Advertisement

backdoor / abstract security circuits, locks and data blocks

Cyberespionage group developed backdoors tailored for VMware ESXi hypervisors

A possibly new threat actor packaged and deployed backdoors as vSphere Installation Bundles, gaining remote code execution and persistence capabilities.


teamwork / developers / programmers / collaboration / conversation, discussion, gesturing

Enterprises embrace devsecops practices against supply chain attacks

Healthy developer-team culture and adherence to devsecops best practices to protect against supply chain attacks are surprisingly commonplace in today’s security environment, according to a report from Google and Chainguard


big data merger and acquisition big business smb

Top cybersecurity M&A deals for 2022

The hot cybersecurity mergers and acquisition market continues into 2022 as vendors look to solidify their positions and expand their offerings.


Advertisement

cso security malware breach hack alert gettyimages 1144604134 by solarseven 2400x1600px

Malware builder uses fresh tactics to hit victims with Agent Tesla RAT

A new malware campaign uses the recently discovered Quantum Builder and sophisticated tactics to deliver malicious payload.


Security threat [illustration]  >  A hacker with black hat, mask, and crowbar breaks into a laptop.

Most hackers need 5 hours or less to break into enterprise environments

A new survey of 300 ethical hackers provides insight into not only the most common means of initial access but how a complete end-to-end attack happens.


eliminate insider threats 1

Recent cases highlight need for insider threat awareness and action

Insider threats can have a devastating impact even if the harm is unintentional. Here's advice to identify and mitigate insider threat risk.


international flags / global business discussion

22 notable government cybersecurity initiatives in 2022

Countries across the globe are taking on cybersecurity threats. Here are the most notable initiatives they've introduced in 2022.


post 3 image how hardened vms can help with cloud security 1

Cryptojacking, DDoS attacks increase in container-based cloud systems

Victims lose $53 for every $1 cryptojackers gain, according to a new report from Sysdig.


abstract collage of money with wall street finance

16 Wall Street firms fined $1.8B for using private text apps, lying about it

The banks and brokerages were fined because employees were messaging and texting with clients without recording the communications, as required. And some of the firms' execs lied about it and deleted messages.


Cyber warfare  >  Russian missile launcher / Russian flag / binary code

UK organizations, Ukraine's allies warned of potential "massive" cyberattacks by Russia

UK National Cyber Security Centre CEO Lindy Cameron reflects on Russia’s recent cyber activity as Ukraine warns its allies to prepare for cyberattacks targeting critical infrastructure.


Advertisement

hacker linkedin scam romance scam on social media phishing heart

How cybercriminals use public online and offline data to target employees

A LinkedIn post about getting a new job turned into a potential phishing scam. Similar incidents are more common than you might think.


windows 11 logo bloom

What are the new Windows 11 22H2 security features?

The September Windows 11 update add protections against malicious applications and drivers, phishing, credential misuse, and more.


security audit - risk assessment - network analysis

Zoho ManageEngine flaw is actively exploited, CISA warns

Threat actors are exploiting unpatched ManageEngine instances. CISA adds the vulnerability to its catalog and Zoho urges customers to check their deployments.


Industry 4.0 / Industrial IoT / Smart Factory / automation

US CISA/NSA release new OT/ICS security guidance, reveal 5 steps threat actors take to compromise assets

Advisory from the Cybersecurity and Infrastructure Security Agency and the National Security Agency outlines steps to protect operational technology and industrial control systems.


Cybersecurity  >  locked binary code
Apple Holic

Jamf buys ZecOps to bring high-end security to Apple enterprise

ZecOps protects world-leading enterprises, governments, and individuals; Jamf has acquired it to help secure the enterprise.