Fact vs. Fiction: 10 Endpoint Security Myths Debunked

Simply defined, endpoint security protects desktops, laptops, servers, and fixed-function devices from malicious internal and external threats. Endpoint security combines various threat detection, response and prevention technologies to help organizations disrupt cyberattacks. Despite the clear-c...

NSA Urgently Warns on Industrial Cyberattacks, Triconex Critical Bug

The U.S. National Security Agency NSA and the Cybersecurity and Infrastructure Security Agency CISA have issued an alert warning that adversaries could be targeting critical infrastructure across the U.S. Separately, ICS-CERT issued an advisory on a critical security bug in the Schneider Electric...

OilRig APT Drills into Malware Innovation with Unique Backdoor

A series of cyberattacks on a telecom company in the Middle East has signaled the return of the OilRig APT. The attacks also revealed a revised backdoor tool in the group’s arsenal, called RDAT. The attacks were observed in April by Palo Alto Networks’ Unit 42. Researchers there said that the...

Why Application Security Should Be Considered An Enabler For Business

If you ask Alex, he won't admit being old-fashioned. He has been working in the IT industry for a while now and accepts that security is important for the business's health. But reluctant to take security as the business enabler. In today's environment, moving to digitization is a critical step...

FTC Releases Article on Protecting Small Businesses from Cyber Threats

The Federal Trade Commission FTC has released an article on their Protecting Small Business playlist, which is a collection of videos with tips for small businesses to protect their networks from common cyber scams and cyberattacks. The Cybersecurity and Infrastructure Security Agency CISA...

Microsoft Seizes Malicious Domains Used in Mass Office 365 Attacks

Microsoft has seized several domains associated with a massive hacking campaign, which has targeted Office 365 accounts with phishing and business email compromise BEC emails. The sophisticated phishing attacks, which first began in December, have since compromised Office 365 accounts in 62...

How To Protect Your Kubernetes Cluster with Wallarm – Configuration and Finetuning – part 2 of 3

Wallarm’s Kubernetes Ingress controller is designed to help protect your Kubernetes cluster against cyberattacks. Its built-in web application firewall WAF is capable of detecting and blocking a wide range of common attacks against Kubernetes deployments. The previous article in this series...

6 Best Practices to Fight a New Breed of Insider Threats

The current global pandemic has disrupted how organizations work. Some businesses quickly adapt while other organizations are still figuring out the new landscape. Unfortunately, criminals are exploiting vulnerabilities during this challenging time. There has been an 238% increase in cyberattacks...

6 Best Practices to Fight a New Breed of Insider Threats

The current global pandemic has disrupted how organizations work. Some businesses quickly adapt while other organizations are still figuring out the new landscape. Unfortunately, criminals are exploiting vulnerabilities during this challenging time. There has been an 238% increase in cyberattacks...

Tuesday’s Magento 1 EOL Leaves Clock Ticking on 100K Online Stores

With Magento 1 reaching end-of-life EOL on Tuesday, Adobe is making a last-ditch effort to urge the 100,000 online stores still running the outdated version to migrate to Magento 2. Magento is a popular, Adobe-owned open-source e-commerce platform that powers many online shops. After June 30...

Office 365 Users Targeted By 'Coronavirus Employee Training' Phish

Researchers are warning of a new phishing attack that purports to send coronavirus training resources to employees who are returning to the workplace, as COVID-19 lockdowns lift. The recent phishing campaign leverages novel training programs that are required for employees in the workplace to...

Adobe Prompts Users to Uninstall Flash Player As EOL Date Looms

With Flash Player’s Dec. 31, 2020 kill date quickly approaching, Adobe said that it will start prompting users to uninstall the software in the coming months. The End of Life EOL timeline has been a long time coming. Adobe first announced in July 2017 that it will no longer update or distribute...

Broad, Ongoing Cyberattacks Targeting Australia Underscore Need for Behavioral-Based Cybersecurity

On Friday the Australian Federal Government detailed sustained ‘copy-paste’ threats on government and business throughout the country. According to the Government: “‘Copy-paste compromises’ is derived from … heavy use of proof-of-concept exploit code, web shells and other tools copied almost...

Premier League's Return: A Hat Trick of Cyberthreats?

England’s Premier League is returning this week, with millions of soccer fans around the world looking to stream matches using their online video accounts. Unfortunately, the U.K.’s National Cyber Security Centre NCSC is warning on phishing, fraud and brute-forcing attempts by attackers looking t...

Coronavirus-Themed Cyberattacks Drop — Microsoft

A report from the Microsoft Threat Protection Intelligence Team found that Covid-19-themed cyberattacks peaked in early March and are now trending significantly down. The report also noted that those attacks have been a drop in the bucket compared to overall threats observed over the last four...

The science behind Microsoft Threat Protection: Attack modeling for finding and stopping evasive ransomware

The linchpin of successful cyberattacks, exemplified by nation state-level attacks and human-operated ransomware, is their ability to find the path of least resistance and progressively move across a compromised network. Determining the full scope and impact of these attacks is one the most...

Cyberattacks targeting BLM movement see widespread increase

By Sudais Asif Cloudflare says that there has been a staggering increase in cyberattacks against the BLM movement. This is a post from HackRead.com Read the original post: Cyberattacks targeting BLM movement see widespread increase...

This Week in Security News: How the Cybercriminal Underground Has Changed in 5 Years and the NSA Warns of New Sandworm Attacks on Email Servers

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how, over the past five years, the cybercriminal underground has seen a major shift to new platforms, communications channels,...

Crooks Tap Google Firebase in Fresh Phishing Tactic

A series of phishing campaigns using Google Firebase storage URLs have surfaced, showing that cybercriminals continue to leverage the reputation of Google’s cloud infrastructure to dupe victims and skate by secure email gateways. Google Firebase is a mobile and web application development platfor...

‘Modern Bank Heists’ Threat Report Finds Dramatic Increase in Cyberattacks Against Financial Institutions Amid COVID-19

This marks the third edition of the Modern Bank Heists report, which takes an annual pulse of some of the financial industry’s top CISOs and security leaders. Thank you, again, for reading along and thank you to the 25 security leaders who participated in this year’s survey. This survey offers mo...