Krebs on Security

FEBRUARY 9, 2021

Microsoft today rolled out updates to plug at least 56 security holes in its Windows operating systems and other software. The flaw being exploited in the wild already — CVE-2021-1732 — affects Windows 10, Server 2016 and later editions. CVE-2021-24078 earned a CVSS Score of 9.8,

Access 287

Access Phishing Authentication Security 287

Data Breach Today

JANUARY 8, 2024

State AG Settlement Comes After 2021 Lorenz Ransomware Attack on Health Center A federally funded health center that provides services to underserved communities in New York has been fined up to $450,000 and must invest $1.2

Security 279

Security Ransomware IT 279

Krebs on Security

JANUARY 13, 2021

Microsoft today released updates to plug more than 80 security holes in its Windows operating systems and other software, including one that is actively being exploited and another which was disclosed prior to today. So, while CVE-2021-1709 is only rated as [an information exposure flaw] by Microsoft it should be prioritized for patching.”

Marketing 246

Marketing Security IT Access 246

Security Affairs

MARCH 26, 2024

The Finnish Police attributed the attack against the parliament that occurred in March 2021 to the China-linked group APT31. The Finnish Police attributed the March 2021 attack on the parliament to the China-linked group APT31. According to the police, the offences were committed between autumn 2020 and early 2021.

Communications 94

Communications Government Access Security 94

Krebs on Security

MAY 11, 2021

Microsoft today released fixes to plug at least 55 security holes in its Windows operating systems and other software. By all accounts, the most pressing priority this month is CVE-2021-31166 , a Windows 10 and Windows Server flaw which allows an unauthenticated attacker to remotely execute malicious code at the operating system level.

Encryption 263

Encryption Authentication Ransomware IT 263

Krebs on Security

MARCH 9, 2021

On the off chance you were looking for more security to-dos from Microsoft today…the company released software updates to plug more than 82 security flaws in Windows and other supported software. In the ENKI blog post, the researchers said they will publish proof-of-concept (PoC) details after the bug has been patched.

Security 301

Security IT Access 301

Data Breach Today

JUNE 22, 2023

Geller Replaces Michael DeCesare, Who Seeks to 'Balance Health and Lifestyle' Exabeam will have its third CEO since June 2021 after promoting Chief Product Officer Adam Geller to take over as its top leader.

Security 144

Security IT 144

Dark Reading

DECEMBER 14, 2020

An unprecedented 2020 has shaken up security leaders' usual list of must-have technologies. They share with us their spending plans for 2021. What's on the horizon?

Security 142

Security 142

Krebs on Security

JUNE 8, 2021

Microsoft today released another round of security updates for Windows operating systems and supported software, including fixes for six zero-day bugs that malicious hackers already are exploiting in active attacks. June’s Patch Tuesday addresses just 49 security holes — about half the normal number of vulnerabilities lately.

Security 286

Security Ransomware Phishing Cloud 286

Jamf

MARCH 24, 2022

With 2021 in the rearview, we revisit the biggest threats businesses faced during the year. In looking back, we summarize both macOS and mobile endpoint security threats along with their impact.

Security 124

Security Ransomware 124

DXC Technology

JANUARY 8, 2021

But one thing won’t change: In 2021, as is the case every year, companies will continue to be challenged by new or evolving cyber security threats. We expect 5 security trends that emerged or accelerated last year to demand even more attention from organizations […].

Security 128

Security 128

Data Breach Today

JANUARY 13, 2021

Beat the Bad Guys: Contact Center Security Solutions For Fraud Detection For 2021 and Beyond Explore Evolving Challenges and Solutions in The Fight Against Fraud.

Security 173

Security 173

Security Affairs

APRIL 28, 2022

Cybersecurity and Infrastructure Security Agency (CISA) published a list of 2021’s top 15 most exploited software vulnerabilities. Cybersecurity and Infrastructure Security Agency (CISA) published the list of 2021’s top 15 most exploited software vulnerabilities. ” reads the advisory published by CISA.

