Category: esecurityplanet

This article has been indexed from eSecurityPlanet Spending money you hadn’t budgeted to hire experts to clean up an unexpected mess is at the bottom of every manager’s wish list, but in the case of a cyber attack as damaging…

Read more →

This article has been indexed from eSecurityPlanet First, we prepare a plan for the possibility, then when a ransomware attack occurs we execute the plan. So easy to say, so difficult to do correctly. To help, we break down the…

Read more →

This article has been indexed from eSecurityPlanet Malware has been around for nearly 40 years, longer even than the World Wide Web, but ransomware is a different kind of threat, capable of crippling a company and damaging or destroying its…

Read more →

This article has been indexed from eSecurityPlanet This post has been updated for 2021. Passwords are the most common authentication tool used by enterprises, yet they are notoriously insecure and easily hackable. But even when passwords are secure, it’s not…

Read more →

This article has been indexed from eSecurityPlanet A surprising 91.5 percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations…

Read more →

This article has been indexed from eSecurityPlanet A previously unknown but highly skilled Chinese-speaking cyberespionage group is using sophisticated malware to attack government and private entities in Southeast Asia through a long-running campaign that targets systems running the latest versions…

Read more →

This article has been indexed from eSecurityPlanet The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released guidance and best practices for securing virtual private network (VPN) solutions. VPNs, an important security tool in an…

Read more →

This article has been indexed from eSecurityPlanet As the demand for robust security defense grows by the day, the market for cybersecurity technology has exploded, as well as the number of available solutions. To help you navigate this growing marketplace,…

Read more →

This article has been indexed from eSecurityPlanet Private equity firm Symphony Technology Group (STG) has been on a cybersecurity buying spree the last two years, acquiring RSA Security, McAfee’s enterprise business and Mandiant’s FireEye products business (see FireEye, Mandiant to…

Read more →

This article has been indexed from eSecurityPlanet Underground services are cropping up that are designed to enable bad actors to intercept one-time passwords (OTPs), which are widely used in two-factor authentication programs whose purpose is to better protect customers’ online…

Read more →

This article has been indexed from eSecurityPlanet Ransomware is everywhere these days, striking fear into the hearts of IT and business managers alike. And studies support that perception, showing ransomware growing in both prevalence and effectiveness. Recent research by Positive…

Read more →

This article has been indexed from eSecurityPlanet Microsoft Exchange is a frequent target of hackers, and often the attack vector is a well known vulnerability that a company just hasn’t gotten around to patching. To try to deal with that…

Read more →

This article has been indexed from eSecurityPlanet If you’re looking for a password manager for your business, Bitwarden and LastPass might be on your list of potential solutions. Both vendors will help you and your employees store access credentials, improve…

Read more →

This article has been indexed from eSecurityPlanet Rapid7 combines threat intelligence, security research, data collection, and analytics in its comprehensive Insight platform, but how does its detection and response solution – InsightIDR – compare to other cybersecurity solutions? While InsightIDR…

Read more →

This article has been indexed from eSecurityPlanet If May’s endpoint detection and response (EDR) MITRE evaluations weren’t proof enough, Cynet’s flagship platform – also featuring XDR and MDR capabilities – continues to receive industry recognition. Cynet 360 is the all-in-one…

Read more →

This article has been indexed from eSecurityPlanet Ransomware is one of the fastest-growing and most destructive cyber threats today. Cybersecurity researchers largely agree that ransomware growth has been astronomical; the only question is by how much. A recent Positive Technologies…

Read more →

This article has been indexed from eSecurityPlanet Backup has in some sense always been about the security of data. In the event of a data loss or disaster, you could turn to your backup to retrieve the data. But these…

Read more →

This article has been indexed from eSecurityPlanet Effective encryption has long been critical for protecting sensitive enterprise data, but as hackers increasingly leverage encrypted channels to access and traverse enterprise networks, secure traffic decryption is also key to assessing potential…

Read more →

This article has been indexed from eSecurityPlanet Cybercriminals are targeting Linux-based servers running Microsoft’s Azure public cloud environment that are vulnerable to flaws after Microsoft didn’t automatically apply a patch on affected clients in its infrastructure. According to cybersecurity firm…

Read more →

This article has been indexed from eSecurityPlanet The number of employees working remotely skyrocketed during the COVID-19 pandemic, and many companies appear likely to continue with a hybrid work model when things return to normal. Remote work poses unique risks…

