Traditional vulnerability management programs are outdated, with little to no innovation in the last two decades. Today's dynamic IT environment demands an advanced vulnerability management program to deal with the complex attack surface and curb security risks.
A reported a "potentially dangerous piece of functionality" allows an attacker to launch an attack on cloud infrastructure and ransom files stored in SharePoint and OneDrive.
By Elizabeth Montalbano β June 21st 2022 at 11:20
Attackers are targeting a number of key vertical markets in the U.S. with the active campaign, which impersonates the organization and Microsoft to lift Office365 and Outlook log-in details.
The dangers to SMBs and businesses of all sizes from cyberattacks are well known. But whatβs driving these attacks, and what do cybersecurity stakeholders need to do that theyβre not already doing?
By Elizabeth Montalbano β June 14th 2022 at 10:55
Symbiote, discovered in November, parasitically infects running processes so it can steal credentials, gain rootlkit functionality and install a backdoor for remote access.
By Elizabeth Montalbano β June 10th 2022 at 11:02
The dangerous malware appears to be well and truly back in action, sporting new variants and security-dodging behaviors in a wave of recent phishing campaigns.
By Elizabeth Montalbano β June 9th 2022 at 17:44
Sabre and Travelport had to report the weekly activities of former βCardplanetβ cybercriminal Aleksei Burkov for two years, info that eventually led to his arrest and prosecution.
Rob Gurzeev, CEO and Co-Founder of CyCognito, explores external attack surface soft spots tied to an ever-expanding number of digital assets companies too often struggle to keep track of and manage effectively.
Insider Risk Management requires a different approach than to those from external threats. IRM is unique from other domains of security in that the data sources which serve as inputs are as often people as they are tools. Shifting the analystβs mindset when handling risks presented by insiders requires us to move through the stages of inquiry, investigation, and determining outcomes.
By Elizabeth Montalbano β June 3rd 2022 at 12:42
The cybercriminal group is distancing itself from its previous branding by shifting tactics and tools once again in an aim to continue to profit from its nefarious activity.
Melissa Bischoping, security researcher with Tanium and Infosec Insiders columnist, urges firms to consider the upstream and downstream impact of "triple extortion" ransomware attacks.
By Elizabeth Montalbano β June 2nd 2022 at 11:18
The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020.
There is no question that the level of threats facing todayβs businesses continues to change on a daily basis. So what are the trends that CISOs need to be on the lookout for? For this episode of the Threatpost podcast, I am joined by Derek Manky, Chief Security Strategist & VP Global Threat Intelligence, Fortinetβs [β¦]
By Elizabeth Montalbano β June 1st 2022 at 10:38
Threat actors already are exploiting vulnerability, dubbed βFollinaβ and originally identified back in April, to target organizations in Russia and Tibet, researchers said.
By Elizabeth Montalbano β May 31st 2022 at 11:38
The malvertiserβs use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn.
Login
FreshRSS