CSO Magazine

APRIL 27, 2022

The 2022 RSA Security Conference is just weeks away, and the security diaspora is boosted and ready to meet in person at the Moscone Center in San Francisco. While we’ve certainly accomplished a lot working remotely over the past 2 years, cybersecurity remains in a precarious position in 2022, so an industry huddle is in order.

CISO 86

CISO Security Defenses Technology Cybersecurity 86

Security Affairs

NOVEMBER 3, 2022

Further evidence linking the two includes IP addresses and specific TTPs (tactics, techniques, and procedures) used by FIN7 in early 2022 and seen months later in actual Black Basta attacks. Black Basta has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. .

Cybercrime 108

Cybercrime Ransomware Antivirus Malware 108

SecureWorld News

APRIL 29, 2022

Some believe it should be a requirement for organizations to have in the event of a cyberattack, while others might prefer to rely on their security defenses and avoid paying a costly rate. Researchers say that cyber insurance rates increased by a whopping 110% in the United States in the first quarter of 2022.

Cyber Insurance 98

Cyber Insurance Insurance Cyber Risk Security Defenses 98

Security Affairs

JULY 14, 2023

BlackLotus is the first UEFI bootkit that is able to bypass the security feature on fully up-to-date Windows 11 systems. The BlackLotus malware is a UEFI bootkit that is available for sale on hacking forums since at least October 2022. Exploiting CVE-2022-21894 to bypass the Secure Boot feature and install the bootkit.

Firmware 98

Firmware Malware Hacking CISO 98

eSecurity Planet

APRIL 29, 2024

April 22, 2024 CISA Adds 2022 Windows Print Spooler Vulnerability to KEV Catalog Type of vulnerability: Elevation of privilege. Although fixed in the October 2022 updates, Microsoft notes that the zero-day vulnerability may have been exploited as early as April 2019.

Firewall 114

Firewall Software Ransomware Penetration Testing 114

eSecurity Planet

MARCH 14, 2022

Pentesting involves vulnerability exploitation and post-exploitation actions – the idea is to conduct a real attack, like cybercriminals would do, except with an explicit authorization from the company in order to identify weaknesses and improve security defenses. Also read: 13 Best Vulnerability Scanner Tools for 2022.

Energy and Utilities 132

Energy and Utilities DNS Penetration Testing Ransomware 132

Security Affairs

MARCH 1, 2023

BlackLotus is the first UEFI bootkit that is able to bypass the security feature on fully up-to-date Windows 11 systems. The BlackLotus malware is a UEFI bootkit that is available for sale on hacking forums since at least October 2022. wrote Scott Scheferman from firmware security firm Eclypsium.

Firmware 98

Firmware Malware Hacking Security Defenses 98

Security Affairs

APRIL 10, 2023

MERCURY (aka MuddyWater , SeedWorm and TEMP.Zagros ) has been active since at least 2017, in January 2022 the USCYBERCOM has officially linked the Iran-linked APT group to Iran’s Ministry of Intelligence and Security (MOIS). The attackers were able to interfere with security tools using Group Policy Objects (GPO).

Ransomware 98

Ransomware Cybercrime VPN Education 98

eSecurity Planet

APRIL 5, 2022

So while the MITRE tests give buyers more data than they might otherwise have, they’re still encouraged to do their own research and testing, just as vendors will use the results to improve security defenses. Also read: Top Endpoint Detection & Response (EDR) Solutions for 2022.

Antivirus 131

Antivirus Security Defenses Cybersecurity Ransomware 131

CyberSecurity Insiders

OCTOBER 11, 2022

There are over 40,756 open vulnerabilities in applications – according to Indusface AppTrana, August-September 2022. Given the circumstances, you need to build and maintain a sound security posture. [ This article was originally published here by Indusface.com ]. Finds the Cracks in the Armor .

Penetration Testing 128

Penetration Testing Risk Security Defenses Technology 128

SecureWorld News

OCTOBER 18, 2022

The MSTIC says that it observed this ransomware strain being deployed in attacks on October 11, 2022, and found a ransom note labeling itself as "Prestige ranusomeware." Security researchers say that this campaign has several notable features differentiating it from other campaigns tracked by Microsoft.

Ransomware 97

Ransomware Security Defenses Malware Cybersecurity 97

eSecurity Planet

FEBRUARY 5, 2024

The problem: CVE-2022-48618 (CVSS score: 7.8) Despite Apple’s December 2022 patch, the flaw’s public disclosure a year later exposes possible vulnerabilities in devices running versions prior to iOS 15.7.1, The fix: Apply the issued patches starting December 13, 2022, by updating to iOS 16.2, macOS Ventura 13.1,

Risk 114

Risk Penetration Testing Authentication Software 114

eSecurity Planet

FEBRUARY 18, 2022

While steganography is often considered something of a joke in capture-the-flag (CTF) events and other cybersecurity defense activities, it can happen in real attacks and can take security defenses by surprise simply by using another layer of cover. Also read: Top Endpoint Detection & Response (EDR) Solutions for 2022.

