Microsoft released patches fixing a pair of Exchange vulnerabilities revealed publicly in late September and collectively known as ProxyNotShell. The computing giant assesses with "medium confidence" that state-sponsored hackers have exploited the now-squashed bugs.
Malware activity has increased 28% since last year, and botnet and exploit activity are up over 100%, according to CyberTheory's 2022 Third Quarter Review. CyberTheory Director Steve King says "a new approach to cybersecurity defense" is needed to fight today's cybercrime.
Cybersecurity basics are still an overlooked ransomware defense, Lindy Cameron, CEO of the National Cyber Security Center, told the CyberScotland Summit in Scotland. "We still think that 90% of incidents in the U.K. could have been prevented if people had followed the basics," she said.
A surging Fortinet and Check Point have joined perennial stalwart Palo Alto atop the firewall Forrester Wave while Cisco slipped to the strong performers category. The leaderboard now belongs solely to pure-play cybersecurity vendors, with all three having at least 15 years of firewall experience.
DropBox is the latest company to have employees fall for phishing emails tricking them into supplying login credentials and a one time password to threat actors. Hackers got away with copies of 130 code repositories. The company says it's speeding up an internal transition to Web Authentication.
The United Kingdom's National Cyber Security Centre is scanning the British internet for vulnerabilities. "We're not trying to find vulnerabilities in the U.K. for some other, nefarious purpose," says the center, a part of signals intelligence agency Government Communications Headquarters.
A startup that was reportedly almost acquired by Palo Alto Networks for $600 million has instead raised $100 million to forge ahead on its own. App security vendor Apiiro plans to use the proceeds to strengthen its ability to analyze code and developer activities across the software supply chain.
Tributes are being paid to Vitali Kremez, who has died at the age of 34 in a suspected scuba-diving accident. The renowned threat intelligence expert, born in Belarus, had long tracked Russian cybercrime syndicates and was part of an ad hoc group established to counter ransomware and help victims.
The OpenSSL Project downgraded the urgency of a patch issued Tuesday after determining that the vulnerability is unlikely to be exploited in common situations. "It appears to be there would be an almost zero quantity of servers at risk," said a Sophos cybersecurity executive.
Should Australia's Medibank health insurer pay extortionists to prevent the release of sensitive medical documents related to millions of Australians? There's no easy answer to remedying what is the most severe cybercriminal incident in Australian history.
Software as a service - it's the new shadow IT, says Phyllis Woodruff of Global Payments. And it highlights the new challenges arising for security leaders overseeing their organizations' cloud migrations. She discusses how to make cloud "bulletproof" for business teams.
Many ransomware-wielding attackers - including big-name groups - have been collectively shooting themselves in the foot by resorting to "amateur" tactics, including decryptors that fail to decrypt as well as gangs re-extorting the same victims. Cue fewer victims opting to pay a ransom.
Customer engagement platform Twilio says the number of customers affected by a phishing campaign that coaxed employees of the San Francisco company into permitting attackers to bypass multifactor authentication protections will stand at a final tally of 209.
A surging Microsoft has leapfrogged to the top of the SIEM Gartner Magic Quadrant, catapulting past security operations stalwarts IBM, Splunk, Securonix and Exabeam. Microsoft has climbed from being named a visionary by Gartner last year to crushing the SIEM market in execution ability this year.
Elon Musk lugged a sink into Twitter headquarters to announce his takeover of the social network. But it will take more than a porcelain prop for the richest person in the world to successfully surmount the cybersecurity, legal, disinformation, regulatory and other challenges facing Twitter.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.