CISA warns that most of the top routinely exploited vulnerabilities during 2023 were zero-days. The FBI, the NSA, and 5 other cybersecurity authorities, like the UK’s National Cyber Security Centre (NCSC), were also partners in releasing The 2023 Top Routinely…
Category: Heimdal Security Blog
Top 10 Flexera Competitors and Alternatives for Patch Management
Flexera is a popular choice for gaining visibility across multiple clouds. But you’ll need a few more capabilities to manage all your IT devices and keep software up to date. IT asset management should cover everything from online platforms to…
What Is a Privileged Access Workstation?
A Privileged Access Workstation (PAW) is a secure computer built to safeguard sensitive tasks and privileged accounts. IT admins and security teams use PAWs to manage critical systems like the Active Directory. They also use them to access cloud services,…
Google To Make MFA Mandatory for Google Cloud in 2025
Google has recently announced that it plans to implement mandatory multi-factor authentication (MFA) on all Cloud accounts by the end of 2025. Google argues that MFA strengthens security without sacrificing a smooth and convenient online experience. It is reported that…
Threat Actors Hijack Windows Systems Using the New SteelFox Malware
A new malware named ‘SteelFox’ is actively used by threat actors to mine cryptocurrency and steal credit card data. The malware leverages the BYOVD (Bring Your Own Vulnerable Device) technique to obtain SYSTEM privileged on Windows machines. SteelFox is distributed…
How to Build a Healthy Patch Management Program
Any cybersecurity professional will know that regularly patching vulnerabilities is essential to protecting a network. Keeping apps, devices, and infrastructure up to date closes ‘back doors’ into your environment. But most cybersecurity professionals will also know there’s a big gap…
Why having too many cybersecurity point solutions is risky
“We have so many solutions now to solve single issues in our companies that the number of security solutions is becoming a risk itself” – Thomas Baasnes, Cybersecurity Director at Verdane. How many cybersecurity point solutions does your organization use?…
How to Build a Healthy Patch Management Program?
Any cybersecurity professional will know that regularly patching vulnerabilities is essential to protecting a network. Keeping apps, devices, and infrastructure up to date closes ‘back doors’ into your environment. But most cybersecurity professionals will also know there’s a big gap…
IntelBroker Claims Selling Nokia’s Source Code on BreachForums
Nokia is investigating a potential data breach after Serbian hacker IntelBroker claimed to sell the company’s source code. The attacker said he got the data by breaching one of the telecom giant’s third-party vendor. In his post on BreachForums, he…
Interlock Ransomware Specifically Targets FreeBSD Servers
Interlock ransomware operators created an encryptor meant to target FreeBSD servers. This is a practice that hackers often use in attacks on VMware ESXi servers and virtual machines. Now, the security researchers analyzed a sample of the FreeBSD ELF encryptor…
Heimdal and COOLSPIRiT Team Up to Strengthen UK Business Cybersecurity
LONDON, United Kingdom, 6 November 2024 – Heimdal, a leading provider of advanced cybersecurity solutions, and COOLSPIRiT, a UK-based expert in data management and IT infrastructure, are pleased to announce a strategic partnership to deliver cutting-edge security technologies to businesses…
Schneider Electric Investigates Cybersecurity Incident
Schneider Electric, a French multinational specializing in energy management and automation solutions, has confirmed a cybersecurity incident involving unauthorized access to one of its internal project execution tracking platforms. The breach was reported after a threat actor known as “Grep”…
10 Best Darktrace Alternatives & Competitors in 2024 [Features, Pricing & Reviews]
Looking for Darktrace alternatives can feel like hunting for missing puzzle pieces. Yes, Darktrace does a good job at detecting network threats. But these days, you must consider covering various protection layers to secure your system. Endpoint detection and response,…
Heimdal® Supports MSP Compliance Efforts with Fourth Consecutive ISAE 3000 SOC 2 Type II Certification
COPENHAGEN, Denmark, November 4, 2024 – Heimdal is proud to announce that it has once again secured the ISAE 3000 SOC 2 Type II certification, marking the fourth consecutive achievement of this prestigious accreditation, further solidifying its role in supporting…
EU Adopts New Cybersecurity Rules for Critical Infrastructure Under NIS2 Directive
The European Commission has adopted new cybersecurity rules for critical infrastructure across the EU, taking a major step toward enhancing digital resilience. This implementing regulation under the updated NIS2 Directive specifies cybersecurity measures for essential sectors and outlines when companies…
Microsoft Reveals Chinese Threat Actors Use Quad7 Botnet to Steal Credentials
Microsoft warns that Chinese threat actors steal credentials in password-spray attacks by using the Quad7 (7777) botnet, which is made up of hijacked SOHO routers. Quad7 is a botnet that consists of compromised SOHO routers. Cybersecurity specialists reported that the…
Microsoft Warns: Midnight Blizzard’s Ongoing Spear-Phishing Campaign with RDP Files