Read more →

This article has been indexed from eSecurityPlanet A significant part of hacking consists of diverting the function of existing systems and software, and hackers often use legitimate security tools to perform cyber attacks. Pentesting tool Cobalt Strike has been one…

Read more →

This article has been indexed from eSecurityPlanet OWASP security researchers have updated the organization’s list of the ten most dangerous vulnerabilities – and the list has a new number one threat for the first time since 2007. The last update…

Read more →

This article has been indexed from eSecurityPlanet An investigation by McAfee researchers into a case of a suspected malware infection uncovered a cyber attack that had been sitting in the victim organization’s network for years stealing data. The investigators said…

Read more →

This article has been indexed from eSecurityPlanet Microsoft for the past few years has been among the loudest vendors calling for a security future that doesn’t include passwords. In 2018, the software giant took the step of doing away with…

Read more →

This article has been indexed from eSecurityPlanet Tape vendors have been promoting themselves as a solution to the ransomware problem because of their ability to provide air-gapped data backup, but trying to recover terabytes of data from a tape drive…

Read more →

This article has been indexed from eSecurityPlanet Apple continues to be haunted by spyware developed by an Israeli security firm that hostile governments used to hack into Apple devices to spy on journalists, activists and world leaders (see Apple Security…

Read more →

This article has been indexed from eSecurityPlanet Key features in a top threat intelligence platform include the consolidation of threat intelligence feeds from multiple sources, automated identification and containment of new attacks, security analytics, and integration with other security tools…

Read more →

This article has been indexed from eSecurityPlanet Palo Alto Networks (PANW) is bringing its enterprise-class security to small business and home markets with Okyo, a Wi-Fi 6 hardware device announced today. At $349 a year, the security and router system…

Read more →

This article has been indexed from eSecurityPlanet From the very beginning of the cloud computing era, security has been the biggest concern among enterprises considering the public cloud. For many organizations, the idea of storing data or running applications on…

Read more →

This article has been indexed from eSecurityPlanet In a year where ransomware has raised the alert levels everywhere, the go-to answer from many is redundancy through offline, remote backups – but are they enough? Backups are a critical component of…

Read more →

This article has been indexed from eSecurityPlanet It was a short hiatus for the REvil ransomware group that signed off in July following several high-profile attacks by the Russia-based crew on such companies as global meat processor JBS and tech…

Read more →

This article has been indexed from eSecurityPlanet In the latest lesson about the importance of patching, the credentials for 87,000 Fortinet FortiGate VPNs have been posted on a dark web forum by hackers. Fortinet confirmed the veracity of the hackers’…

Read more →

This article has been indexed from eSecurityPlanet A critical vulnerability discovered in the open-source load balancer and proxy server HAProxy could enable bad actors to launch an HTTP Request Smuggling attack, which would let them bypass security controls and gain…

Read more →

This article has been indexed from eSecurityPlanet There just aren’t enough cybersecurity pros to go around, meaning that people with the right skills and enough dedication have plenty of opportunities to land rewarding and lucrative jobs. And with that well…

Read more →

This article has been indexed from eSecurityPlanet The cybercriminal gang behind the Ragnar Locker ransomware attacks is threatening victims that it will go public with data captured in an attack if they contact law enforcement agencies or hire negotiators. The…

Read more →

This article has been indexed from eSecurityPlanet Zero day threats can be the source of some of the most dangerous kinds of cyberattacks. Zero day attacks take advantage of vulnerabilities that haven’t been discovered or are not publicly known yet.…

Read more →

This article has been indexed from eSecurityPlanet Cybercriminals are using Salesforce’s mass email service to dupe people into handing over credit card numbers, credentials and other personal information in a novel phishing campaign that highlights the threats to corporate networks…

Read more →

This article has been indexed from eSecurityPlanet Domain-based Message Authentication, Reporting, and Conformance (DMARC) began gaining traction a few years ago as a way to validate the authenticity of emails. Now it may have an even more important role to…

Read more →

This article has been indexed from eSecurityPlanet 5G is on the cusp of widespread adoption. Consumers and organizations are enthused about the operational benefits of more robust mobile connectivity, but the shift to 5G networks doesn’t come without risks. Service…

Read more →

This article has been indexed from eSecurityPlanet The LockFile ransomware family has made an impression in the relatively short amount of time it’s been around. The malware garnered a lot of attention over the past several months after being detected…

