Just days after Microsoft disclosed four serious flaws in Microsoft Exchange email servers, attackers are going on a wide hunt for vulnerable machines, some security experts say. The flaws could be exploited for creating backdoors for email accounts or installing ransomware and cryptominers.
Ransomware dominated the online-enabled crime landscape in 2020, some security experts say, thanks to the massive profits it's been generating and the relative ease of use for attackers - including support from a burgeoning cybercrime-as-a-service market.
This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.
Qualys has confirmed that its Accellion File Transfer Appliance software was breached by zero-day-wielding attackers after stolen customer data appeared on the Clop ransomware gang's data leaks site. The security firm's public breach notification comes more than two months after the firm first learned it had been...
A team of security researchers has released a new jailbreak for iOS 14.3 and previous versions that enables users to install and tweak unofficial apps outside Apple's security protections.
Endpoint security and management has become very complex. Despite investments in teams and tools, organizations still struggle with visibility gaps across their IT environment, organizational silos and broken workflows that leave businesses exposed to risk.
Tanium commissioned Forrester Consulting to survey more...
Modern IT teams feel pressure from all directions. They must maintain compliance with data privacy regulations, track and secure sensitive data across endpoints and manage an ever-increasing number of assets, all while enabling business growth. Balancing these priorities often causes significant challenges for many...
The pivot to working from home (WFH) proved that enterprise IT organizations could do the unimaginable – and do it quickly and well. Once you realize you can move all your users to WFH in days instead of years, you start to wonder what else you can do quickly.
What digital transformation projects, long considered...
Digital transformation is a way of life in today’s business world. It touches all corners of the enterprise in ways that were once unimaginable. CIO and IT executives at companies of all sizes and in all industries are quickly coming to realize that most legacy tools and processes are, at best, inefficient and are...
Tanium has been an established player on the North American endpoint protection market for some years, but until recently has had only a limited presence in Europe. That is now changing as the vendor builds out its personnel and partnerships in the region. However, organizational presence is only one part of the...
Microsoft issued emergency software patches on Tuesday for four zero-day vulnerabilities in its Exchange email server. The alarming vulnerabilities could allow a remote attacker into Exchange and possibly enable further lateral movement.
Using a nearly 20-year-old file transfer product - what could go wrong? Among the many lessons to be learned from the Accellion File Transfer Appliance mess is this: Attackers will devote substantial resources to reverse-engineer hardware, software or a service if there's a financial upside.
A new malware loader dubbed "Gootloader" is using search engine optimization techniques to spread ransomware, Trojans and other malware, the security firm Sophos reports.
State-sponsored groups in China appear to be targeting India’s power supply by dropping malware into systems, according to online digital threat analysis company Recorded Future. The Indian government says it has taken steps to mitigate the risks.
Prolific Ryuk ransomware has a new trick up its sleeve. "A Ryuk sample with worm-like capabilities - allowing it to spread automatically within networks it infects" was recently discovered during an incident response effort, warns CERT-FR, the French government's computer emergency response team.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.