An ongoing spear-phishing campaign is affecting a variety of companies, including governmental agencies. According to Microsoft, the Russian APT group Midnight Blizzard (also known as APT29, UNC2452, and Cozy Bear) is behind the attacks. The same threat actors breached the…
How to Implement Patch Management Software
Deploying patches is time-consuming, tedious, and uses up a lot of resources. No wonder many IT employees see it as drudge work. The good news is there’s a smarter way to do it: by implementing patch management software. Key takeaways:…
Understanding DNS MX Records and Their Role in Email Security
DNS MX records are a key element in delivering an email successfully to its rightful recipient. But have you ever wondered what it takes to deliver an email? When sending an email, a lot happens within fractions of seconds to…
RCE Flaw Exposes 22,000 CyberPanel Instances to PSAUX Ransomware
Hackers exploited an RCE flaw to target over 22,000 CyberPanel servers with PSAUX ransomware. Nearly all CyberPanel instances went offline as a result. Researchers said that in fact there are three vulnerabilities in CyberPanel versions 2.3.6 and 2.3.7 that allowed…
New Qilin Ransomware Variant Spotted by Cybersecurity Researchers
A new version of the Qilin ransomware was discovered by cybersecurity researchers. The new version comes with increased sophistication and tactics to evade detection. The new variant is being tracked as Qilin.B by researchers at Halcyon and it notably supports…
UnitedHealth: 100 Million Individuals Affected by the Change Healthcare Data Breach
UnitedHealth confirms for the first time that over 100 million people had their personal information and healthcare records stolen during the Change Healthcare ransomware attack. Change Healthcare initially published a data breach notification warning in June, stating that a ransomware…
Why Is Privileged Access Management (PAM) Important?
Is your organization planning to implement a privileged access management (PAM) solution? If you already have passwords, an anti-virus, and a firewall, you might be wondering why you need to implement another cybersecurity technology. This article will help you understand…
NotLockBit Ransomware Targets Both Windows and MacOS
Researchers warn that NotLockBit, a new malware family mimicking LockBit ransomware, can impact Windows and macOS systems. The malware appears to be the first fully functional ransomware targeting macOS systems, moving beyond previous proof-of-concept (PoC) samples. What is NotLockBit Ransomware…
CISA Proposes Stronger Security Requirements to Protect Sensitive Data
CISA pushes for stronger security requirements to safeguard sensitive personal and government-related data from foreign adversaries. The need to implement Executive Order 14117, signed by President Biden in February 2024, is what triggered the Cybersecurity and Infrastructure Security Agency’s (CISA)…
Microsoft Reveals Loss of Customer Security Logs for a Month
Microsoft is alerting business clients to a flaw that resulted in critical logs being partially lost for nearly a month. This puts at risk businesses who depend on this data to identify unwanted activity. Microsoft is alerting enterprise customers that…
Free & Downloadable User Access Review Policy Template – 2024
Managing access to sensitive systems and data is more crucial than ever. Organizations across all industries face significant challenges in ensuring that their security measures keep pace with the complexities of user access management. To address these challenges, we’ve developed…
What Are Managed Security Services: Benefits and Solutions
Managed Security Services (MSS) refers to outsourcing security functions to a specialized provider. All MSS main types aim to offer top technology and expertise at a convenient price. Not all of them are a good match to your company. Let’s…
CISA: Threat Actors Exploit F5 BIG-IP Cookies for Network Reconnaissance
The F5 BIG-IP Local Traffic Manager (LTM) module is used by threat actors to manage unencrypted persistent cookies, which the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is alerting users to as a means of network surveillance. The advisory stated…
7 Privileged Access Management (PAM) deployment mistakes to avoid
Privileged Access Management (PAM) deployment isn’t always successful. And on Reddit, SysAdmins aren’t holding back: It’s overkill and I hate it PAM is expensive and difficult to implement I can say that it is hot garbage with every ounce of…
Job Scams Report – 2,670 Social Media Posts Reveal Scammers’ Top Tactics
Although job platforms and social networking sites work hard to combat fake listings, scammers consistently find new ways to bypass security measures. These fraudulent listings often go public, putting job seekers at serious risk. We reviewed 2,670 posts and comments…
Top 10 Managed Service Providers in New Jersey for 2024
New Jersey, often seen as the corridor between New York and Philadelphia, is not only a strategic location for businesses but also a hub for technology services, including top Managed Service Providers. Managed Service Providers play a crucial role in…
Top 10 SentinelOne Competitors & Alternatives in 2024 [Features, Pricing & Reviews]
SentinelOne shines in endpoint detection and response, but EDR is just one piece of the in-depth defense puzzle. Choosing the right cybersecurity solution is key to safeguarding your systems. To fully protect your network, cloud, or email, you’ll need more…
New CUPS Vulnerability Can Amplify DDoS Attacks: Patch Now!
