September 28, 2023
Via: TechRadarCybersecurity powerhouse Norton has just announced a new security suite aimed purely at small and medium-sized businesses (SMB). The company says Norton Small Business can offer SMBs the same level of security enjoyed by large enterprises, without needing a separate […]
February 9, 2023
Via: Dark ReadingSecuring the cloud has been an unwieldy and daunting task since the beginning: The idea of using an enterprise architecture built on delivering computing services over the internet naturally represents a unique threat surface. But cloud computing is rapidly becoming […]
October 10, 2022
Via: CSO OnlineThe web browser has long been the security sinkhole of enterprise infrastructure. While email is often cited as the most common entry point, malware often enters via the browser and is more difficult to prevent. Phishing, drive-by attacks, ransomware, SQL […]
August 3, 2022
Via: Help Net SecurityAn ongoing, large-scale phishing campaign is targeting owners of business email accounts at companies in the FinTech, Lending, Insurance, Energy and Manufacturing sectors in the US, UK, New Zealand and Australia, Zscaler researchers are warning. The attackers are using a […]
Threats & Malware, Vulnerabilities
June 9, 2022
Via: Help Net SecurityExposed version control repositories, leaked secrets in public code repositories, a subdomain vulnerable to takover, exposed Amazon S3 buckets, and Microsoft Exchange Server servers vulnerable to CVE-2021-42321 exploitation are the most common exploit paths medium to large enterprises left open […]
June 3, 2022
Via: Help Net SecurityLogpoint has announced findings from a recent poll to uncover the security and cost implications enterprises face with their existing IT infrastructure. The poll was targeted at cybersecurity and IT professionals in both the U.S. and UK. The problem with […]
May 18, 2022
Via: Help Net SecurityCompanies and other organizations should be careful when employing IT freelancers, lest they end up hiring North Korean hackers. The advice comes from the U.S. Department of State, the U.S. Department of the Treasury, and the Federal Bureau of Investigation, […]
Application security, Security, Threats & Malware, Vulnerabilities
April 5, 2022
Via: Help Net SecuritySpring4Shell (CVE-2022-22965) has dominated the information security news these last six days, but Log4Shell (CVE-2021-44228) continues to demand attention and action from enterprise defenders as diverse vulnerable applications are being targeted in attacks in the wild. Attackers in the wild […]
Threats & Malware, Vulnerabilities
April 5, 2022
Via: Help Net SecurityIt’s been almost a week since the Spring4Shell vulnerability (CVE-2022-22965) came to light and since the Spring development team fixed it in new versions of the Spring Framework. There have been reports of scanning, exploit attempts and attempts to deploy […]
Threats & Malware, Vulnerabilities
March 31, 2022
Via: Help Net SecuritySecurity teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core, a massively popular framework for building modern Java-based enterprise applications, began circulating online. Thanks […]
March 21, 2022
Via: Help Net SecurityAn advanced threat actor has been spotted using distinctive, novel methods to backdoor French entities in the construction, real estate, and government industries. How the attack unfolds The attack starts with a well-known technique – emails containing a macro-enabled Microsoft […]
January 27, 2022
Via: Help Net SecurityAttackers are trying out a new technique to widen the reach of their phishing campaigns: by using stolen Office 365 credentials, they try to connect rogue Windows devices to the victim organizations’ network by registering it with their Azure AD. […]
June 21, 2021
Via: Help Net SecuritySomeone out there is impersonating the infamous DarkSide ransomware gang and trying to trick companies in the energy and food industry to part with 100 Bitcoins, Trend Micro warns. But the campaign is not producing the desired results, because the […]
Application security, Security
March 11, 2021
Via: Help Net SecurityIT and security professionals are increasingly concerned about attackers compromising their mission-critical applications. According to a recent Ponemon study, the reasons for that are many: more funds go towards protecting networks, security is not adequately emphasized during the development of […]
September 3, 2020
Via: Help Net SecurityMassachusetts Institute of Technology (MIT) scientists have created a cryptographic platform that allows companies to securely share data on cyber attacks they suffered and the monetary cost of their cybersecurity failures without worrying about revealing sensitive information to their competitors […]
Threats & Malware, Vulnerabilities
September 1, 2020
Via: Help Net SecurityA technical support intervention has revealed two zero-day vulnerabilities in the OS running on Cisco enterprise-grade routers that attackers are trying to actively exploit. Cisco plans to release software updates to plug these security holes, but in the meantime administrators […]
Threats & Malware, Vulnerabilities
July 14, 2020
Via: CSO OnlineSAP users should immediately deploy a newly released patch for a critical vulnerability that could allow hackers to compromise their systems and the data they contain. The flaw is in a core component that exists by default in most SAP […]
Threats & Malware, Vulnerabilities
June 25, 2020
Via: Help Net SecurityMicrosoft Exchange servers are an ideal target for attackers looking to burrow into enterprise networks, says Microsoft, as “they provide a unique environment that could allow attackers to perform various tasks using the same built-in tools or scripts that admins […]
April 1, 2020
Via: Help Net SecurityIt’s one thing to have your credit card stolen, but your identity is a whole other ball game. The worst thing is, it’s a lot more common than you’d think. Identity fraud affects around one in 15 people in the […]
Access control, Security, Threats & Malware, Vulnerabilities
March 25, 2020
Via: Help Net SecurityDespite often repeated advice of using unique passwords for online accounts – or at least the most critical ones – password reuse continues to be rampant. And, according to breach discovery firm SpyCloud, employees of the Fortune 1000 are just […]