Compliance September 15, 2021 2 0day Flaws Among 86 Vulnerabilities Patched by Microsoft on September Patch Tuesday Microsoft released patches to correct 86 flaws across its product range on September 2021 Patch Tuesday, including fixes for two zero-day bugs. 3 of the ... Read more
Compliance September 14, 2021 Apple Issues Security Updates to Fix Zero-Click Zero-Day Flaw Used to Deliver Pegasus Spyware Apple has issued a security update to fix two zero-day vulnerabilities, one of which has been exploited by NSO Group to deliver Pegasus spyware. CVE-2021-30858 ... Read more
Compliance September 13, 2021 Exclaimer Mail Archiver Discontinued Earlier this year, Exclaimer announced that the Exclaimer Mail Archiver has been discontinued, with the product reaching end-of-life on July 1, 2021. The Exclaimer Mail ... Read more
Security Breaches September 13, 2021 Olympus Investigating Potential BlackMatter Ransomware Attack The technology firm Olympus is investigating a cybersecurity incident that has affected IT systems used in the EMEA region. Olympus issued a statement confirming suspicious ... Read more
Security Breaches September 10, 2021 Cyberattacks on IoT Devices More Than Double in a Year A new report from Kaspersky found attacks on Internet-of-Things (IoT) devices have more than doubled since 2020, as cyber threat actors are increasingly turning their ... Read more
Security Breaches September 6, 2021 9 Out of 10 Industrial Companies Vulnerable to Cyberattacks A recent study conducted by Positive Technologies has revealed 91% of industrial companies are vulnerable to cyberattacks. Positive Technologies’ penetration testers determined vulnerabilities had not ... Read more
Compliance September 3, 2021 ProxyToken Microsoft Exchange Server Flaw Allows Emails to be Stolen An information-disclosure vulnerability dubbed ProxyToken has been identified in Microsoft Exchange Server that could be exploited by a threat actor to gain access to highly ... Read more
Trends & Reports September 1, 2021 What is a Good Exclaimer Mail Archiver Alternative? Now that the Exclaimer Mail Archiver has reached end of life it is time to consider an Exclaimer Mail Archiver alternative. When software reaches end ... Read more
Trends & Reports September 1, 2021 CISA Adds Single-Factor Authentication for Remote and Administrative Access to Cybersecurity Bad Practices Catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its list of cybersecurity bad practices that should be avoided. The Bad Practices Catalog was ... Read more
Insights August 31, 2021 Microsoft 365 Email Spam Filtering How effective is Microsoft 365 email spam filtering and is it possible to improve the Microsoft 365 email spam filters to block more email threats? In ... Read more
Cyber Threats August 31, 2021 CISA: Address Microsoft Azure Cosmos DB Vulnerability Now The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging all public and private sector organizations to address a recently discovered vulnerability in the Jupyter ... Read more
Security Breaches August 27, 2021 FBI Warns of Increasing Hive Ransomware Attacks The Federal Bureau of Investigation (FBI) is warning businesses about a new ransomware threat that is being using in an increasing number of attacks. Hive ... Read more
Security Breaches August 25, 2021 38 Million Records Exposed Online Due to Default Settings in Microsoft App Building Tool Researchers at UpGuard have discovered a huge amount of sensitive data have been exposed over the Internet due to default permissions not being changed on ... Read more
Compliance August 24, 2021 Zero-Day Flaw Provides Admin Privileges on Windows 10 When Plugging in a Razer Mouse Gaining SYSTEM rights on a Windows 10 computer is as simple as plugging in a Razer mouse or keyboard, due to a zero-day flaw in ... Read more
Security Breaches August 23, 2021 Nigerian Threat Actor Tries to Recruit Disgruntled Employees to Conduct a Ransomware Attack on Their Employer Researchers at Abnormal Security have identified an email campaign run by a Nigerian threat group that is advertising for individuals to take part in ransomware ... Read more