A newly discovered vulnerability in the open-source CUPS (Common Unix Printing System) printing system can be used by threat actors to launch DDoS attacks with a 600x amplification factor. Known as CVE-2024-47176, the security flaw in the cups-browsed daemon can…
The Complete Guide to PAM Tools, Features, And Techniques
Privileged access management is one of the most important topics in cybersecurity – yet it can be a minefield to get right. For hackers, elevated permissions are one of the absolute best ways to plan and execute a successful account.…
Admin Rights in Action: How Hackers Target Privileged Accounts
Admin rights are one of the most important and fundamental aspects of cybersecurity. Without elevated permissions, hackers will have a hard time stealing your data or disrupting your services. For that reason, they’re often trying to gain access to an…
Ransomware Attack Disrupts UMC Health System Activity
UMC Health System was hit by a ransomware attack at the end of September. The attack caused the healthcare institution to divert patients to other clinics. Initially, the healthcare provider was unable to process messages from the patient portal. Also,…
Test before patching. Windows update KB5043145 turns computers unstable
System Administrators warn that an optional Windows 11 update released on September 23rd creates issues for some computers. The cumulative update preview for Windows 11 Version 23H2 for x64-based systems brought new features for the Start menu, taskbar, and lock…
Why Is IT Forcing You to Patch Your Software? Understand the Importance of Patching
Most people today have at least some experience with patching. If you own a smartphone, you will be familiar with Android or iOS updates. Same goes with the apps on your phone. Whether you use banking, travel or social media…
Zen and the Art of Modern Patch Management: How to Eliminate Stress, Improve Security, and Streamline IT Operations
Patch management is stressful. In one of our Heimdal webinars, we ran a snap poll with sysadmins about how they find the patch management process. The results confirm what most of us already know: the vast majority (93%) have experienced…
EDR vs. SIEM: Key Differences, Features, Functionality Gaps, and More
When it comes to threat detection, it’s important to get the right tools for the job. Unfortunately, that can be easier said than done. Whether it’s a SIEM, EDR, XDR, MDR, or any of a whole other range of confusing…
Heimdal and emt Distribution Aim to Dominate the Middle East Cybersecurity Market
COPENHAGEN, Denmark, and Dubai, UAE, September 30, 2024 – Heimdal and emt Distribution announce a strategic partnership that combines Heimdal’s advanced cybersecurity solutions with emt Distribution’s deep market expertise. The collaboration will deliver sophisticated yet user friendly products to the…
CISA Warns: Industrial Systems Targeted by Threat Actors Using Unsophisticated Methods
In their latest advisory, CISA warns about the dangers of threat actors trying to breach the networks of critical infrastructure by targeting Internet-exposed industrial devices using ‘unsophisticated’ methods such as brute force attacks and default credentials. Details From the Advisory…
Top 10 Managed Service Providers in New York for 2024
The bustling metropolis of New York is not only a hub for finance, media, and culture but also a dynamic space for technology services, including top Managed Service Providers. Managed Service Providers (MSPs) play a pivotal role in supporting businesses…
Cyberattack Forces Kansas Water Plant to Operate Manually
The water supply system of Arkansas City, Kansas, activated manual operation mode to contain a cyberattack. The security team discovered the attack on Sunday morning. City authorities say the water supply remains safe and there are no service disruptions. FBI…
Kaspersky Self-Deletes and Force-Installs UltraAV on Users’ Endpoints
Kaspersky deleted itself and deployed another antivirus instead without warning, say former US users. The Russian cybersecurity company will be banned from sales and software updates in the US, starting September 29th, 2024. In June this year, the U.S. government…
We analyzed 2,670 posts and comments from social media platforms. Here’s what we learned about job scams
