eSecurity Planet

MARCH 19, 2024

Frequent Ransomware Target QNAP Discloses 3 Vulnerabilities Type of vulnerability: Improper authentication, injection vulnerability, SQL injection (SQLi). Ransomware gangs, notably Deadbolt, Checkmate, and Qlocker, actively targeted QNAP vulnerabilities in the past. The critical vulnerability, CVE-2024-21899 with a CVSS score of 9.8,

Authentication 119

Authentication VPN Software DDOS 119

eSecurity Planet

FEBRUARY 16, 2024

government and defense institutions for intelligence gathering. In November 2021, the FBI disclosed a FatPipe VPN exploit that enabled backdoor access via web shells. Analysts and security software frequently struggle to spot malicious activity disguised as normal ones, complicating intrusion detection and mitigation efforts.

Internet 113

Internet Internet Cybersecurity Network Security 113

eSecurity Planet

OCTOBER 9, 2023

A surge of critical vulnerabilities and zero-day exploits has made for a very busy week in IT security, affecting a range of tech giants like Atlassian, Cisco, Apple, Arm, Qualcomm and Microsoft. Attackers might get full access to Confluence instances by creating illegal administrator accounts.

Architecture 104

Architecture Ransomware Software Accountability 104

eSecurity Planet

JANUARY 18, 2024

CSP’s Professional Security Expertise CSPs’ professional security expertise substantially contributes to the security capabilities and improvement of the general resilience of cloud storage. The increased scalability of cloud storage can assist effective data recovery solutions.

Risk 125

Risk Backups Encryption DDOS 125

SecureList

SEPTEMBER 11, 2023

Cuba ransomware gang Cuba data leak site The group’s offensives first got on our radar in late 2020. The Cuba group, like many others of its kind, is a ransomware-as-a-service (RaaS) outfit, letting its partners use the ransomware and associated infrastructure in exchange for a share of any ransom they collect.

Ransomware 140

Ransomware Encryption Malware DDOS 140

eSecurity Planet

AUGUST 25, 2021

” Zero trust is a critical tool in the security defense arsenal, especially as more companies shift to a fully remote or hybrid work environment. Related: How Zero Trust Security Can Protect Against Ransomware. That’s the ultimate goal of zero trust security, after all.

Social Engineering 113

Social Engineering Architecture Engineering Cybersecurity 113

SC Magazine

JUNE 29, 2021

But the Government Accountability Office found areas where HHS could better coordinate its efforts to support department information sharing and overall health IT security. Emsisoft data shows that 32 health care providers have been disrupted by ransomware alone in 2021, so far.

Healthcare 68

Healthcare Cybersecurity CISO Cyber threats 68

Centraleyes

DECEMBER 6, 2023

According to Purplesec, ransomware attacks have increased by 350% since 2018, zero-day attacks were up by 55% in 2021, and out of the 30 million SMBs in the USA, over 66% have had at least 1 cyber incident between 2018-2020. Vulnerability management is a critical element of information security.

Risk 52

Risk Cyber Risk Software Information Security 52

eSecurity Planet

MAY 30, 2024

Ransomware attacks and data breaches make headlines when they shut down huge connected healthcare providers such as Ascension Healthcare or Change Healthcare. 2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia.

Healthcare 123

Healthcare Cybersecurity Backups Ransomware 123

eSecurity Planet

DECEMBER 19, 2023

2023 cybersecurity issues will continue: Weak IT fundamentals, poor cybersecurity awareness, and ransomware will still cause problems and make headlines. Andy Grolnick, CEO of Graylog, cautions that “In 2023, ransomware is still the dominant threat in the minds of security teams. Bottom line: Prepare now based on risk.

Cybersecurity 140

Cybersecurity CISO Government Technology 140

eSecurity Planet

SEPTEMBER 8, 2023

An unprotected API that let anybody check if an email address was linked to a Duolingo account caused the compromise. The ransomware group Clop might have been planning this since 2021, and stands to gain a significant $100 million from this campaign. Duolingo In August 2023, news broke that the personal information of 2.6

Authentication 109

Authentication Architecture Firewall Threat Detection 109

CyberSecurity Insiders

DECEMBER 8, 2021

We have seen firsthand that it takes more than an individual task force to combat ransomware and other related threats such as phishing, insider threats and more. Have hope that through the hard work and brilliant minds behind these security defenses that 2022 will not be a repeat of such high level attacks.

Data breaches 142

Data breaches Ransomware Government Cybersecurity 142