Malware 104

Malware Artificial Intelligence Encryption Software 104

eSecurity Planet

JANUARY 8, 2024

The problem: Ivanti announced CVE-2023-39336 that affects all versions of EPM prior to and including 2022 SU4. The fix: Update to 2022 Service Update 5. January 5, 2024 Attackers Target Unpatched Apache RocketMQ NameServers Type of attack: Critical RCE vulnerability in unpatched or partially patched RocketMQ services.

Encryption 110

Encryption Security Defenses Cybersecurity Internet 110

SecureList

SEPTEMBER 11, 2023

Analysis of Veeamp Veeamp exploits the following Veeam vulnerabilities: CVE-2022-26500, CVE-2022-26501, CVE-2022-26504. Besides, a legitimate driver with a digital signature will not raise any red flags with security systems, helping the attackers to stay undetected for longer. KK.exe : malware known as Burntcigar.

Ransomware 144

Ransomware Encryption Malware DDOS 144

eSecurity Planet

JANUARY 30, 2024

Verizon’s 2023 Data Breach Investigations Report (DBIR) also reveals that inside actors were responsible for 83% of 2022 data breaches. Review logs to spot unexpected patterns or potential security incidents. Ensure always-on DDoS protection: Ensure that your DDoS protection service is consistently active for extended security.

Risk 128

Risk DDOS Data breaches Encryption 128

eSecurity Planet

SEPTEMBER 16, 2024

These affect EPM versions 2024, 2022 SU5, and prior. The fix: To mitigate the risks, users must upgrade to EPM 2024 SU1 or 2022 SU6. Nine SQL injection vulnerabilities ( CVE-2024-32840 to 32848 , CVE-2024-34779 , 34783 , 34785 ) allow remote attackers with admin privileges to execute code.

Software 109

Software Malware System Administration Encryption 109

eSecurity Planet

AUGUST 14, 2023

Cybersecurity and Infrastructure Security Agency (CISA) recently published an analysis of the top 12 vulnerabilities exploited in 2022. In June, Mandiant disclosed active exploitation of the zero-day vulnerability ( CVE-2023-2868 ) linked to highly-skilled Chinese attackers that occurred as early as October 10, 2022.

Software 98

Software Malware Internet Internet 98

Malwarebytes

JUNE 8, 2022

There’s no shortage of reasons why an SMB might use Linux to run their business: There are plenty of distros to choose from, it’s (generally) free, and perhaps above all — it’s secure. But unfortunately, there’s more to Linux security than just leaning back in your chair and sipping piña coladas. 024BTC (~$720 USD as of June 2022).

Malware 116

Malware IoT DDOS Firewall 116

Thales Cloud Protection & Licensing

SEPTEMBER 18, 2023

Consumers’ payment data is a compelling target for criminals who continue to circumvent IT security defenses. According to the 2022 Thales Data Threat Report – Financial Services Edition , 52% of U.S. was released on March 31, 2022, and before we know it, businesses will face the compliance deadline of March 31, 2024.

Financial Services 77

Financial Services Data breaches Accountability Encryption 77

Security Boulevard

JUNE 23, 2022

Thu, 06/23/2022 - 16:26. Some risks specifically affecting IoT include : Built-in vulnerabilities : IoT devices are often shipped specifically for consumer use, without enterprise-grade encryption or security controls. Why Businesses Can’t Afford Anything Less Than Zero Trust in IoT. brooke.crothers. The IoT Landscape and Threats.

IoT 98

IoT Social Engineering Firmware Risk 98

eSecurity Planet

SEPTEMBER 7, 2023

Perimeter 81, which was launched in 2018, runs a converged network and security platform to manage in-office and remote workforces. In 2022, Perimeter 81 raised $100 million at a $1 billion valuation. The company has over 3,000 customers and more than 200 employees.

Cybersecurity 121

Cybersecurity Marketing Software DDOS 121

eSecurity Planet

JANUARY 16, 2024

CVE-2022-22274 is a stack-based buffer overflow vulnerability in SonicOS, the firewall’s operating system. According to researchers at Bishop Fox , they scanned firewalls with management consoles that are exposed to the internet and learned that 76% of the firewalls were vulnerable to at least one flaw.