Read more →

This article has been indexed from eSecurityPlanet The COVID pandemic has highlighted the challenges of ensuring security across an expanding enterprise network forced to support more and more remote workers, an ever-increasing diversity of devices, and frequent mobility. Praveen Jain,…

Read more →

This article has been indexed from eSecurityPlanet Some of the biggest names in tech are promising to spend more than $30 billion to bolster cybersecurity capabilities, from securing the supply chain and expanding the adoption of the zero trust model…

Read more →

This article has been indexed from eSecurityPlanet Cyberattacks caused by supply chain vulnerabilities mean organizations need a renewed perspective on how to address third-party security. In a developing market, third-party risk management (TPRM) software and tools could be the answer…

Read more →

This article has been indexed from eSecurityPlanet Microsoft this week issued an advisory about three vulnerabilities referred to collectively as ProxyShell days after security researchers at a federal government cybersecurity agency warned that cybercriminals were actively trying to exploit them.…

Read more →

This article has been indexed from eSecurityPlanet Cyberattacks are becoming more sophisticated all the time. From phishing scams to ransomware and botnets, it’s hard to keep up with the latest methods that cybercriminals use.  It’s not just about stopping unwanted…

Read more →

This article has been indexed from eSecurityPlanet There’s a lot of code in the world, and a lot more is created every day. The browser you’re reading this article on is likely supported by millions of lines of code. And…

Read more →

This article has been indexed from eSecurityPlanet Zero trust architecture is an emerging technology in cybersecurity that offers an alternative to the traditional castle-and-moat approach to security. Instead of focusing only on your perimeter to defend against attacks from the…

Read more →

This article has been indexed from eSecurityPlanet Software vulnerabilities are a grave threat to the security of computer systems. They often go undetected for years until it is too late and the consequences are irreversible. In order to find these…

Read more →

This article has been indexed from eSecurityPlanet Amazon Web Services has unveiled a revamped competency for managed security service providers (MSSPs) that is intended to make it simpler for end customers to identify AWS partners that have the most security…

Read more →

This article has been indexed from eSecurityPlanet Ransomware attackers, who use myriad methods to get their malware into the systems of businesses large and small in hopes of pulling down millions of dollars, are now going directly to the source.…

Read more →

This article has been indexed from eSecurityPlanet Cloudflare last month fought off a massive distributed denial-of-service (DDoS) attack by a botnet that was bombarding 17.2 million requests per second (rps) at one of the internet infrastructure company’s customers in the…

Read more →

This article has been indexed from eSecurityPlanet Update: T-Mobile USA officials have confirmed that the records of 47.8 million current, former and prospective customers were stolen in a “highly sophisticated cyberattack” late last week. That number is half what hackers…

Read more →

This article has been indexed from eSecurityPlanet T-Mobile USA officials have confirmed they are investigating a breach of company systems, but say it’s too early to tell whether the personal data of 100 million customers has been exposed, as the…

Read more →

This article has been indexed from eSecurityPlanet A phishing campaign that Microsoft security researchers have been tracking for about a year highlights not only the ongoing success of social engineering efforts by hackers to compromise systems, but also the extent…

Read more →

This article has been indexed from eSecurityPlanet As the demand for robust security defense grows by the day, the market for cybersecurity technology has exploded, as well as the number of available solutions. To help you navigate this growing marketplace,…

Read more →

This article has been indexed from eSecurityPlanet If you’re shopping for an enterprise VPN, there’s a good chance NordVPN and ExpressVPN are on your list. Both vendors offer competitive VPN solutions that enable you and your employees to use the…

Read more →

This article has been indexed from eSecurityPlanet SIEM solutions can be expensive and difficult to manage, so one company built its own – and is pleased with the results. At last week’s Black Hat USA, NYC-based financial technology firm Two…

Read more →

This article has been indexed from eSecurityPlanet For everything from minor network infractions to devastating cyberattacks and data privacy troubles, digital forensics software can help clean up the mess and get to the root of what happened. Since the inception…

Read more →

This article has been indexed from eSecurityPlanet 1Password and LastPass are probably at the top of your list for password managers, but which one is the best for you? They both do a great job of protecting your employees’ passwords…

Read more →

This article has been indexed from eSecurityPlanet Accenture officials are saying they staved off a ransomware attack this week by a cybercriminal ring using the LockBit malware even as the hacker group claimed to have captured data from the massive…

