Trends & Reports February 17, 2022 TitanHQ Acquires Cyber Risk Aware to Add Security Awareness Training to its Cybersecurity Portfolio The Irish cybersecurity firm TitanHQ, a leading SaaS business offering a portfolio of cloud-based cybersecurity solutions with a focus on email, has announced the acquisition ... Read more
Cyber Threats February 17, 2022 2021 Was a Record-breaking Year for Vulnerability Disclosures Risk Based Security has released its 2021 vulnerability report which shows 2021 was a record-breaking year for vulnerability disclosures. 28,695 flaws were disclosed in 2021, ... Read more
Compliance February 16, 2022 46% of Emails in 2021 Were Spam The Russian cybersecurity firm Kaspersky has released its 2021 Spam and Phishing Report which identifies the key annual trends in spamming and phishing. The report ... Read more
Security Breaches February 15, 2022 Inmediata and CaptureRx Agree to Settle Class Action Data Breach Lawsuits It is common for victims of healthcare data breaches to take legal action against healthcare organizations that have experienced cyberattacks and data theft incidents. In ... Read more
Compliance February 14, 2022 Bipartisan Bill Proposes Creation of Commission to Investigate U.S. Health Data Privacy Laws Bipartisan legislation has been introduced in the U.S. to create a commission to analyze federal and state health data privacy laws and make recommendations for ... Read more
Tools & Practices February 10, 2022 These Critical Vulnerabilities in SAP Business Applications Require Immediate Patching SAP has released patches to fix a set of critical vulnerabilities in the SAP Internet Communication Manager (ICM), which is used by SAP business applications ... Read more
Tools & Practices February 9, 2022 51 Patches Released by Microsoft on February 2022 Patch Tuesday Microsoft has released 51 patches on February 2022 Patch Tuesday to fix vulnerabilities, including one zero-day bug. There are considerably fewer patches than in recent ... Read more
Cyber Threats February 8, 2022 Next-Gen Phishing Kits Used to Bypass Multifactor Authentication Proofpoint has revealed cyber threat actors are now using a new class of phishing kit that is allowing them to bypass multi-factor authentication (MFA). Multi-factor authentication ... Read more
Tools & Practices February 8, 2022 Safer Internet Day 2022: Improve Well-Being Online and Privacy and Security Every year, a day is dedicated to making the Internet a safer place for children and young people; however, this year, rather than having a ... Read more
Trends & Reports February 7, 2022 LastPass versus Dashlane Our comparison of LastPass versus Dashlane suggests it can be worth paying a little extra for more security. However, when you compare LastPass and Dashlane ... Read more
Compliance February 7, 2022 LastPass versus 1Password Ever since LastPass announced it was limiting it free password manager service in February 2021, there has been a plethora of LastPass versus 1Password comparison ... Read more
Tools & Practices February 6, 2022 Bitwarden versus LogMeOnce No comparison of Bitwarden versus LogMeOnce is going to be an apples-for-apples evaluation; for although both password managers operate under a “zero-knowledge” vault-based model for ... Read more
Security Breaches February 4, 2022 Hacker Steals $326 Million from the Wormhole Cryptocurrency Platform A hacker has exploited a zero-day vulnerability in the Wormhole cryptocurrency platform and stole approximately $326 million in cryptocurrency. After exploiting the vulnerability, the hacker ... Read more
Tools & Practices February 4, 2022 California Attorney General Shares Tips for Avoiding Identity Theft California Attorney General Rob Bonta has provided Californians with tips for avoiding identity theft and fraud in recognition of Identity Theft Awareness Week 2022. Identity ... Read more
Tools & Practices February 3, 2022 Cisco Releases Patches to Fix Multiple Critical Vulnerabilities in its Small Business Routers Cisco has released patches to fix 15 vulnerabilities in its Small Business V160, RV260, RV340, and RV345 Series Routers, several of which are critical flaws ... Read more
Tools & Practices February 3, 2022 Zoho Vault Review The Zoho Vault password manager is one of multiple productivity, collaboration, and online security products developed by the Zoho Corporation; but, whereas the provision of ... Read more
Tools & Practices February 3, 2022 NordPass Review Our NordPass review finds that the NordPass password manager is more than just an add-on for customers of NordVPN. NordPass can be used independently of ... Read more
Cyber Threats February 2, 2022 SEO Poisoning to Distribute Malware Disguised as Legitimate Software Installers Mandiant has identified a campaign that uses fake software installers for free productivity apps such as Zoom, Team Viewer, and Visual Studio to distribute Batloader, ... Read more
Insights February 1, 2022 Open Source Cybersecurity Examples While there are some excellent commercial “closed source” cybersecurity solutions available, it can be worthwhile exploring open source cybersecurity solutions – many of which can ... Read more
Insights February 1, 2022 Open Source Security Products for Identifying Vulnerabilities Not matter how carefully you create and monitor networks, systems, and applications, the likelihood is that vulnerabilities exist that could potentially be exploited by hackers. ... Read more
Cyber Threats February 1, 2022 Banking Trojan Masquerades as Android Password Security App A password security app that is available through the Google Play Store that has been downloaded more than 10,000 times is actually a malware dropper ... Read more
Cyber Threats February 1, 2022 8 Vulnerabilities Added to CISA’s Known Exploited Vulnerabilities Catalog The Cybersecurity and Infrastructure Security Agency (CISA) has added a further 8 actively exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog. These 8 vulnerabilities are ... Read more
Security Breaches January 28, 2022 January 28, 2022 is Data Privacy Day – A Day to Take Steps to Improve the Privacy of Personal Data Today is Data Privacy Day – An annual day with a focus on raising awareness of best practices for keeping personal data private and confidential ... Read more
Trends & Reports January 28, 2022 Utilities Urged to Improve Password Security Ransomware gangs often work with Initial Access Brokers (IABs) who provide access to organizations’ networks. IABs specialize in breaching organizations’ defenses, then sell access to ... Read more
Security Breaches January 27, 2022 QNAP: Immediate Action Required to Prevent Deadbolt Ransomware Attacks on NAS Devices QNAP, a Taiwanese manufacturer of network-attached storage (NAS) devices, has issued a warning to all customers to ensure they are running the latest software and ... Read more
Trends & Reports January 25, 2022 ITRC Says Record-breaking Numbers of Data Compromises Were Reported in 2021 New data from the Identity Theft Resource Center (ITRC) shows record numbers of data breaches were reported in 2021, beating the previous record of 1,506 ... Read more
Tools & Practices January 24, 2022 F5 Releases Patches to Fix 25 Vulnerabilities in its BIG-IP, BIG-IQ, and NGINX Solutions F5, the multi-cloud management and application delivery and security solution provider has released 25 patches to address vulnerabilities in its BIG-IP, BIG-IQ, and NGINX Controller ... Read more
Security Breaches January 22, 2022 Analysis of Brute Force Attacks Confirms Importance of Long Passwords and Complexity A researcher at Microsoft has recently conducted an analysis of more than 25 million brute force attack attempts that were identified across Microsoft’s sensor network ... Read more
Security Breaches January 21, 2022 FBI Shares IoCs Associated with Diavol Ransomware Attacks The Federal Bureau of Investigation (FBI) has issued a TLP:WHITE Flash Alert sharing indicators of compromise (IoCs) associated Diavol ransomware attacks and recommended mitigations. Diavol ... Read more
Security Breaches January 20, 2022 Prepare for Wiper Malware Attacks, Warns CISA A warning has been issued by the Cybersecurity and Infrastructure Security Agency (CISA) to organizations in the United States to take steps to strengthen their ... Read more