results, because the […]


Application security, Security

Getting your application security program off the ground

March 11, 2021

Via: Help Net Security

IT and security professionals are increasingly concerned about attackers compromising their mission-critical applications. According to a recent Ponemon study, the reasons for that are many: more funds go towards protecting networks, security is not adequately emphasized during the development of […]


Network security, Security

Which cybersecurity failures cost companies the most and which defenses have the highest ROI?

September 3, 2020

Via: Help Net Security

Massachusetts Institute of Technology (MIT) scientists have created a cryptographic platform that allows companies to securely share data on cyber attacks they suffered and the monetary cost of their cybersecurity failures without worrying about revealing sensitive information to their competitors […]


Threats & Malware, Vulnerabilities

Attackers are exploiting two zero-day flaws in Cisco enterprise-grade routers

September 1, 2020

Via: Help Net Security

A technical support intervention has revealed two zero-day vulnerabilities in the OS running on Cisco enterprise-grade routers that attackers are trying to actively exploit. Cisco plans to release software updates to plug these security holes, but in the meantime administrators […]


Threats & Malware, Vulnerabilities

Critical flaw allows hackers to breach SAP systems with ease

July 14, 2020

Via: CSO Online

SAP users should immediately deploy a newly released patch for a critical vulnerability that could allow hackers to compromise their systems and the data they contain. The flaw is in a core component that exists by default in most SAP […]


Threats & Malware, Vulnerabilities

How attackers target and exploit Microsoft Exchange servers

June 25, 2020

Via: Help Net Security

Microsoft Exchange servers are an ideal target for attackers looking to burrow into enterprise networks, says Microsoft, as “they provide a unique environment that could allow attackers to perform various tasks using the same built-in tools or scripts that admins […]


Cyber-crime, Identity theft

Identity fraud: Protecting your customers from the new kids in town

April 1, 2020

Via: Help Net Security

It’s one thing to have your credit card stolen, but your identity is a whole other ball game. The worst thing is, it’s a lot more common than you’d think. Identity fraud affects around one in 15 people in the […]


Access control, Security, Threats & Malware, Vulnerabilities

Password vulnerability at Fortune 1000 companies

March 25, 2020

Via: Help Net Security

Despite often repeated advice of using unique passwords for online accounts – or at least the most critical ones – password reuse continues to be rampant. And, according to breach discovery firm SpyCloud, employees of the Fortune 1000 are just […]