Popular News
Top News
1 day ago Microsoft warns of credential-stealing NTLM relay attacks against Windows domain controllers
TechRepublic View Synopsis+1To ward off the attack known as PetitPotam, Microsoft advises you to disable NTLM authentication on your Windows domain controller.
1 day ago Apple Patches 'Actively Exploited' Mac, iOS Security Flaw
SecurityWeek View Synopsis+1Apple on Monday released a major security update with fixes for a security defect the company says "may have been actively exploited" to plant malware on macOS and iOS devices.
1 day ago Kaseya Says It Did Not Pay Ransom to Obtain Universal Decryptor
InfoRiskToday View Synopsis+1Software Firm Continues Helping Ransomware Victims to RecoverRemote management software company Kaseya said Monday that it obtained a universal decryptor key without paying a ransom to the REvil - aka Sodinokibi - gang that hit the firm with a ransomware attack. But it still has not revealed how it obtained the key, other that to say it was supplied by a third party.
1 day ago Kaseya denies paying ransom for decryptor, refuses comment on NDA
ZDNet View Synopsis+1The company was initially vague about how the universal decryption tool was obtained.
Latest News
30 minutes ago Kaseya's Unitrends Technology Has Zero-Day Flaws
InfoRiskToday View Synopsis+1Researchers Warn: Do Not Expose Technology to the InternetResearchers are warning of three zero-day vulnerabilities in Kaseya's Unitrends cloud-based enterprise backup and disaster recovery technology. The news comes after a July 2 ransomware attack exploiting flaws in Kaseya's VSA software had a major impact.
30 minutes ago Biden Calls for Critical Infrastructure Security Standards
InfoRiskToday View Synopsis+1National Security Memo Requires NIST, CISA to Create Standards, But Compliance VoluntaryPresident Joe Biden signed an executive national security memorandum on Wednesday calling for the development of new critical infrastructure cybersecurity standards for various industries. CISA and NIST will develop the standards, and compliance will be voluntary - at least initially.
1 hour ago Data breach costs hit record high due to pandemic
TechRepublic View Synopsis+1The average cost of a data breach among companies surveyed for IBM Security reached $4.24 million per incident, the highest in 17 years.
1 hour ago US Acting to Better Protect Infrastructure From Cyberthreats
SecurityWeek View Synopsis+1The Biden administration is taking steps to harden cybersecurity defenses for critical infrastructure, announcing on Wednesday the development of performance goals and a voluntary public-private partnership to protect core sectors.
1 hour ago Average organization targeted by over 700 social engineering attacks each year: report
ZDNet View Synopsis+1According to a new Barracuda study, IT staffers receive an average of 40 targeted phishing attacks in a year.
2 hours ago How the Dark Web enables access to corporate networks
TechRepublic View Synopsis+1The number of ads selling access to corporate networks has continued to increase from 2019 to 2020 and into 2021, says Positive Technologies.
3 hours ago Foxit Plugs Multiple Security Holes in PDF Reader, Editor
SecurityWeek View Synopsis+1Foxit Software this week released security updates for its PDF Reader and PDF Editor applications, to address multiple vulnerabilities, including some leading to remote code execution.
3 hours ago US Gov Warning: VPN, Network Perimeter Product Flaws Under Constant Attack
SecurityWeek View Synopsis+1The U.S. government and its allies are pleading with defenders to pay attention to gaping holes in perimeter-type devices, warning that advanced threat actors are feasting on known security defects in VPN appliances, network product gateways and enterprise cloud applications.
3 hours ago Tips on Recruiting, Retaining Cybersecurity Staff
InfoRiskToday View Synopsis+1Professor Keith Martin Offers InsightsTo recruit and retain cybersecurity specialists, organizations must "stop expecting people just to be sort of 'focused monkeys' and doing one particular task and turning the handle," says Keith Martin, professor of information security at Royal Holloway University in the U.K.
5 hours ago One third of cybersecurity workers have faced harassment at work or online - this initiative aims to stamp it out
ZDNet View Synopsis+1Respect In Security is encouraging organisations to create a workplace free from abuse.
5 hours ago Get patching: US, UK, and Australia issue joint advisory on top 30 exploited vulnerabilities
ZDNet View Synopsis+1Majority of top vulnerabilities targeted last year were disclosed in the past two years, agencies from the United States, United Kingdom, and Australia have said, with Microsoft Office CVE dating from 2017.
