Advertisement

Microsoft  >  RDP | Remote Desktop Protocol vulnerabilities  >  caution / danger / admin login

Microsoft mitigation for new Exchange Server zero-day exploits can be bypassed

No permanent fix for the Exchange Server vulnerabilities is yet available, but other steps can mitigate the risk.


A user reviews data and statistical models. [analytics / analysis / tracking / monitoring / logging]

LiveAction adds new SOC-focused features to ThreatEye NDR platform

A SOC-specific user interface that supports analyst workflows and enhanced predicative threat intelligence capabilities are among the new features.


Digital bugs amid binary code. [security threats / malware / breach / hack / attack]

11 old software bugs that took way too long to squash

As these examples show, vulnerabilities can lurk within production code for years or decades—and attacks can come at any time.


Advertisement

backdoor / abstract security circuits, locks and data blocks

Cyberespionage group developed backdoors tailored for VMware ESXi hypervisors

A possibly new threat actor packaged and deployed backdoors as vSphere Installation Bundles, gaining remote code execution and persistence capabilities.


teamwork / developers / programmers / collaboration / conversation, discussion, gesturing

Enterprises embrace devsecops practices against supply chain attacks

Healthy developer-team culture and adherence to devsecops best practices to protect against supply chain attacks are surprisingly commonplace in today’s security environment, according to a report from Google Cloud's DORA research...


big data merger and acquisition big business smb

Top cybersecurity M&A deals for 2022

The hot cybersecurity mergers and acquisition market continues into 2022 as vendors look to solidify their positions and expand their offerings.


cso security malware breach hack alert gettyimages 1144604134 by solarseven 2400x1600px

Malware builder uses fresh tactics to hit victims with Agent Tesla RAT

A new malware campaign uses the recently discovered Quantum Builder and sophisticated tactics to deliver malicious payload.


Security threat [illustration]  >  A hacker with black hat, mask, and crowbar breaks into a laptop.

Most hackers need 5 hours or less to break into enterprise environments

A new survey of 300 ethical hackers provides insight into not only the most common means of initial access but how a complete end-to-end attack happens.


compliance compliant regulation rules stamp gdpr

UK ICO reprimands 7 organisations for failing to adhere to UK GDPR Subject Access Request laws

The Ministry of Defence, Home Office and Virgin Media among the organisations which have failed to respond to Subject Access Request in time, if at all.


eliminate insider threats 1

Recent cases highlight need for insider threat awareness and action

Insider threats can have a devastating impact even if the harm is unintentional. Here's advice to identify and mitigate insider threat risk.


Advertisement

international flags / global business discussion

22 notable government cybersecurity initiatives in 2022

Countries across the globe are taking on cybersecurity threats. Here are the most notable initiatives they've introduced in 2022.


post 3 image how hardened vms can help with cloud security 1

Cryptojacking, DDoS attacks increase in container-based cloud systems

Victims lose $53 for every $1 cryptojackers gain, according to a new report from Sysdig.


abstract collage of money with wall street finance

16 Wall Street firms fined $1.8B for using private text apps, lying about it

The banks and brokerages were fined because employees were messaging and texting with clients without recording the communications, as required. And some of the firms' execs lied about it and deleted messages.


Cyber warfare  >  Russian missile launcher / Russian flag / binary code

UK organizations, Ukraine's allies warned of potential "massive" cyberattacks by Russia

UK National Cyber Security Centre CEO Lindy Cameron reflects on Russia’s recent cyber activity as Ukraine warns its allies to prepare for cyberattacks targeting critical infrastructure.


hacker linkedin scam romance scam on social media phishing heart

How cybercriminals use public online and offline data to target employees

A LinkedIn post about getting a new job turned into a potential phishing scam. Similar incidents are more common than you might think.