Security Breaches March 22, 2021 Acer Ransomware Attack: $50 Million Ransom Demand Issued The REvil ransomware gang gained access to the systems of the Taiwanese computer giant Acer and stole sensitive data before encrypting data. It has been ... Read more
Compliance March 19, 2021 Internet Crime Complaints Increased by 69% in 2020 with $4.2 Billion in Losses to Cybercrime During the pandemic, cybercriminals stepped up their attacks on businesses and individuals and record numbers of complaints about cybercrime were filed with the Federal Bureau ... Read more
Security Breaches March 18, 2021 Pysa Ransomware Gang Targeting Education Sector, Warns FBI The FBI has issued an alert following a surge in Pysa ransomware attacks on K-12 schools and higher education institutions. The Pysa (Mespinoza) ransomware gang ... Read more
Cyber Threats March 16, 2021 Google Fixes Actively Exploited Zero Day Vulnerability in the Chrome Browser Google has patched a zero-day vulnerability in its Chrome browser for Mac, Windows, and Linux. The vulnerability, which is the second zero-day to be patched ... Read more
Cyber Threats March 12, 2021 TrickBot Becomes Biggest Malware Threat Following Emotet Takedown The Emotet botnet was the biggest malware threat until a joint law enforcement operation succeeded in taking the botnet down. Emotet was primarily used as ... Read more
Tools & Practices March 11, 2021 Patch Critical BIG-IP and BIG-IQ Vulnerabilities Now, Warns F5 Networks On March 10, 2021, F5 Networks released updated software to fix 7 vulnerabilities in BIG-IP and BIG-IQ systems, 4 of which are rated critical, 2 ... Read more
Security Breaches March 10, 2021 Hacking Collective Accesses Live and Archived Feeds from 150,000 Verkada Security Cameras Verkada, a California-based provider of enterprise video security cameras is investigating a hacking incident which saw hackers gain access to the video footage of its ... Read more
Cyber Threats March 9, 2021 Microsoft Fixes 82 Vulnerabilities on March 2021 Patch Tuesday Including One Actively Exploited 0Day Flaw March 2021 Patch Tuesday saw Microsoft deliver patches for 82 vulnerabilities across its product range, including fixes for 10 critical flaws and 2 zero-day vulnerabilities ... Read more
Security Breaches March 8, 2021 SITA Passenger Service System Data Breach Impacts Multiple Air Carriers SITA, a global provider of communication and IT solutions to the aviation industry, has suffered a breach of servers used for its Passenger Service System ... Read more
Cyber Threats March 4, 2021 Multiple Threat Groups Now Exploiting Microsoft Exchange Server Zero-Day Flaws Multiple threat groups have been observed exploiting the four zero-day vulnerabilities in Microsoft Exchange Server that were patched earlier this week. Microsoft announced the four ... Read more
Cyber Threats March 3, 2021 Microsoft Releases Out of Band Security Updates to Fix Actively Exploited Microsoft Exchange Server Flaws Microsoft has released patches to correct four zero-day vulnerabilities in Microsoft Exchange Server that are currently being chained together and exploited by a sophisticated Chinese ... Read more
Cyber Threats March 2, 2021 Spear Phishing Campaign by Lazarus APT Group Targeting Defense Companies Security researchers at Kaspersky ICS CERT have identified a spear phishing campaign targeting defense companies that delivers an advanced malware dubbed ThreatNeedle. The campaign has ... Read more
Security Breaches March 1, 2021 Ryuk Ransomware Update Adds Worm-Like Capabilities A new variant of Ryuk ransomware has been detected with worm-like capabilities that allow it to spread laterally within an infected network with no human ... Read more
Security Breaches February 26, 2021 Hackers Actively Scanning for Vulnerable VMware Servers after Publication of PoC Exploit Code Scans are currently being conducted to identify VMware vCenter servers that have not been patched, following the publication of Proof-of-Concept (PoC) exploits for a vulnerability ... Read more
Tools & Practices February 26, 2021 TitanHQ Collects Multiple 2021 Expert Insights Best-of Awards Three TitanHQ cybersecurity solutions have been named winners in the Expert Insights’ 2021 “Best-Of” Awards in the Email Security Gateway, Web Security, and Email Archiving ... Read more