Although job platforms and social networking sites work hard to combat fake listings, scammers consistently find new ways to bypass security measures. These fraudulent listings often go public, putting job seekers at serious risk. We reviewed 2,670 posts and comments…
Privileged Access Management Features: What You Need in Your PAM Solutions
Would you buy a car without checking if it has an engine? If you did, you’d wish you’d looked under the hood before investing. The same applies to privileged access management. Without the right controls, you expose yourself to bad…
[Free & Downloadable] Endpoint Security Policy Template – 2024
Endpoint devices, such as desktops, laptops, tablets, and smartphones, form the backbone of modern corporate infrastructure. They allow employees flexibility and access to essential resources, but they also present significant security risks if not managed properly. This Endpoint Security Policy…
Why DNS Security Is Important: 3 Real-life Use Cases
DNS security is important for protecting corporate networks from DDoS attacks, phishing, ransomware, and data breaches. The domain name system is the cornerstone of the Internet but is not safe by design. Multiple layers of protection — like DNSSEC and…
10 Best Huntress Alternatives & Competitors in 2024 [Features, Pricing & Reviews]
Choosing the right cybersecurity solution can make or break your defense strategy. While Huntress is a solid option, it has its drawbacks. Users say its reporting features could be better and that it has a steep learning curve. IT admins…
Windows MSHTML Platform Spoofing Vulnerability Exploited as Zero-Day
Microsoft revealed that hackers have exploited as zero-day a Windows MSHTML platform spoofing vulnerability for more than two months. The company released a patch for CVE-2024-43461, during the September Patch Tuesday. They didn’t know that hackers were exploiting this flaw…
How to Scale Your MSP from a Firm That Grew Revenue 440%
So, you’re running a reasonably successful MSP. You’re busy and have regular clients. Your profits, while not stellar, are good enough. You’ve got a decent reputation, not too much employee churn, and things are basically working fine. Let’s not minimize…
How MSPs Can Use the ‘Four Kinds of Luck’ to Succeed
When was the last time your business struck lucky? Perhaps a big new client contacted you out of the blue. Maybe you got talking to a stranger in a restaurant – and it turned out they needed support with IT.…
MSSPs – Why You Need a SOC Product And How to Choose the Right One
The last few years have seen a profound shift in the IT managed services market. Today, there is increasing customer demand for managed services providers (MSPs) and managed security services providers (MSSPs) to demonstrate their security and compliance credentials. To…
Microsoft Defender Endpoint Security vs. SentinelOne Singularity : Which One Should You Choose?
Are you considering investing in Microsoft Defender Endpoint Security or SentinelOne Singularity, but you are not sure which one? Choosing a cybersecurity solution is an important task that can even affect your overall business performance. Don’t worry! Knowing how important…
CrowdStrike Falcon vs. ESET Endpoint Security : Which One Should You Choose?
Are you considering investing in CrowdStrike Falcon or ESET Endpoint Security, but you are not sure which one? Choosing a cybersecurity solution is an important task that can even affect your overall business performance. Don’t worry! Knowing how important is…
CrowdStrike Falcon vs. Palo Alto Networks Cortex XDR : Which One Should You Choose?
Are you considering investing in CrowdStrike Falcon or Microsoft Defender Endpoint, but you are not sure which one? Choosing a cybersecurity solution is an important task that can even affect your overall business performance. Don’t worry! Knowing how important is…
CrowdStrike Falcon vs. IBM Security QRadar XDR : Which One Should You Choose?
Are you considering investing in CrowdStrike Falcon or Microsoft Defender Endpoint, but you are not sure which one? Choosing a cybersecurity solution is an important task that can even affect your overall business performance. Don’t worry! Knowing how important is…
CrowdStrike Falcon vs. Microsoft Defender Endpoint Security : Which One Should You Choose?