Firewall 110

Firewall Firmware IoT Authentication 110

eSecurity Planet

NOVEMBER 6, 2023

The Problem: Three flaws discovered by the Kubernetes security community carry CVSS severity scores of 7.6 CVE-2022-4886 (Path Sanitization Bypass): This 8.8-level See the Best Container & Kubernetes Security Solutions & Tools Oct.

Software 113

Software Education Ransomware Firmware 113

eSecurity Planet

MAY 30, 2024

Table of Contents Toggle Recent Healthcare Attacks & Breaches 5 Key Cybersecurity Management Lessons to Learn Bottom Line: Learn Healthcare’s Lessons Before Suffering Pain Recent Healthcare Attacks & Breaches Large breaches affected over 88 million individuals in the USA in 2023, a 60% increase from 2022.

Healthcare 124

Healthcare Cybersecurity Ransomware Backups 124

eSecurity Planet

OCTOBER 1, 2024

The problem: Drive remapping and cache poisoning could lead to DLL hijacking of Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022. The attack could allow an unauthenticated threat actor to escalate a medium integrity process to a high integrity one.

Authentication 110

Authentication Software Internet Internet 110

SecureWorld News

NOVEMBER 8, 2023

These attacks have proliferated to such a degree that there were 493 million ransomware attacks in 2022 alone, and 19% of all data breaches were the result of stolen or compromised login credentials. In turn, this has left organizations and individuals far behind in the race to secure defenses appropriately.

Social Engineering 112

Social Engineering Engineering Cyber Attacks Artificial Intelligence 112

eSecurity Planet

SEPTEMBER 25, 2023

Network Protection: How to Secure a Network Weekly Vulnerability Recap — September 18, 2023 Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Read next: What is Virtual Patching and How Does It Work?

Ransomware 110

Ransomware Antivirus Penetration Testing Telecommunications 110

eSecurity Planet

AUGUST 28, 2023

The security bulletin was last updated August 25. See our recent weekly vulnerability recaps: August 21, 2023 August 14, 2023 Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.

VPN 98

VPN Authentication Mobile Firewall 98

eSecurity Planet

AUGUST 28, 2023

The security bulletin was last updated August 25. See our recent weekly vulnerability recaps: August 21, 2023 August 14, 2023 Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.

VPN 95

VPN Authentication Mobile Firewall 95

eSecurity Planet

SEPTEMBER 22, 2023

Five vendors received perfect visibility scores in the detection evaluations, and Sophos was one vendor that scored a noteworthy comeback from a middling 2022 result, underscoring that vendors often use the results to better their products.

Cybersecurity 110

Cybersecurity Security Defenses Marketing Technology 110

eSecurity Planet

OCTOBER 2, 2023

Read next: Network Protection: How to Secure a Network Weekly Vulnerability Recap – Sept. 25, 2023 – Flaws in Apple Devices, DevOps Tools and More Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.

DDOS 110

DDOS Encryption Software Ransomware 110

SC Magazine

APRIL 7, 2021

As cybercriminals take advantage of new technologies faster than security defenses can combat them, it’s critical for enterprises to secure ML systems and implement AI-powered solutions to recognize and halt attacks. Secure and manage AI to prevent malfunctions.

Authentication 66

Authentication Digital transformation Accountability Technology 66

CyberSecurity Insiders

MAY 5, 2022

We’ve seen a shift since the pandemic of more businesses operating online, making it more of a risk for those that don’t have proper security defenses in place. Here are a few ways that you could help ensure your business doesn’t find itself at the mercy of fraudsters in 2022. . Audit your security systems inside and out.

Cybercrime 107

Cybercrime Risk Firewall Software 107

eSecurity Planet

OCTOBER 9, 2023

The third vulnerability ( CVE-2022-1471 ) is a Java deserialization issue caused by unsafe deserialization in the SnakeYAML library, which allows attackers to perform RCE with a malicious YAML file. The fix: Users should upgrade to TorchServe 0.8.2, published on August 28, 2023.

Architecture 105

Architecture Ransomware Software Accountability 105

eSecurity Planet

JANUARY 18, 2024

Gartner predicts that by 2025, 60% of organizations will require integrated ransomware defense strategies on storage devices, up from 10% in 2022. The significant increase in organizations requiring integrated ransomware defensive methods indicates heightened cybersecurity threat awareness.

Risk 126

Risk Backups Encryption DDOS 126

eSecurity Planet

DECEMBER 10, 2023

It simplifies operations by lowering the chance of configuration conflicts and misconfigurations or oversights that could affect security. Ultimately, incorporating these practices offers not just immediate protection but also long-term resilience, allowing businesses to navigate the digital domain securely and confidently.

Firewall 121

Firewall Network Security Backups Education 121