CISA Insights: Guidance for MSPs and Small- and Mid-sized Businesses

CISA has released CISA Insights: Guidance for Managed Service Providers MSPs and Small- and Mid-sized Businesses, which provides mitigation and hardening guidance to help these organizations strengthen their defenses against cyberattacks. Many small- and mid-sized businesses use MSPs to manage IT...

Is Remote Desktop Protocol Secure? It Can Be

Kroll’s Paul Drapeau, Jeff Macko and Isaiah Jensen also contributed to this report. Most of the problems with setting up Remote Desktop Protocol RDP for remote work involves making RDP accessible via the public internet. RDP itself is not a secure setup and therefore requires additional security...

Mind the Gap: Securely Embracing the Digital Explosion

State and local governments are weathering a digital explosion. The move to "virtual everything" means that greater amounts of information are being produced and transmitted electronically, but the digital infrastructure powering these operations is straining under the weight. This shift is...

Cisco BPA, WSA Bugs Allow Remote Cyberattacks

A set of high-severity privilege-escalation vulnerabilities affecting Business Process Automation BPA application and Cisco’s Web Security Appliance WSA and could allow authenticated, remote attackers to access sensitive data or take over a targeted system. The first two bugs CVE-2021-1574 and...

Five Common Myths about Ransom DoS Attacks

Did you know that 86% of organizations surveyed in CyberEdge’s Cyberthreat Defense Report this year were compromised by cyberattacks? Since the first known incident in 1989, ransom DoS attacks have become increasingly sophisticated over time. If you are not well versed on the potential threats th...

Indexsinas SMB Worm Campaign Infests Whole Enterprises

The Indexsinas SMB worm is on the hunt for vulnerable environments to self-propagate into, researchers warned – with a particular focus on the healthcare, hospitality, education and telecommunications sectors. Its end goal is to drop cryptominers on compromised machines. Indexsinas, aka...

Cobalt Strike Usage Explodes Among Cybercrooks

The use of Cobalt Strike – the legitimate, commercially available tool used by network penetration testers – by cybercrooks has shot through the roof, according to Proofpoint researchers, who say that the tool has now “gone fully mainstream in the crimeware world.” The researchers have tracked a...

A week in security (June 21 – June 27)

Last week on Malwarebytes Labs: Want to stop ransomware attacks? Send the cybercriminals to jail, says Brian Honan: Lock and Code S02E11 Atomic research institute breached via VPN vulnerability Hotel staff bust Hermes SMS scammer with suspiciously large number of cables City of Liège hit by...

Top five insights from the 2021 CyberEdge Cyberthreat Defense Report

For the last eight years, the Cyberthreat Defense Report has been helping enterprise security professionals gauge their internal practices and security investments against their peers across multiple countries and industries. The report is based upon data from 1,200 qualified IT security...

How to Create a Simulated Phishing Attack Across Your Company

Email is one of the many weapons at the disposal of bad actors on the Internet, and your employees are in the firing line. Attackers try to hide behind a trusted entity, sometimes even masquerading as a known vendor or even as a representative of a group within your own organization, like HR or I...

Peloton Bike+ Bug Gives Hackers Complete Control

The popular Peloton Bike+ and Peloton Tread exercise equipment contain a security vulnerability that could expose gym users to a wide variety of cyberattacks, from credential theft to surreptitious video recordings. According to research from McAfee’s Advanced Threat Research ATR team, the bug no...

Afternoon Cyber Tea: Microsoft’s cybersecurity response to COVID-19

On February 25, 2020, Microsoft Chief Information Security Officer CISO Bret Arsenault was attending the RSA Conference in San Francisco when the city declared a state of emergency because of COVID-19. Shortly after flying back to Seattle, Bret learned of the first death from the coronavirus in...

Afternoon Cyber Tea: Microsoft’s cybersecurity response to COVID-19

On February 25, 2020, Microsoft Chief Information Security Officer CISO Bret Arsenault was attending the RSA Conference in San Francisco when the city declared a state of emergency because of COVID-19. Shortly after flying back to Seattle, Bret learned of the first death from the coronavirus in...

Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise BEC infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to...

DarkSide Pwned Colonial With Old VPN Password

It took only one dusty, no-longer-used password for the DarkSide cybercriminals to breach the network of Colonial Pipeline Co. last month, resulting in a ransomware attack that caused significant disruption and remains under investigation by the U.S. government and cybersecurity experts. Attacker...

Hackers Breached Colonial Pipeline Using Compromised VPN Password

The ransomware cartel that masterminded the Colonial Pipeline attack early last month crippled the pipeline operator's network using a compromised virtual private network VPN account password, the latest investigation into the incident has revealed. The development, which was reported by Bloomber...

How to perform a website security check- 6 tools to check website security

By Owais Sultan Running a small business or a large corporation? Your website needs security amid increasing cyberattacks. Here are some website security check tools. This is a post from HackRead.com Read the original post: How to perform a website security check- 6 tools to check website securit...

REvil Ransomware Gang Spill Details on US Attacks

Cybercriminals behind the JBS Foods ransomware attack claim they had no intent to target United States-based firms. The group, identified as the Sodinokibi REvil ransomware gang, also said it was not afraid of being labeled a cyber-terrorist group. A spokesperson for REvil shared its positions in...

Why FIDO2 Is the Answer to Better Security

A groundbreaking increase in security incidents is affecting governments around the world. In light of this, the United States issued a formal order to implement a robust set of security measures designed to improve the security of federal systems. In his most recent executive order, President...

Why FIDO2 is the Answer to Better Security

A groundbreaking increase in security incidents is affecting governments around the world. In light of this, the United States issued a formal order to implement a robust set of security measures designed to improve the security of federal systems. In his most recent executive order, President...