Compliance February 25, 2021 Cisco Patches Critical Flaws in its Application Services Engine and ACI Multi-Site Orchestrator Cisco has released a patch to address a critical flaw in the API endpoint of the Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application ... Read more
Trends & Reports February 24, 2021 Trend Micro Reports 20% Increase in Blocked Threats in 2020 Trend Micro reports a 20% increase in the number of threats it identified and blocked in 2020. In total, 62.6 billion threats were blocked at ... Read more
Security Breaches February 23, 2021 Accellion FTA Extortion Attacks Linked to FIN11 and CL0P Ransomware Gang In mid-December, threat actors started exploiting zero-day vulnerabilities in the Accellion File Transfer Appliance (FTA) product, and over the next few weeks it became apparent ... Read more
Security Breaches February 22, 2021 Phishing Attacks Detected Using Malformed URL Prefix A new phishing campaign has been detected that uses malformed URL prefixes to bypass email security solutions and fool individuals into disclosing their login credentials. ... Read more
Security Breaches February 19, 2021 US. Department of Justice Indicts 3 Alleged Members of North Korean Lazarus Hacking Group This week, the U.S. Department of Justice announced that three North Korean intelligence officials have been indicted for their role in a slew of destructive ... Read more
Cyber Threats February 17, 2021 Malvertising Gang Exploited WebKit Zero Day to Redirect Web Visitors to Scam Sites An unpatched zero-day vulnerability in WebKit-based browsers has been exploited by a threat group to redirect website visitors to scam sites for at least 8 ... Read more
Security Breaches February 16, 2021 Microsoft: Over 1,000 Hackers Suspected to be Involved in SolarWinds Hack Microsoft President Brad Smith recently claimed the SolarWinds supply chain attack was “the largest and most sophisticated attack the world has ever seen” and may ... Read more
Security Breaches February 15, 2021 Egregor Ransomware Operation Disrupted and Several Arrest Made Several suspected members of the Egregor ransomware operation have been arrested in Ukraine, according to the news outlet France Inter. The arrests were made as ... Read more
Security Breaches February 11, 2021 Ethical Hacker Breached 35 Companies Including PayPal, Microsoft, and Apple An ethical hacker developed a novel supply chain attack that allowed him to gain access to the systems of more than 35 technology companies, including ... Read more
Compliance February 10, 2021 Microsoft Fixes 56 Flaws on February 2021 Patch Tuesday Including 1 Zero Day Compared to previous months, February 2021 Patch Tuesday saw relatively few patches released by Microsoft to correct flaws across its range of products, although several ... Read more
Cyber Threats February 10, 2021 Adobe Patches 50 Vulnerabilities Including 1 Actively Exploited Adobe Reader Bug On February 2021 Patch Tuesday Adobe released patches to correct 50 vulnerabilities across its range of products, including 34 critical severity flaws, one of which ... Read more
Security Breaches February 9, 2021 RDP Attacks Increased by 768% in 2020 and Remain a Key Attack Vector The COVID-19 pandemic forced businesses to move to a largely remote workforce and cybercriminals took advantage by targeting vulnerabilities in Remote Desktop Protocol (RDP). Between ... Read more
Security Breaches February 8, 2021 Hackers Steal Source Code of Stormshield Firewall Products Stormshield, one of the leading French cybersecurity firms, has announced it has suffered a cyberattack in which the attackers gained access to its support ticket ... Read more
Compliance February 5, 2021 U.S. Companies Slow to Terminate Access to Systems When Employees Leave the Company When an employee is terminated or leaves a company for other reasons, access to systems should be immediately revoked, but in the U.S., many companies ... Read more
Security Breaches February 4, 2021 Ransomware Attacks Most Commonly Start with Phishing and 70% Involve Data Exfiltration The Q4, 2020 Quarterly Ransomware Report from Coveware shows there has been a marked decline in the number of companies paying ransoms to recover data ... Read more