Security Breaches August 26, 2022 LastPass Hacked: Source Code Stolen LastPass, one of the world’s most popular password managers, has confirmed it has been hacked and portions of its source code have been stolen. Password ... Read more
Trends & Reports August 25, 2022 Claroty Reports 57% Increase in Disclosed XIoT Vulnerabilities in 1H, 2022 There was a 57% increase in reported vulnerabilities affecting extended Internet of things (XIoT) devices in the first half of 2022, compared to the last ... Read more
Security Breaches August 24, 2022 Residential Proxies Increasingly Used to Hide Credential Stuffing Attacks Cyber threat actors are increasingly using hacked residential routers to hide their credential stuffing attacks, according to a recent alert from the Federal Bureau of ... Read more
Trends & Reports August 23, 2022 U.S. Healthcare Provider Confirms Unauthorized Disclosure of 1.36 Million Patient Records to Meta A healthcare provider has confirmed the impermissible disclosure of patient information to Meta through the misconfiguration of Meta Pixel tracking code on its website. Earlier ... Read more
Cyber Threats August 19, 2022 2 ‘Actively Exploited’ RCE Vulnerabilities Patched in iPhones, iPads, iPods, and Macs Two critical zero-day vulnerabilities have been patched by Apple that may have been actively exploited in the wild. Exploitation of the flaws allows threat actors ... Read more
Cyber Threats August 19, 2022 IBM X-Force Provides Insights into the Rapidly Changing OT Threat Landscape IBM X-Force has analyzed data from its incident response and managed security services (MSS) and has provided valuable insights into the rapidly expanding operational technology ... Read more
Security Breaches August 18, 2022 Hackers are Actively Exploiting 5 Vulnerabilities in the Zimbra Collaboration Suite Five vulnerabilities have been identified in the Zimbra Collaboration Suite (ZCS) that are being actively exploited in the wild. The U.S. Cybersecurity and Infrastructure Security ... Read more
Compliance August 17, 2022 2022 Sees Major Increase in Malicious Browser Downloads According to Kaspersky, in H1, 2022, 1,300,000 attempts were made to install malicious browser extensions, which is a substantial increase from 2021, when 1,823,263 attempts ... Read more
Cyber Threats August 16, 2022 Microsoft Disrupts Ongoing Russia-Linked Phishing Campaign Microsoft has announced it has taken steps to disrupt phishing campaigns conducted by a Russia-linked threat actor tracked as SEABORGIUM. The threat actor originates from ... Read more
Trends & Reports August 15, 2022 How Do You Resolve the Issue of Password Apathy? Despite many advances in technology, one issue is undermining efforts to keep networks and accounts secure – password apathy. This is not a new issue, ... Read more
Security Breaches August 15, 2022 Conti Ransomware Groups Using Callback Phishing to Gain Access to Victims’ Networks Three groups that split from the Conti ransomware operation are primarily gaining access to victims’ networks using callback phishing tactics, according to cybersecurity firm AdvIntel. ... Read more
Security Breaches August 12, 2022 Ransomware Gangs are Weaponizing Their Stolen Data and Making BEC Attacks Easier Business email compromise (BEC) attacks have been increasing. According to the Federal Bureau of Investigation (FBI), BEC attacks are the costliest type of cybercrime and ... Read more
Security Breaches August 11, 2022 Ransomware Attack on CISCO Used an Employee’s Compromised Personal Google Account CISCO has confirmed that the initial access to its network in an attempted May 2022 ransomware attack was a compromised employee’s personal Google account. The ... Read more
Cyber Threats August 10, 2022 Microsoft Patches 121 Vulnerabilities Including an Actively Exploited 0-Day Bug Microsoft released updates to fix 121 CVEs on August 2022 Patch Tuesday, including two zero-day flaws, one of which is being actively exploited in the ... Read more
Security Breaches August 9, 2022 Sophisticated Twilio Smishing Attack Sees Accounts and Customer Data Compromised The digital communication platform provider Twilio has confirmed that multiple employees have been tricked into disclosing their account credentials in a smishing attack. Smishing is ... Read more
Security Breaches August 8, 2022 NHS 111 Services Disrupted by Cyberattack on Managed Service Provider The National Health Service (NHS) in the United Kingdom is currently dealing with a cyberattack on one of its managed service providers, Advanced. Birmingham-based Advanced ... Read more
Compliance August 8, 2022 Is FIDO Authentication as Effective as It Claims to Be? FIDO authentication protocols can be used as an alternative to passwords, and – in theory – they provide a fast and secure method for users ... Read more
Security Breaches August 4, 2022 97% of Top Universities Failing to Adequately Protect Against Email Impersonation Attacks Domain spoofing is a common tactic used by phishers to trick victims into believing they have received an official email from a trusted business or ... Read more
Security Breaches August 3, 2022 87% of Ransomware Uses Malicious Macros to Infect Devices Microsoft recently rolled out a new security feature that would block macros by default. There was a hiccup in that process, as Microsoft had to ... Read more
Tools & Practices August 1, 2022 Network of 11,000 Websites Used in Industrial Scale Fake Investment Scam A network of more than 11,000 websites being used for industrial-scale investment fraud has been uncovered by security researchers at Group IB. The scammers use ... Read more
Tools & Practices August 1, 2022 Why More Companies are Enforcing Mandatory 2FA Although the option to better protect accounts with Two-Factor Authentication (2FA) has been widely available for more than a decade, the low uptake on this ... Read more
Insights August 1, 2022 Spam Filtering Service All businesses should use a spam filtering service, the cost of which is likely to be recovered from the productivity gains that can be achieved ... Read more
Tools & Practices July 31, 2022 Password Management Best Practices Passwordless authentication is growing in popularity and is considered the future of authentication, but for the time being, passwords are here to stay. While passwords can ... Read more
Insights July 29, 2022 Cybersecurity Awareness Training Topics and Tips If you want to develop a security culture in your organization where every employee understands they have a role to play in cybersecurity, they always ... Read more
Security Breaches July 29, 2022 Data Breach Costs Reach Record High of $4.35 Million; $9.4m in the US The average cost of a data breach in 2022 has risen to $4.35 million and $9.4 million in the United States, according to the 2022 ... Read more
Security Breaches July 27, 2022 LinkedIn Remains the Most Impersonated Brand in Phishing Attacks The Q2, 2022 Brand Phishing Report from cybersecurity firm Check Point shows LinkedIn is still the most impersonated brand in phishing attempts, having first entered ... Read more
Cyber Threats July 25, 2022 Amadey Bot Malware Distributed via SmokeLoader using Software Cracking Software A malware distribution campaign has been detected by researchers at AhnLab that ultimately delivers Amadey Bot malware. Amadey Bot malware can steal information from infected ... Read more
Tools & Practices July 22, 2022 42% Of Americans Use the Same Password for Multiple Accounts A recent survey conducted on 2,000 Americans by OnePoll on behalf of AT&T has provided insights into the level of cybersecurity knowledge of Americans and ... Read more
Insights July 21, 2022 Best Practices for Choosing an Email Security Solution There are important things to consider when choosing an email security solution to ensure it meets the needs of your business. Most cybersecurity vendors offer ... Read more
Cyber Threats July 21, 2022 Flaws in Vehicle GPS Tracker Could be Exploited Remotely to Track and Disable Vehicles A popular GPS tracking device – MiCODUS MV720 GPS tracker – that is installed in vehicles to protect against theft and for vehicle fleet management ... Read more