Tools & Practices January 19, 2022 Password Boss Review Although Password Boss is allegedly “built for MSPs by an MSP”, our Password Boss review looks at the password manager from the perspective of individuals, ... Read more
Security Breaches January 19, 2022 Almost 6 Billion Credentials Were Leaked Online in 2021 A new report from Atlas VPN has revealed nearly 6 billion accounts were affected by data leaks and data breaches in 2021, which made 2021 ... Read more
Security Breaches January 19, 2022 Accellion Proposes $8.1 Million Settlement to Resolve Class Action Data Breach Lawsuit Accellion has proposed an $8.1 million settlement to resolve a class action data breach lawsuit related to the December 2020 cyberattack on its legacy File ... Read more
Cyber Threats January 18, 2022 DHL Was the Most Imitated Brand in Phishing Campaigns in Q4, 2021 A recent report from the cybersecurity firm Check Point has revealed DHL was the most impersonated brand in phishing attacks in Q4, 2021, overtaking Microsoft. ... Read more
Tools & Practices January 18, 2022 Padloc Review The inclusion of a Padloc review in our password manager review series is attributable to the growing number of open source password managers on the ... Read more
Security Breaches January 17, 2022 New Wiper Malware Was Used in Recent Cyberattacks in Ukraine Last week, Ukraine experienced a massive cyberattack that affected around 70 government websites, including those of the Ministry of Foreign Affairs and the education ministry. ... Read more
Security Breaches January 14, 2022 14 REvil Ransomware Gang Members Arrested by Russian Government The Federal Security Service (FSB) of the Russian Federation has announced 14 individuals suspected of being part of the notorious REvil ransomware operation have been ... Read more
Security Breaches January 14, 2022 New York Attorney General Issues Business Guide for Credential Stuffing Attacks The Bureau of Internet and Technology at the Office of the New York State Attorney General (OAG) has issued a Business Guide for Credential Stuffing ... Read more
Cyber Threats January 11, 2022 Purple Fox Malware Being Delivered Disguised as a Telegram Installer Threat actors often add malware to software installers, so it is no surprise that researchers at Minerva Labs have discovered installers for legitimate software being ... Read more
Compliance January 10, 2022 Developer Changes Open Source Libraries Corrupting Thousands of Applications The developer of two widely used open-source libraries has intentionally added an update to brick the many thousands of applications that depend on those libraries. ... Read more
Security Breaches January 10, 2022 How Do Hackers Steal Passwords? You often hear about cyberattacks that utilized stolen credentials to gain access to business networks, but how do hackers steal passwords? In this article, we ... Read more
Tools & Practices January 6, 2022 Google Announces the Acquisition of the Israeli Cybersecurity Company Siemplify Google has confirmed the acquisition of the Israeli cybersecurity firm Siemplify as it continues its push into the cloud-based and enterprise cybersecurity market. Siemplify was ... Read more
Compliance January 4, 2022 1.3 Million Record Data Breach Reported By Florida’s Broward Health A major data breach was reported by Florida’s Broward Health on January 1, 2022, that involved the personal and protected health information of more than ... Read more
Tools & Practices January 4, 2022 LogMeOnce Review The LogMeOnce password manager claims to provide “password security with convenience”; however, as our LogMeOnce review demonstrates, there can be circumstances in which this password ... Read more
Insights January 4, 2022 Open Source Security Applications for Password Management There are several open source security applications for password management that can be used to fix a common weakness in security defenses – the use ... Read more
Insights January 4, 2022 Open Source Security Solutions Businesses now face a wide range of security threats, and cyberattacks are becoming more sophisticated by the day. To defend against these threats, businesses need ... Read more
Insights January 4, 2022 Open Source Security Testing Tools There are many open source security testing tools available to IT professionals that can be used to identify security gaps and discover vulnerabilities before they ... Read more
Insights January 4, 2022 Open Source Security Standards Open source security solutions have many benefits, one of the main being the source code is available to anyone to review, which is good for ... Read more
Insights January 4, 2022 Open Source Security Information Management Open source security information management is an open source system of tools to help network administrators with intrusion detection and prevention. A common problem faced ... Read more
Tools & Practices January 3, 2022 Patch Released to Fix Year 2022 Bug in Microsoft Exchange Microsoft has issued an update to fix a year 2022 bug in MS Exchange that has been causing on-premises Exchange servers to stop delivering emails. ... Read more
Compliance December 31, 2021 Major Healthcare Data Breaches Reported in December 2021 2021 has been a particularly bad year for healthcare data breaches and the attacks did not let up in December. 4 major healthcare data breaches ... Read more
Cyber Threats December 31, 2021 Redline Malware Used to Steal Passwords from Browsers and Corporate VPNs Redline malware is now the most commonly used information stealer and is being used in attacks on businesses and consumers. Redline malware first appeared in ... Read more
Security Breaches December 30, 2021 LastPass Denies Data Breach After Users Claim Their Master Passwords Were Used to Access Their Vaults Several LastPass users have claimed their master passwords have been used by unauthorized individuals to access their password vaults, including individuals who claim never to ... Read more
Cyber Threats December 29, 2021 New RCE Vulnerability Patched in Log4j Version 2.17.1 Another remote code execution vulnerability has been identified in the Log4j Java-based logging utility, this time in version 2.17.0. Several vulnerabilities in Log4j have been ... Read more
Cyber Threats December 24, 2021 Log4J Vulnerability Scanning Tool Released by CISA The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a scanner that can be used to identify web services affected by the two recently ... Read more
Cyber Threats December 23, 2021 3 Million Websites Vulnerable to Critical Vulnerability in All in One SEO WordPress Plugin Two vulnerabilities have been identified in the All in One SEO plugin for WordPress, that could be chained and exploited allowing a full site takeover. ... Read more
Tools & Practices December 22, 2021 Microsoft Urges Customers to Patch These 2 Active Directory Vulnerabilities On November 2021 Patch Tuesday Microsoft released patches to fix two vulnerabilities in Active Directory that can be exploited to gain administrative AD privileges if ... Read more
Trends & Reports December 20, 2021 Log4j Version 2.17.0 released to Address High Severity DoS Bug The patch (version 2.15.0) to fix the critical Log4Shell vulnerability in the Log4j Java-based logging utility (CVE-2021-44228) did not fully correct the vulnerability and certain ... Read more
Cyber Threats December 16, 2021 APT Actors and Access Brokers Actively Exploiting Log4j Zero-day Microsoft has issued a warning that multiple threat actors have been scanning for systems that have not had the Log4j zero-day vulnerability (CVE-2021-44228) patched and ... Read more
Compliance December 15, 2021 LastPass Splits from LogMeIn to Become Independent Company Again LogMeIn has announced that the password management company LastPass, which LogMeIn acquired in October 2015 for $125 million, will become an independent company once again. ... Read more