CSO Magazine

APRIL 27, 2022

The 2022 RSA Security Conference is just weeks away, and the security diaspora is boosted and ready to meet in person at the Moscone Center in San Francisco. While we’ve certainly accomplished a lot working remotely over the past 2 years, cybersecurity remains in a precarious position in 2022, so an industry huddle is in order.

CISO 86

CISO Security Defenses Technology Cybersecurity 86

eSecurity Planet

APRIL 29, 2024

April 22, 2024 CISA Adds 2022 Windows Print Spooler Vulnerability to KEV Catalog Type of vulnerability: Elevation of privilege. Although fixed in the October 2022 updates, Microsoft notes that the zero-day vulnerability may have been exploited as early as April 2019.

Firewall 110

Firewall Software Ransomware Penetration Testing 110

Security Affairs

JULY 14, 2023

BlackLotus is the first UEFI bootkit that is able to bypass the security feature on fully up-to-date Windows 11 systems. The BlackLotus malware is a UEFI bootkit that is available for sale on hacking forums since at least October 2022. Exploiting CVE-2022-21894 to bypass the Secure Boot feature and install the bootkit.

Firmware 95

Firmware Malware CISO Hacking 95

CyberSecurity Insiders

JULY 6, 2021

And as per the notification issued on an official note, experienced analogue workers will be available to help security, defense, development and foreign policy sectors on 24×7 basis to boost resiliency of UK’s critical digital infrastructure from September 2022.

Ransomware 120

Ransomware Security Defenses Cyber Attacks Encryption 120

Security Affairs

NOVEMBER 3, 2022

Further evidence linking the two includes IP addresses and specific TTPs (tactics, techniques, and procedures) used by FIN7 in early 2022 and seen months later in actual Black Basta attacks. Black Basta has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. .

Cybercrime 90

Cybercrime Ransomware Antivirus Malware 90

Security Affairs

MARCH 1, 2023

BlackLotus is the first UEFI bootkit that is able to bypass the security feature on fully up-to-date Windows 11 systems. The BlackLotus malware is a UEFI bootkit that is available for sale on hacking forums since at least October 2022. wrote Scott Scheferman from firmware security firm Eclypsium.

Firmware 92

Firmware Malware Hacking Security Defenses 92

eSecurity Planet

FEBRUARY 5, 2024

The problem: CVE-2022-48618 (CVSS score: 7.8) Despite Apple’s December 2022 patch, the flaw’s public disclosure a year later exposes possible vulnerabilities in devices running versions prior to iOS 15.7.1, The fix: Apply the issued patches starting December 13, 2022, by updating to iOS 16.2, macOS Ventura 13.1,

Risk 110

Risk Penetration Testing Authentication Software 110

SecureWorld News

APRIL 29, 2022

Some believe it should be a requirement for organizations to have in the event of a cyberattack, while others might prefer to rely on their security defenses and avoid paying a costly rate. Researchers say that cyber insurance rates increased by a whopping 110% in the United States in the first quarter of 2022.

Cyber Insurance 80

Cyber Insurance Insurance Cyber Risk Security Defenses 80

Security Affairs

APRIL 10, 2023

MERCURY (aka MuddyWater , SeedWorm and TEMP.Zagros ) has been active since at least 2017, in January 2022 the USCYBERCOM has officially linked the Iran-linked APT group to Iran’s Ministry of Intelligence and Security (MOIS). The attackers were able to interfere with security tools using Group Policy Objects (GPO).

Ransomware 83

Ransomware Cybercrime VPN Education 83

eSecurity Planet

JANUARY 8, 2024

The problem: Ivanti announced CVE-2023-39336 that affects all versions of EPM prior to and including 2022 SU4. The fix: Update to 2022 Service Update 5. January 5, 2024 Attackers Target Unpatched Apache RocketMQ NameServers Type of attack: Critical RCE vulnerability in unpatched or partially patched RocketMQ services.

Encryption 107

Encryption Security Defenses Cybersecurity Internet 107

eSecurity Planet

MARCH 14, 2022

Pentesting involves vulnerability exploitation and post-exploitation actions – the idea is to conduct a real attack, like cybercriminals would do, except with an explicit authorization from the company in order to identify weaknesses and improve security defenses. Also read: 13 Best Vulnerability Scanner Tools for 2022.

Energy and Utilities 130

Energy and Utilities DNS Penetration Testing Ransomware 130

SecureWorld News

OCTOBER 18, 2022

The MSTIC says that it observed this ransomware strain being deployed in attacks on October 11, 2022, and found a ransom note labeling itself as "Prestige ranusomeware." Security researchers say that this campaign has several notable features differentiating it from other campaigns tracked by Microsoft.

