Compliance May 14, 2022 What is Credential Stuffing? Credential stuffing attacks are common causes of data breaches. Here we explain what a credential stuffing attack is, why they are often successful, and steps ... Read more
Compliance May 13, 2022 EU Reaches Agreement on New Cybersecurity Regulations for Critical Infrastructure Organizations New legislation is being introduced in the European Union (EU) to ensure critical infrastructure organizations are better protected against destructive cyberattacks. Current legislation covering the ... Read more
Cyber Threats May 11, 2022 Critical F5 BIG-IP Flaw is Being Widely Exploited A critical flaw in F5 BIG-IP systems is being actively exploited by threat actors. BIG-IP systems are software/hardware solutions that are used for access control, ... Read more
Compliance May 10, 2022 3 Zero-Days Among 95 Flaws Patched by Microsoft on May 2022 Patch Tuesday Microsoft has released patches to correct 75 flaws in its products on May 2022 Patch Tuesday, including 3 zero-days, one of which is being actively ... Read more
Cyber Threats May 10, 2022 Phishing Campaign Pushing Jester Malware Targets Ukrainian Citizens Warning of Chemical Attacks A phishing campaign has been identified that warns of chemical weapon attacks on Ukrainian citizens in an attempt to infect devices with Jester malware. The ... Read more
Trends & Reports May 10, 2022 Popular Password Manager Adds Unique Username Generator Password managers are low-cost security solutions that can significantly improve security by helping people avoid bad password practices. Oftentimes, all that stands between a hacker ... Read more
Security Breaches May 9, 2022 U.S. Offers $15 Million in Rewards for Information About Conti Ransomware Leaders & Affiliates The U.S. Department of State is offering up to $15 million in rewards for information on the Conti ransomware leadership and its affiliates, as was ... Read more
Compliance May 8, 2022 HIPAA Compliance Software HIPAA compliance software is an application for overcoming the challenges of complying with HIPAA. Depending on the capabilities of the software, it can help compliance ... Read more
Trends & Reports May 6, 2022 FBI: More than $43 Billion has been Lost to BEC Scams Since 2016 Business email compromise (BEC) scams are the leading cause of losses to cybercrime. According to the U.S. Federal Bureau of Investigation (FBI), reported losses between ... Read more
Cyber Threats May 5, 2022 Campaign Identified Delivering Fileless Malware using Shellcode in Windows Event Logs A new technique has been observed in the wild for delivering fileless malware on targeted devices and evading detection. According to researchers at Kaspersky, the ... Read more
Cyber Threats May 3, 2022 Man Convicted for Phishing Scam Resulting in Theft of $23.5 Million from DoD The losses to phishing scams can be considerable. What starts with a single phishing email can easily result in a costly data breach, malware infection, ... Read more
Security Breaches May 2, 2022 REvil Ransomware Operation Returns Evidence is mounting that the notorious REvil ransomware operation is back up and running, despite multiple arrests and loss of control of its infrastructure. The ... Read more
Trends & Reports April 30, 2022 Report Shows Slight Improvement in User Password Security A report published by Bitwarden ahead of World Password Day shows a slight improvement in user password security compared to a similar report published last ... Read more
Cyber Threats April 30, 2022 How Password Managers Mitigate the Threat from Phishing The best way to mitigate the threat from phishing is to train employees to be more resilient to phishing attacks, introduce processes to report suspicious ... Read more
Insights April 30, 2022 DNS Security The Domain Name System (DNS) was developed to make navigating the Internet easier, but DNS security was not considered at the time. The DNS is ... Read more
Cyber Threats April 29, 2022 Bumblebee is the Malware Loader of Choice for Delivering Malicious Payloads A new malware loader dubbed Bumblebee is being used by multiple threat actors to deliver malicious payloads to victims’ devices. According to cybersecurity firm Proofpoint, ... Read more
Insights April 28, 2022 What is Email Encryption and Why is it Needed? Email encryption is a method of securing emails and preventing unauthorized access and it is an important security measure for businesses to implement. Email is ... Read more
Trends & Reports April 28, 2022 What Are Zero Knowledge Password Managers? Many password managers advertise themselves as zero knowledge password managers, claiming that end-to-end encryption prevents vendors and their employees from knowing what credentials are maintained ... Read more
Security Breaches April 28, 2022 66% of Mid-Sized Firms Suffered a Ransomware Attack in 2021 There was a massive rise in ransomware attacks on mid-sized organizations in 2021, according to the recently published State of Ransomware 2022 report from cybersecurity ... Read more
Insights April 27, 2022 Office 365 Email Protection Microsoft offers a range of Office 365 email protection via a selection of subscription plans and premium services. However, even at the highest level of ... Read more
Security Breaches April 27, 2022 American Dental Association Suffers Suspected Ransomware Attack The American Dental Association (ADA) has recently confirmed to its members that technical difficulties are being experienced due to a cyberattack that occurred over the ... Read more
Cyber Threats April 26, 2022 Emotet is Once Again the Biggest Malware Threat In January 2021, the infamous Emotet botnet was shut down following an international law enforcement operation coordinated by Europol and Eurojust. Emotet started life as ... Read more
Insights April 26, 2022 Email Protection for MSPs Due to the increasing number of cybersecurity events in which email is a factor, email protection for MSPs and their clients has never been more ... Read more
Insights April 26, 2022 Office 365 Spam Filter If your company subscribes to an Office 365 enterprise plan or Microsoft 365 business plan it is likely incoming emails pass through the Office 365 ... Read more
Compliance April 25, 2022 Why Leet Substitution has Little Impact on Password Strength While some sources advocate substituting letters with symbols to make passwords harder to crack, evidence exists that leet substitution has little impact on password strength. ... Read more
Tools & Practices April 22, 2022 Credit Card Company Advice for Online Security Most leading credit card companies offer similar advice for online security – that you should secure devices used for online transactions, use unique, complex passwords ... Read more
Security Breaches April 21, 2022 Cybersecurity Agencies Issue Warning About Cyberattacks by State Sponsored and Pro-Russian Hacking Groups A joint threat assessment has been published by cybersecurity agencies in the United States, Australia, Canada, New Zealand, and the United Kingdom warning about the ... Read more
Tools & Practices April 20, 2022 How Accurate are Password Strength Testers? Password strength testers are becoming more common in the account sign-up process. Their purpose is to indicate whether the passwords chosen by users are weak, ... Read more
Security Breaches April 20, 2022 CISA: Hackers Actively Exploiting Windows Print Spooler Privilege Escalation Flaw On February 2022 Patch Tuesday, Microsoft released a patch to fix a high severity Windows Print Spooler privilege escalation vulnerability, tracked as CVE-2022-22718, which was ... Read more
Security Breaches April 19, 2022 LinkedIn is the Most Impersonated Brand in Phishing Attacks The professional social networking site LinkedIn is now the most impersonated brand in phishing attacks according to Check Point Research. In Q1, 2022, 52% of ... Read more