Cybersecurity 143

Cybersecurity Security Risk Government 143

Security Affairs

JULY 28, 2022

ENISA published a report that includes anonymised and aggregated information about major telecom security incidents in 2021. ENISA published a report that provides anonymized and aggregated information about major telecom security incidents in 2021. SecurityAffairs – hacking, telecom security incidents).

Security 93

Security Authentication Communications IT 93

IT Governance

JANUARY 10, 2022

For many, 2021 was a year to forget. The cyber security landscape offered similarly familiar topics: there were huge data breaches at Facebook and LinkedIn, while the threat of ransomware reached catastrophic levels. 2021 got off to an inauspicious start when cyber security researchers reported a huge leak of Brazilian residents’ data.

Security 115

Security Data breaches Ransomware Phishing 115

Data Breach Today

SEPTEMBER 1, 2020

CEO, CISO Panel on Resiliency, Insider Risk, 5G and Prioritizing the Spend A hybrid workforce, heightened insider risk, 5G concerns over the expanded attack surface - these are the "more" that people reference when they talk about "doing more with less" in 2021.

Cybersecurity 196

Cybersecurity Risk Security 196

The Last Watchdog

MAY 25, 2021

Resilience was the theme of RSA Conference 2021 which took place virtually last week. By the same token, the difficulties of defending modern IT systems has redoubled as organizations try to balance security and productivity. I visited with Bruce Snell and Setu Kulkarni from NTT Security to discuss this.

Cybersecurity 214

Cybersecurity Cloud Privacy Security 214

The Last Watchdog

JANUARY 18, 2022

After a gloomy start with its first three breach intensive quarters, 2021 has finally ended, and on a positive note. Related: Cybersecurity experts reflect on 2021. Our analysis looked into data breaches that occurred from October to December 2021 (Q4) and compared them with the numbers from July through August 2021 (Q3).

Data breaches 256

Data breaches Privacy Cybersecurity IT 256

Data Breach Today

DECEMBER 9, 2020

Security validation enables companies to continuously measure, manage and improve their cyber security effectiveness on an ongoing basis. The past year has been marked by economic uncertainty stemming from the global pandemic, which has also created an expanded remote workforce and broadened the attack landscape.

Security 246

Security IT 246

eSecurity Planet

SEPTEMBER 10, 2021

From the very beginning of the cloud computing era, security has been the biggest concern among enterprises considering the public cloud. In addition, 95 percent of survey respondents confirmed that they are extremely to moderately concerned about public cloud security. What is cloud security?

Cloud 103

Cloud Security Encryption Risk 103

Data Breach Today

JANUARY 4, 2021

Forrester's Chase Cunningham on Implementation of Zero Trust Framework The year 2020 saw the zero trust conversation evolve from 'what is it' to 'how to achieve a zero trust architecture', says Chase Cunningham, principal analyst, serving security and risk professionals at Forrester. What further evolution can we expect in 2021?

Risk 157

Risk Security IT 157

The Last Watchdog

JUNE 13, 2022

Investors more than doubled down in 2021, increasing investment by about 145 percent. Securing APIs. The SolarWinds attack made API supply chain security a front-page story in 2020. The Log4j vulnerability reported at the end 2021 heightened concern even more. Related: Taking API proliferation seriously.

Cybersecurity 239

Cybersecurity Data science Artificial Intelligence Marketing 239

Security Affairs

JANUARY 1, 2022

Which are the most-read cyber stories of 2021? The development team behind the Linux Mint distro has fixed a security flaw that could have allowed users to bypass the OS screensaver. The development team behind the Linux Mint distro has fixed a security flaw that could have allowed users to bypass the OS screensaver.

Security 91

Security Libraries Ransomware Passwords 91

Security Affairs

JANUARY 2, 2022

According to a report published by Invezz, the number of crypto security breaches increased by up 850% in the last decade. In 2021 we observed a spike in crypto heists, $4.25 billion worth of cryptos were stolen by cybercriminals in 2021. In 2021 we observed a spike in crypto heists, $4.25 Pierluigi Paganini.