Ransomware 71

Ransomware Security Defenses Malware Cybersecurity 71

eSecurity Planet

JANUARY 30, 2024

Verizon’s 2023 Data Breach Investigations Report (DBIR) also reveals that inside actors were responsible for 83% of 2022 data breaches. Review logs to spot unexpected patterns or potential security incidents. Ensure always-on DDoS protection: Ensure that your DDoS protection service is consistently active for extended security.

Risk 124

Risk DDOS Data breaches Encryption 124

CyberSecurity Insiders

OCTOBER 11, 2022

There are over 40,756 open vulnerabilities in applications – according to Indusface AppTrana, August-September 2022. Given the circumstances, you need to build and maintain a sound security posture. [ This article was originally published here by Indusface.com ]. Finds the Cracks in the Armor .

Penetration Testing 128

Penetration Testing Risk Security Defenses Technology 128

Thales Cloud Protection & Licensing

SEPTEMBER 18, 2023

Consumers’ payment data is a compelling target for criminals who continue to circumvent IT security defenses. According to the 2022 Thales Data Threat Report – Financial Services Edition , 52% of U.S. was released on March 31, 2022, and before we know it, businesses will face the compliance deadline of March 31, 2024.

Financial Services 78

Financial Services Data breaches Accountability Encryption 78

eSecurity Planet

AUGUST 14, 2023

Cybersecurity and Infrastructure Security Agency (CISA) recently published an analysis of the top 12 vulnerabilities exploited in 2022. In June, Mandiant disclosed active exploitation of the zero-day vulnerability ( CVE-2023-2868 ) linked to highly-skilled Chinese attackers that occurred as early as October 10, 2022.

Software 98

Software Malware Internet Internet 98

eSecurity Planet

FEBRUARY 18, 2022

While steganography is often considered something of a joke in capture-the-flag (CTF) events and other cybersecurity defense activities, it can happen in real attacks and can take security defenses by surprise simply by using another layer of cover. Also read: Top Endpoint Detection & Response (EDR) Solutions for 2022.

Artificial Intelligence 134

Artificial Intelligence Malware Encryption Security Defenses 134

eSecurity Planet

APRIL 5, 2022

So while the MITRE tests give buyers more data than they might otherwise have, they’re still encouraged to do their own research and testing, just as vendors will use the results to improve security defenses. Also read: Top Endpoint Detection & Response (EDR) Solutions for 2022.

Antivirus 128

Antivirus Security Defenses Cybersecurity Ransomware 128

SecureList

SEPTEMBER 11, 2023

Analysis of Veeamp Veeamp exploits the following Veeam vulnerabilities: CVE-2022-26500, CVE-2022-26501, CVE-2022-26504. Besides, a legitimate driver with a digital signature will not raise any red flags with security systems, helping the attackers to stay undetected for longer. KK.exe : malware known as Burntcigar.

Ransomware 135

Ransomware Encryption Malware DDOS 135

eSecurity Planet

JANUARY 16, 2024

CVE-2022-22274 is a stack-based buffer overflow vulnerability in SonicOS, the firewall’s operating system. According to researchers at Bishop Fox , they scanned firewalls with management consoles that are exposed to the internet and learned that 76% of the firewalls were vulnerable to at least one flaw.

Firewall 107

Firewall Firmware IoT Authentication 107

eSecurity Planet

MAY 30, 2024

Table of Contents Toggle Recent Healthcare Attacks & Breaches 5 Key Cybersecurity Management Lessons to Learn Bottom Line: Learn Healthcare’s Lessons Before Suffering Pain Recent Healthcare Attacks & Breaches Large breaches affected over 88 million individuals in the USA in 2023, a 60% increase from 2022.

Healthcare 73

Healthcare Cybersecurity Backups Ransomware 73

Malwarebytes

JUNE 8, 2022

There’s no shortage of reasons why an SMB might use Linux to run their business: There are plenty of distros to choose from, it’s (generally) free, and perhaps above all — it’s secure. But unfortunately, there’s more to Linux security than just leaning back in your chair and sipping piña coladas. 024BTC (~$720 USD as of June 2022).

Malware 103

Malware IoT DDOS Firewall 103

eSecurity Planet

NOVEMBER 6, 2023

The Problem: Three flaws discovered by the Kubernetes security community carry CVSS severity scores of 7.6 CVE-2022-4886 (Path Sanitization Bypass): This 8.8-level See the Best Container & Kubernetes Security Solutions & Tools Oct.

Software 110

Software Education Ransomware Firmware 110

eSecurity Planet

AUGUST 28, 2023

The security bulletin was last updated August 25. See our recent weekly vulnerability recaps: August 21, 2023 August 14, 2023 Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.

