News
-
"Why Web Apps Are One of This Year's Leading Attack Vector"Cybercriminals being able to evade the latest web application firewalls made Internet apps the fastest-growing attack vector in 2022. Public-facing web apps are now the most common attack vector used to breach an organization's perimeter. Web app-based…
-
"Nokia Bell Labs Sponsors CyLab's Future Enterprise Security Initiative"The frequency and sophistication of cyberattacks on businesses continue to grow. Although attacks on large multinational corporations make headlines, they are not the only targets, as cybercriminals are also going after small and medium-sized businesses…
-
"Biden Signs Executive Order on US-EU Personal Data Privacy"US President Joe Biden signed an executive order today designed to protect the privacy of personal data transfers between the EU and the United States and address European concerns about US intelligence collection activities. The white house noted…
-
"Ransomware-as-a-Service: The Cloud Model Escalates Ransomware Attacks"Cybercriminals are leveraging cloud services through ransomware-as-a-service (RaaS). A recent Venafi report found that in addition to a wide range of ransomware at different price points, there are also various services and tools that help threat actors…
-
"IBM: Ransomware Attacks Take Psychological Toll on Incident Responders"According to a survey conducted by IBM and Morning Consult, hundreds of cybersecurity incident responders reported that ransomware attacks have had a significant impact on their mental health. In July, researchers interviewed over 1,100 cybersecurity…
-
"RCE on Log4j Among Top CVEs Exploited By Chinese-Backed Hackers"According to a new advisory published by the US National Security Agency (NSA), Cybersecurity & Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI), Chinese state-sponsored threat actors continue to exploit known…
-
"Politically Motivated Ransomware Declines as Attackers Switch Back to Old Targets"Ransomware operators have shifted their focus away from politically motivated attacks against Russia and toward their usual targets, including the US, China, and Israel. According to the ESET T2 2022 Threat Report, the total number of Remote Desktop…
-
"COVID-19 Was an All-You-Can-Eat Buffet for Social Engineers"For years, researchers have known that the COVID-19 pandemic was exploited to set up effective phishing attacks and other social engineering schemes. Proofpoint's new research provides more insight into the use of the pandemic by cybercriminal groups,…
-
"Australian Police Make First Arrest in Optus Hack Probe"A police investigation of a cyberattack on an Australian telecommunications company in which the personal data of more than one-third of Australia’s population was stolen has resulted in its first arrest recently. The police launched Operation…
-
"Loads of PostgreSQL Systems Are Sitting on the Internet Without SSL Encryption"According to a cloud database provider, only one-third of PostgreSQL databases connected to the Internet use Secure Sockets Layer (SSL) for encrypted messaging. Bit.io, which provides a drag-and-drop PostgreSQL database as a service, used shodan.io to…
-
"VMware Patches Code Execution Vulnerability in vCenter Server"VMware recently announced patches for a vCenter Server vulnerability that could lead to arbitrary code execution. The vCenter Server, a centralized management utility, is used for controlling virtual machines and ESXi hosts, along with their…
-
"Meta Warns Of Password-Stealing Phone Apps"A million Facebook users have been "exposed" to seemingly harmless smartphone apps designed to steal their social network passwords, according to Meta. So far this year, Meta has identified over 400 malicious apps tailored for smartphones powered by…