Security Breaches August 20, 2021 CISA Publishes Guidance on Protecting Sensitive Data from Ransomware-Caused Data Breaches The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published new guidance to help public and private sector organizations deal with the increasing ransomware threat, ... Read more
Cyber Threats August 19, 2021 Phishing Costs Large U.S. Companies $14.8 Million a Year The cost of phishing attacks has risen fourfold over the past 6 according to the 2021 Cost of Phishing Report published by Proofpoint. Large companies ... Read more
Tools & Practices August 18, 2021 Adobe Patches Critical Flaws in Photoshop, Media Encoder, Bridge and XMP-Toolkit-SDK Adobe has issued security updates and patches to correct critical vulnerabilities in several of its products. The out-of-band patches cover multiple flaws across Adobe Photoshop, ... Read more
Security Breaches August 17, 2021 Millions of IoT Devices Affected by Critical Security Flaw that Allows Hackers to Eavesdrop A critical security flaw has been identified in ThroughTek’s Kalay IoT cloud platform which could be exploited by remote attackers to intercept live video and ... Read more
Security Breaches August 16, 2021 T-Mobile Investigating Potential Breach of Data of Millions of Customers On Friday August 14, 2021, a cyber threat actor listed a stolen database for sale on a hacking forum which includes data from a recent ... Read more
Security Breaches August 13, 2021 Ransomware Gangs Start Exploiting PrintNightmare Vulnerabilities Cyber threat actors have started exploiting the recently disclosed “PrintNightmare” vulnerabilities in ransomware attacks on unpatched Windows servers. The PrintNightmare vulnerabilities include CVE-2021-1675, which is ... Read more
Security Breaches August 11, 2021 New Ransomware cum Wiper Malware Under Active Development Chaos ransomware is a new malware variant under active development that has been advertised on an underground forum and made available for testing, according to ... Read more
Tools & Practices August 10, 2021 Microsoft Patches 51 Vulnerabilities on August Patch Tuesday, including 3 Zero-Days On August Patch Tuesday, Microsoft released patches to fix 51 vulnerabilities across its product range, including 7 critical flaws, 37 vulnerabilities rated important, and three ... Read more
Trends & Reports August 10, 2021 Microsoft Issues Another Fix to Correct PrintNightmare Vulnerabilities Microsoft has issued another update to correct vulnerabilities in its Print Spooler service known as PrintNightmare. These vulnerabilities can be exploited to achieve privilege escalation ... Read more
Compliance August 10, 2021 NCSC Recommends Against Arbitrary Password Complexity Requirements The UK National Cyber Security Centre (NCSC) has made new recommendations for password creation that are intended to ensure passwords meet requirements for complexity while ... Read more
Security Breaches August 9, 2021 Threat Actor Actively Scanning for Microsoft Exchange Servers Vulnerable to ProxyShell Attacks A warning has been issued after hackers have been identified scanning for ProxyShell remote code execution vulnerabilities in Microsoft Exchange, following the recent disclosure of ... Read more
Security Breaches August 6, 2021 73% of Organizations Suffered a Phishing Related Data Breach in the Past Year Almost three quarters (73%) of organizations in the United States and United Kingdom suffered a data breach in the past 12 months as a result ... Read more
Tools & Practices August 5, 2021 NSA/CISA Publish Guidance on Improving Kubernetes Security The U.S. National Security Agency (NSA) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued new guidance on improving Kubernetes security. The guidance document ... Read more
Compliance August 4, 2021 Critical PwnedPiper Flaws Affect Pneumatic Tube Systems in 3,000 Hospitals Pneumatic tube systems are used by many businesses for transporting small items around facilities, including healthcare. In hospitals these systems are extensively used for delivering ... Read more
Security Breaches August 3, 2021 More Ransomware Attempts Recorded in First Half of 2021 Than in all of 2020 Ransomware attacks increased significantly in 2020. The cyber-intelligence firm Group-IB estimated attacks had increased by more than 150% in 2020. Now, a new report from ... Read more