VPN 98

VPN Authentication Mobile Firewall 98

eSecurity Planet

SEPTEMBER 7, 2023

Perimeter 81, which was launched in 2018, runs a converged network and security platform to manage in-office and remote workforces. In 2022, Perimeter 81 raised $100 million at a $1 billion valuation. The company has over 3,000 customers and more than 200 employees.

Cybersecurity 117

Cybersecurity Marketing Software DDOS 117

eSecurity Planet

AUGUST 28, 2023

The security bulletin was last updated August 25. See our recent weekly vulnerability recaps: August 21, 2023 August 14, 2023 Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.

VPN 95

VPN Authentication Mobile Firewall 95

Security Boulevard

JUNE 23, 2022

Thu, 06/23/2022 - 16:26. Some risks specifically affecting IoT include : Built-in vulnerabilities : IoT devices are often shipped specifically for consumer use, without enterprise-grade encryption or security controls. Why Businesses Can’t Afford Anything Less Than Zero Trust in IoT. brooke.crothers. The IoT Landscape and Threats.

IoT 98

IoT Social Engineering Firmware Risk 98

eSecurity Planet

SEPTEMBER 25, 2023

Network Protection: How to Secure a Network Weekly Vulnerability Recap — September 18, 2023 Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Read next: What is Virtual Patching and How Does It Work?

Ransomware 107

Ransomware Antivirus Penetration Testing Telecommunications 107

eSecurity Planet

APRIL 1, 2024

The fix: Apply the emergency fixes issued by Microsoft for: Windows Server 2022 Windows Server 2019 Windows Server 2016 Windows Server 2012 R2 Attackers Actively Exploit Fortinet Enterprise Management Server SQLi Flaw Type of vulnerability: SQL injection (SQLi) flaw.

Authentication 107

Authentication Artificial Intelligence Software Cybersecurity 107

SC Magazine

APRIL 7, 2021

As cybercriminals take advantage of new technologies faster than security defenses can combat them, it’s critical for enterprises to secure ML systems and implement AI-powered solutions to recognize and halt attacks. Secure and manage AI to prevent malfunctions.

Digital transformation 66

Digital transformation Authentication Accountability Technology 66

SecureWorld News

NOVEMBER 8, 2023

These attacks have proliferated to such a degree that there were 493 million ransomware attacks in 2022 alone, and 19% of all data breaches were the result of stolen or compromised login credentials. In turn, this has left organizations and individuals far behind in the race to secure defenses appropriately.

Social Engineering 88

Social Engineering Engineering Cyber Attacks Artificial Intelligence 88

eSecurity Planet

MARCH 25, 2024

The problem: All Saflok system electronic locks are affected by a vulnerability that impacts “both the key derivation algorithm used to generate MIFARE Classic® keys and the secondary encryption algorithm used to secure the underlying card data,” according to manufacturer Dormakaba. The vulnerability was dubbed “Unsaflok.”

Computers and Electronics 60

Computers and Electronics Software Accountability Authentication 60

Thales Cloud Protection & Licensing

FEBRUARY 15, 2023

Ransomware attacks have become much more dangerous and have evolved beyond basic security defenses and business continuity techniques like next-gen antivirus and backups. The problem is that businesses are not yet aware of double or triple extortion ransomware and how these tactics can affect their data protection strategies.

Ransomware 71

Ransomware Encryption Backups Cyber Insurance 71

eSecurity Planet

OCTOBER 2, 2023

Read next: Network Protection: How to Secure a Network Weekly Vulnerability Recap – Sept. 25, 2023 – Flaws in Apple Devices, DevOps Tools and More Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.

DDOS 107

DDOS Encryption Software Ransomware 107

eSecurity Planet

SEPTEMBER 22, 2023

Five vendors received perfect visibility scores in the detection evaluations, and Sophos was one vendor that scored a noteworthy comeback from a middling 2022 result, underscoring that vendors often use the results to better their products.

Cybersecurity 107

Cybersecurity Security Defenses Marketing Technology 107

eSecurity Planet

OCTOBER 9, 2023

The third vulnerability ( CVE-2022-1471 ) is a Java deserialization issue caused by unsafe deserialization in the SnakeYAML library, which allows attackers to perform RCE with a malicious YAML file. The fix: Users should upgrade to TorchServe 0.8.2, published on August 28, 2023.

Architecture 103

Architecture Ransomware Software Accountability 103

eSecurity Planet

JANUARY 18, 2024

Gartner predicts that by 2025, 60% of organizations will require integrated ransomware defense strategies on storage devices, up from 10% in 2022. The significant increase in organizations requiring integrated ransomware defensive methods indicates heightened cybersecurity threat awareness.

Risk 122

Risk Backups Encryption DDOS 122