informa

Vulnerabilities/Threats

Navigating Nobelium: Lessons From Cloud Hopper & NotPetya
Nearly every organization should assume that it is at risk, but there are ways of countering the tactics used by advanced persistent threats.
January 28, 2022
Nearly every organization should assume that it is at risk, but there are ways of countering the tactics used by advanced persistent threats.
by James Campbell, Co-Founder and CEO, Cado Security
January 28, 2022
5 min read
Article
More Security Flaws Found in Apple's OS Technologies
Apple's updates this week included fixes for two zero-day flaws, several code execution bugs, and vulnerabilities that allowed attackers to bypass its core security protections.
January 28, 2022
Apple's updates this week included fixes for two zero-day flaws, several code execution bugs, and vulnerabilities that allowed attackers to bypass its core security protections.
by Jai Vijayan, Contributing Writer
January 28, 2022
6 min read
Article
Phishing Simulation Study Shows Why These Attacks Remain Pervasive
Email purportedly from human resources convinced more than one-fifth of recipients to click, the majority of whom did so within an hour of receiving the fraudulent message.
January 27, 2022
Email purportedly from human resources convinced more than one-fifth of recipients to click, the majority of whom did so within an hour of receiving the fraudulent message.
by Robert Lemos, Contributing Writer
January 27, 2022
5 min read
Article
With Cloud the Norm, Insiders Are Everywhere — and Pose Greater Risk
After companies accelerated their adoption of cloud infrastructure, remote workers are now insiders and pose significant risks, and costs, to companies.
January 27, 2022
After companies accelerated their adoption of cloud infrastructure, remote workers are now insiders and pose significant risks, and costs, to companies.
by Robert Lemos, Contributing Writer
January 27, 2022
4 min read
Article
Log4j Proved Public Disclosure Still Helps Attackers
Disclosure also puts organizations in the awkward position of trying to mitigate a vulnerability without something like a vendor patch to do the job.
January 27, 2022
Disclosure also puts organizations in the awkward position of trying to mitigate a vulnerability without something like a vendor patch to do the job.
by Alex Haynes, Chief Information Security Officer, CDL
January 27, 2022
5 min read
Article
Millions of Routers, IoT Devices at Risk as Malware Source Code Surfaces on GitHub
"BotenaGo" contains exploits for more than 30 vulnerabilities in multiple vendor products and is being used to spread Mirai botnet malware, security vendor says.
January 26, 2022
"BotenaGo" contains exploits for more than 30 vulnerabilities in multiple vendor products and is being used to spread Mirai botnet malware, security vendor says.
by Jai Vijayan, Contributing Writer
January 26, 2022
4 min read
Article
Experts Urge Firms to Patch Trivial-to-Exploit Flaw in Linux PolicyKit
The memory corruption vulnerability in a policy component installed by default on most Linux distributions allows any user to become root. Researchers have already reproduced the exploit.
January 26, 2022
The memory corruption vulnerability in a policy component installed by default on most Linux distributions allows any user to become root. Researchers have already reproduced the exploit.
by Robert Lemos, Contributing Writer
January 26, 2022
4 min read
Article
Cybersecurity Is Broken: How We Got Here & How to Start Fixing It
It's not just your imagination — malicious threats have exponentially increased organizational risk.
January 26, 2022
It's not just your imagination — malicious threats have exponentially increased organizational risk.
by David Ratner, CEO, Hyas
January 26, 2022
5 min read
Article
VPNLab.net Shuttered in Latest Spate of Global Takedowns
Europol and 10 nations seized servers and disconnected the anonymous network allegedly used by many cybercriminals in the latest effort to hobble cybercrime groups.
January 26, 2022
Europol and 10 nations seized servers and disconnected the anonymous network allegedly used by many cybercriminals in the latest effort to hobble cybercrime groups.
by Robert Lemos, Contributing Writer
January 26, 2022
4 min read
Article
Why It's Time to Rethink Incident Response
The incident response landscape has changed drastically, largely from shifting attitudes among insurance companies and, to some extent, business customers feeling the pain of security incidents.
January 26, 2022
The incident response landscape has changed drastically, largely from shifting attitudes among insurance companies and, to some extent, business customers feeling the pain of security incidents.
by J.R. Cunningham, Chief Security Officer, Nuspire
January 26, 2022
5 min read
Article
Threat Actors Use Microsoft OneDrive for Command-and-Control in Attack Campaign
Signs hint at Russia's APT28, aka Fancy Bear, being behind the attacks, according to new research.
January 25, 2022
Signs hint at Russia's APT28, aka Fancy Bear, being behind the attacks, according to new research.
by Jai Vijayan, Contributing Writer
January 25, 2022
4 min read
Article
Link11 Sets New Standards in DDoS Protection as Test Winner
In a recent performance test, cybersecurity provider Link11 was benchmarked against leading international security vendors and emerged as the winner. The study by Frost & Sullivan emphasized the importance of precise detection and speed in mitigating DDoS (Distributed Denial of Service) attacks.
January 25, 2022
In a recent performance test, cybersecurity provider Link11 was benchmarked against leading international security vendors and emerged as the winner. The study by Frost & Sullivan emphasized the importance of precise detection and speed in mitigating DDoS (Distributed Denial of Service) attacks.
January 25, 2022
4 min read
Article
8 Security Startups to Watch in 2022
Cloud security, API security, and incident response are among the issues up-and-coming security companies are working on.
January 25, 2022
Cloud security, API security, and incident response are among the issues up-and-coming security companies are working on.
by Kelly Sheridan, Senior Editor
January 25, 2022
1 min read
Article
Striking a Balance Between Cybersecurity Awareness and Anxiety
Employees don't have to be paralyzed by fear to keep the company safe. They just have to understand what threats look like and how to stop them.
January 25, 2022
Employees don't have to be paralyzed by fear to keep the company safe. They just have to understand what threats look like and how to stop them.
by Zack Schuler, Founder and CEO, NINJIO
January 25, 2022
5 min read
Article
As IoT Attacks Increase, Experts Fear More Serious Threats
Variants of the Mirai codebase are still a popular way to compromise and subvert Internet of Things devices, but experts fear more serious threats may be ahead.
January 25, 2022
Variants of the Mirai codebase are still a popular way to compromise and subvert Internet of Things devices, but experts fear more serious threats may be ahead.
by Robert Lemos, Contributing Writer
January 25, 2022
4 min read
Article