Continuous Monitoring and Protection
Doxing can happen to anyone – here’s how you can reduce the odds that your personal information will be weaponized against you How harmful can it be to have your social media accounts set to public? Or to tag the restaurant where you’re having that delicious meal? Almost everyone does it! Let’s turn the questions around: Do you remember ever searching for someone you just met on social media to find out as much as…
Read MoreAs another hospital falls victim to ransomware, Tony weighs in on the much-debated issue of banning ransomware payouts A major hospital near Paris has been hit by a ransomware attack that crippled its computer and medical systems and forced it to send patients to other healthcare facilities. The criminals demand $10 million from the hospital for restoring access to its systems, which the facility refused to pay. In this week’s video, Tony wonders if the…
Read Moreby Paul Ducklin Yesterday, we wrote about the waited-for-with-bated-breath OpenSSL update that attracted many column-kilometres of media attention last week. The OpenSSL team announced in advance, as it usually does, that a new version of its popular cryptographic library would soon be released. This notification stated that the update would patch against a security hole with a CRITICAL severity rating, the project’s highest. Unlike companies such as Apple, who deliberately announce forthcoming security patches simply…
Read MoreThe US White House this week convened its Second International Counter Ransomware Initiative Summit (CRI), bringing together leaders from 36 countries and the European Union in person to build on the work of its first ransomware summit in 2021. At a press briefing before the Summit, a White House spokesperson said, “While the United States is facilitating this meeting, we don’t view this solely as a US initiative. It’s an international partnership that spans most…
Read MoreAccording to ESG research, 52% of organizations believe that security operations are more difficult today than they were two years ago, due to factors such as the dangerous threat landscape, growing attack surface, and the volume/complexity of security alerts. In analyzing this data, I see a common theme: scale. Security teams must be able to scale operations to deal with the increasing volume of everything coming at them. Faced with a global cybersecurity skills shortage,…
Read MorePatches have been released by most of the major Linux distributions. While the severity of one of the vulnerabilities was downgraded, both are still rated as high severity. Organizations should apply the OpenSSL patch via standard system package update systems such as apt, yum, rpm, dnf, and pacman.The Netherlands’ National Cyber Security Centre has created a useful resource for system administrators to determine if the operating systems or software they manage are vulnerable and if…
Read MoreTo keep adware away from devices, avoid installing apps from unofficial Android stores. Reading user reviews and monitoring battery usage and network data activity also helps determine if the device is running suspicious software. Keeping Google’s Play Protect feature active is also a good way to keep the device safer. Any Android devices that have one of the above apps present should remove that app and run a full system scan using Play Protect or…
Read MoreWith bring your own device (BYOD) policies becoming more and more common in the workplace, this report is a prime example of how an organization may be left vulnerable if these policies are not properly implemented. Organizations need to ensure that employees are properly updating devices in an efficient manner. Failure to keep devices current could lead to those devices becoming the vector for initial access within an environment. An attacker may use a compromised…
Read MoreCloud storage company Dropbox has suffered a data breach after its employees were targeted by a phishing attack. The attack, which took place on October 14, saw a malicious actor pose as code integration and delivery platform CircleCI in order to harvest login credentials and authentication codes from employees and gain access to Dropbox’s account on code repository site GitHub, as CircleCI login information can be used to access Github. Through the attack, the hacker…
Read MoreFortinet on Tuesday informed customers about 16 vulnerabilities discovered in the company’s products, including six flaws that have been assigned a ‘high’ severity rating. One of the high-severity issues affects FortiTester and it allows an authenticated attacker to execute commands via specially crafted arguments to existing commands. FortiSIEM is affected by a vulnerability that allows a local attacker with command-line access to perform operations on the Glassfish server directly via a hardcoded password. The remaining…
Read More