Threats & Malware, Vulnerabilities
May 12, 2022
Via: Security WeekThe two vulnerabilities are tracked as CVE-2021-3808 and CVE-2021-3809 and have a CVSS score of 8.8. HP has credited Nicholas Starke of Aruba Threat Labs and a researcher who uses the online moniker “yngweijw” for reporting these bugs, but did […]
Threats & Malware, Vulnerabilities
October 14, 2021
Via: Help Net SecurityContinuity issued a research report which provided an analysis of the vulnerabilities and misconfigurations of enterprise storage systems. The findings revealed that storage systems have a significantly weaker security posture than the other two layers of IT infrastructure: compute or […]
June 23, 2021
Via: Security WeekCybersecurity has been a priority for organizations for many years. According to Gartner, organizations are expected to spend $150.4 million on IT security and risk management technologies in 2021, which would reflect a 12.4 percent increase compared to 2020. Yet, […]
May 18, 2021
Via: Security WeekApple’s Platform Security Guide contains detailed technical information on the security technologies and features implemented in its products. The first guide was released in 2015, but it only covered the iOS operating system. In its current form, the guide also […]
Threats & Malware, Vulnerabilities
May 5, 2021
Via: DataBreach TodayDell has patched five flaws in a vulnerable firmware update driver that has shipped in millions of laptops, tablets and desktops since 2009. The vulnerabilities have been assigned a single CVE, CVE-2021-21551, and they have a CVSS score of 8.8. […]
Cyber warfare, Cyber-crime, Malware
March 11, 2021
Via: DataBreach TodayPolice say they have disrupted Sky ECC, a global encrypted communications network allegedly used by numerous criminals to plan their operations. Law enforcement authorities say Sky’s cryptophone service, which includes both infrastructure and apps, is run from the United States […]
Threats & Malware, Virus & Malware
February 9, 2021
Via: Security WeekThe factsheet has been developed by an interagency group of experts in ransomware, from more than 15 government agencies, and is meant to help increase awareness on the threat that ransomware poses to critical infrastructure. The two-page document explains that, […]
February 3, 2021
Via: DataBreach TodayData breaches often turn out to be worse than they first appear, as investigators begin probing exactly what happened and when. The massive SolarWinds supply chain attack, which was identified by FireEye in December 2020 after it traced back a […]
January 20, 2021
Via: Security WeekMalwarebytes says it has not used any SolarWinds products, but its investigation revealed that the threat actor gained access to some of its systems by abusing applications with privileged access to Microsoft 365 and Azure environments. “After an extensive investigation, […]
January 15, 2021
Via: DataBreach TodayThe Scottish Environment Protection Agency says a ransomware attack last month continues to cause serious outages and warns that ransom-demanding attackers also stole some data. SEPA is the Scottish government’s principal environmental regulator, charged with protecting the nation’s environment. The […]
Application security, Security, Threats & Malware, Vulnerabilities
January 4, 2021
Via: Security WeekAt 7:15AM PST, the San Francisco, Calif.-based Slack confirmed users were “having trouble loading channels or connecting to Slack.” No other details were provided on the cause of the outage. Here’s the latest word from Slack: “Customers may have trouble […]
December 8, 2020
Via: DataBreach TodayPresident Donald Trump on Friday signed into law the Internet of Things Cybersecurity Improvement Act of 2020, the first U.S. federal law addressing IoT security. The act requires that federal agencies only procure devices that meet minimum cybersecurity standards and […]
Application security, Mobile, Mobile security, Security
November 6, 2020
Via: DataBreach TodayApple issued an update for iOS and iPadOS on Thursday that fixes three zero-day flaws found by Google’s Project Zero bug-hunting team and a range of other security-related flaws. All three of the bugs found by Project Zero are being […]
November 5, 2020
Via: Panda SecurityFollowing World War II, the technological and arms race that began between the United States and the Soviet Union became known as the Cold War. The Cold War nowadays has entered into a new phase: cyberwarfare. Technology is increasingly being […]
Threats & Malware, Vulnerabilities
October 29, 2020
Via: Security WeekThe new built-in report complements existing Microsoft Defender for Endpoint (previously known as Microsoft Defender Advanced Threat Protection) threat and vulnerability management capabilities and is catered for those looking to gain insights on devices that pose potential risks due to […]
October 15, 2020
Via: The HillAround half of states typically considered battleground states are facing cybersecurity challenges that put them at increased risk of a cybersecurity breach, a study released Thursday found. IT security group SecurityScorecard evaluated and ranked all U.S. states and territories on […]
September 30, 2020
Via: CSO OnlineThe entire US economy and government were forced to shut down in-person facilities and operations almost overnight in March as COVID quarantines began. The new conditions forced organizations to quickly find ways to secure tens of millions of new, vulnerable […]
Network security, Security, Threats & Malware, Virus & Malware
September 28, 2020
Via: DataBreach TodayAn internet-connected coffee machine is the latest IoT device to show security problems. The security firm Avast infected the Smarter Coffee machine with ransomware that causes uncontrollable spinning of its grinder and dispensing of hot water. The only option to […]
Threats & Malware, Virus & Malware
September 17, 2020
Via: Security WeekAimed at providing high-risk users such as politicians and their staff, business executives, journalists, and activists with an additional layer of protection for their accounts, the Advanced Protection Program was launched in October 2017. Any user can enroll to take […]
September 1, 2020
Via: DataBreach TodayA $5 million lawsuit seeking class action status has been filed against Morgan Stanley, claiming the financial organization failed to properly safeguard personally identifiable information when the company discarded old computer equipment. The suit is being brought by Morgan Stanley […]