Security 100

Security Marketing IT Information Security 100

IT Governance

DECEMBER 29, 2020

With data breaches soaring over the past two years and organisations struggling with the technical demands of the coronavirus pandemic, PwC has declared this a critical point for the cyber security industry. It’s one thing to say that you will prioritise cyber security, but organisations must also invest in appropriate measures.

Security 122

Security Data breaches Risk Government 122

Security Affairs

OCTOBER 9, 2021

Security expert Dhiraj Mishra published an NMAP script for the CVE-2021-41773 Path Traversal vulnerability affecting Apache Web Server version 2.4.49. Security researcher Dhiraj Mishra released an NMAP script for the CVE-2021-41773 path traversal vulnerability affecting Apache Web Server version 2.4.49. Patch ASAP!

Security 120

Security IT Cybersecurity Information Security 120

Data Breach Today

NOVEMBER 4, 2020

Brian Brackenborough and Nick Nagle on the Year Ahead Brian Brackenborough, CISO, Channel 4, the British television network, and Nick Nagle, CISO, Security Critical, a U.K.-based based consultancy company, discuss the lessons learned in 2020 and how they might impact the year ahead, agreeing that 2021 provides an "opportunity for a re-set."

Security 175

Security 175

Security Affairs

JULY 30, 2021

Researcher published an exploit code for a high-severity privilege escalation flaw (CVE-2021-3490) in Linux kernel eBPF on Ubuntu machines. The security researcher Valentina Palmiotti published a blog post that contains technical details about the flaw along with the exploit code that works on fresh installs of both Ubuntu 20.10

Security 138

Security IT Cybersecurity Information Security 138

Security Affairs

JANUARY 3, 2022

Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? According to Bloomberg , CNA Financial opted to pay the ransom two weeks after the security breach because it was not able to restore its operations. The pipeline allows carrying 2.5

Ransomware 103

Ransomware Cybersecurity Access Insurance 103

Threatpost

FEBRUARY 18, 2021

Latest Apple Platform Security update folds iOS, macOS and hardware into security 2021 roadmap.

Privacy 107

Privacy Security 107

Data Breach Today

APRIL 19, 2022

Thom Bailey of Mimecast on Ransomware, Resilience and Emerging Tech Mimecast has released its latest State of Email Security Report, and it finds that 75% of companies were hurt by ransomware attacks in 2021 - up from 60% in 2020.

Security 259

Security Ransomware IT 259

The Last Watchdog

NOVEMBER 3, 2021

The recognition comes from Cyber Security Hub, a website sponsored by IQPC Digital. We’ve been named one of the Top 10 cybersecurity webzines in 2021. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. I’ll keep watch and keep reporting.

Cybersecurity 277

Cybersecurity Privacy Data breaches Ransomware 277

Security Affairs

JANUARY 19, 2024

China-linked group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. Mandiant researchers reported that China-linked APT group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. ” concludes the report.

Authentication 104

Authentication Access Cloud IT 104

Security Affairs

APRIL 15, 2021

April 2021 Security Patch Day includes 14 new security notes and 5 updates to previously released notes, one of them fixes a critical issue in SAP Commerce. SAP Security Note #3040210 , tagged with a CVSS score of 9.9 ” reads the advisory published by SAP security firm Onapsis.

Security 100

Security IT Information Security 100

Security Affairs

OCTOBER 11, 2022

VMware has yet to address the CVE-2021-22048 privilege escalation vulnerability in vCenter Server disclosed in November 2021. VMware warns customers that it has yet to address a high-severity privilege escalation vulnerability, tracked as CVE-2021-22048 , in the vCenter Server. SecurityAffairs – hacking, CVE-2021-22048 ).

Authentication 121

Authentication Access Security IT 121

eSecurity Planet

APRIL 28, 2022

cybersecurity agencies joined their counterparts around the globe to urge organizations to address the top 15 vulnerabilities exploited in 2021. VMware, Atlassian, Pulse Secure and Fortinet rounded out the list. See the Top Secure Email Gateways. CVE-2021-44228. CVE-2021-40539. CVE-2021-34523. “U.S.,

Cybersecurity 108

Cybersecurity Risk Access Security 108