Read more →

This article has been indexed from eSecurityPlanet As users have increasingly moved from desktop operating systems to mobile devices as their primary form of computing, cyber attackers have taken notice and malware has followed. While the total volume of mobile…

Read more →

This article has been indexed from eSecurityPlanet Cybercriminals using an IP address in China are trying to exploit a vulnerability disclosed earlier this month to deploy a variant of the Mirai malware on network routers affected by the vulnerability, according…

Read more →

This article has been indexed from eSecurityPlanet A malicious advertising campaign originating out of Eastern Europe and operating since at least mid-June is targeting Internet of Things (IoT) devices connected to home networks, according to executives with GeoEdge, which offers…

Read more →

This article has been indexed from eSecurityPlanet Password managers play an important role in maintaining a strong security profile, and LastPass is certainly on our list of Best Password Managers & Tools for 2021. However, LastPass isn’t a perfect solution…

Read more →

This article has been indexed from eSecurityPlanet Open source security has been a big focus of this week’s Black Hat conference, but no open source security initiative is bolder than the one proffered by the Open Source Security Foundation (OpenSSF).…

Read more →

This article has been indexed from eSecurityPlanet Two of the largest government security agencies are laying out the key cyberthreats to Kubernetes, the popular platform for orchestrating and managing containers, and ways to harden the open-source tool against attacks. In…

Read more →

This article has been indexed from eSecurityPlanet At Black Hat and Def Con this week, SafeBreach security researchers Peleg Hadar and Tomer Bar will demonstrate two new tools developed to automate the discovery of zero-day vulnerabilities. Both announcements highlight the…

Read more →

This article has been indexed from eSecurityPlanet Administrators overseeing the Python Package Index (PyPI) in recent days found themselves responding to vulnerabilities found in the repository of open source software, the latest security problems to hit the Python community. Most…

Read more →

This article has been indexed from eSecurityPlanet It seems that no matter how many security technologies, network perimeters, and intrusion prevention safeguards are erected, the bad guys somehow find a means of entry. Enter microsegmentation as a way to minimize…

Read more →

This article has been indexed from eSecurityPlanet As Europol celebrated the fifth anniversary of its anti-ransomware initiative this week, menacing new ransomware threats made it clear that the fight against cyber threats is never-ending. The EU law enforcement cooperation agency…

Read more →

This article has been indexed from eSecurityPlanet Social engineering is a common technique that cybercriminals use to lure their victims into a false sense of security. Usually, social engineering involves impersonation, deception, and psychological manipulation that ultimately creates an environment…

Read more →

This article has been indexed from eSecurityPlanet The FBI and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) joined counterparts in the UK and Australia today to announce the top 30 vulnerabilities exploited since the start of the pandemic. The…

Read more →

This article has been indexed from eSecurityPlanet Whether perceived or real, a lack of understanding about blockchain technology has slowed the adoption of advanced distributed database technology in the past decade. As the tide turns and more organizations find ways…

Read more →

This article has been indexed from eSecurityPlanet The LemonDuck malware that for the past couple of years has been known for its cryptocurrency mining and botnet capabilities is evolving into a much broader threat, moving into new areas of cyber…

Read more →

This article has been indexed from eSecurityPlanet LastPass is password management software that’s been popular among business and personal users since it was initially released in 2008. When it was acquired by LogMeIn Inc. in 2015, it became part of…

Read more →

This article has been indexed from eSecurityPlanet A pair of vulnerabilities in the Linux kernel disclosed this week expose major Linux operating systems that could let a hacker either gain root privileges on a compromised host or shut down the…

Read more →

This article has been indexed from eSecurityPlanet Microsoft is struggling through a rough July for security issues even as the company continues to add more cybersecurity capabilities through acquisitions. The software giant earlier this month issued an emergency update in…

Read more →

This article has been indexed from eSecurityPlanet When millions of people around the world were sent home to work at the onset of the global COVD-19 pandemic, they left behind not only empty offices but also a host of Internet…

Read more →

This article has been indexed from eSecurityPlanet Reports that the NSO Group’s Pegasus spyware was used by governments to spy on Apple iPhones used by journalists, activists, government officials and business executives is becoming a global controversy for NSO, Apple…

Read more →

This article has been indexed from eSecurityPlanet A group of technology luminaries have launched an effort to find and train a new generation of cybersecurity talent, an effort that will gain steam tomorrow with The Cyber Talent CIO Forum. The…

Read more →