Are you considering investing in CrowdStrike Falcon or Microsoft Defender Endpoint, but you are not sure which one? Choosing a cybersecurity solution is an important task that can even affect your overall business performance. Don’t worry! Knowing how important is…
Cyberattack shuts down 34 Highline Public Schools for 3 days
A cyberattack on Highline Public Schools in Washington blocked educational activities for three days. 17,500 students in 34 schools from Washington State, as well as 2000 staff members, remained at home on September 9th. Because of this cyberattack, Highline Public…
Slim CD Data Breach Exposes Financial Data of almost 1.7 million People
Payment gateway provider Slim CD data breach compromised the credit card data of 1,693,000 US and Canadian users. The breach remained undetected for almost a year. Hackers breached Slim CD’s system in August 2023, but the company only detected suspicious…
Open XDR vs. Native XDR: A Selection Guide for Organizations
Open XDR vs native XDR is a recurring question in cybersecurity. Your guide through the decision process should be the company’s specific needs. Lack of information often makes choosing an XDR solution a slow process. Neglecting XDR because of indecisiveness…
Microchip Technology Confirms Data Was Stolen in August Cyberattack
American chip producer Microchip confirms that employee data was stolen during the cyberattack they suffered in August. The incident happened on August 17, and Microchip disclosed it on August 20, declaring that some of their manufacturing facilities had been affected.…
Russian Threat Actors Target Critical Infrastructure in the U.S. and Across the World
The Russian threat actors responsible for the worldwide attacks on key infrastructure, identified as Cadet Blizzard and Ember Bear, have been connected by the United States and its allies to Unit 29155 of the Main Directorate of the General Staff…
28 Zyxel Access Points and Router Vulnerable to OS Command Injection
Zyxel released updates to fix a critical vulnerability that impacts 28 access points (AP) and security router version. The Zyxel vulnerability is tracked as CVE-2024-7261 and has a 9.8 CVSS score, which is considered critical. The flaw enables hackers to…
Effective Privileged Access Management Implementation: A Step-by-Step Guide
Privileged access management (PAM) is a key part of modern cybersecurity. In simple terms, it’s the strategy you use to monitor and control access to the most sensitive assets or data – like confidential customer information or mission-critical servers. The…
Transport for London (TfL) Targeted in Cyberattack
Transport for London (TfL) announced on September 2nd that they have detected an ongoing cybersecurity incident. The attack did not disrupt services. For the moment, there is no evidence of the attackers succeeding to compromise customers data. TfL’s security team…
RansomHub Breached Over 200 Victims, the FBI Says
RansomHub ransomware affiliates have reportedly breached over 200 victims from a wide range of critical U.S. infrastructure sectors. This ransomware-as-a-service (RaaS) operation reached this milestone quickly, being first spotted in February 2024. The ransomware group specializes in data-theft-based extortion rather…
What Is XDR Threat Hunting?
Extended detection and response (XDR) products have become an increasingly common feature of the cybersecurity market in recent years. Today, they’re by far the most advanced option on the market for identifying and responding to emerging threats and sophisticated attacks.…
Top Cybersecurity Companies You Need to Know in 2024 (And How to Choose One)
Top cybersecurity companies play a pivotal role in addressing the financial impact of cybercrime, as evidenced by Cybersecurity Ventures’ forecast that in 2024, global cybercrime damage costs will reach $9.5 trillion USD annually, $793 billion USD monthly, and $182.5 billion…
Cybersecurity Companies Join Microsoft to Discuss Safe Deployment Practices following CrowdStrike Outage
Microsoft announced hosting a Windows Endpoint Security Ecosystem Summit on September 10th. The event aims to find ways of improving security and resiliency for joint customers. Discussions will take place at Microsoft’s headquarters in Redmond, Washington. Corporate Vice President Aidan…
Park’N Fly Data Breach Compromised Sensitive Data of 1 Million Customers
The Canadian airport parking company revealed that the Park’N Fly data breach impacted the data of 1 million customers. An unauthorized third party breached their network between July 11 and July 13. According to the company’s note to the impacted…
MSSPs: Why You Need a SOC And How to Choose the Right One for Your Business
The last few years have seen a profound shift in the IT managed services market. Today, there is increasing customer demand for managed services providers (MSPs) and managed security services providers (MSSPs) to demonstrate their security and compliance credentials. To…
EDR vs NGAV: Which Works Better for Your Organization?
Choosing between EDR and NGAV can feel like standing at a crossroads. Both NGAV and EDR solutions safeguard your organization from cyber threats but take a different approach. To make the right choice, you must understand what challenges they address…
Cybersecurity Solutions for Small and Medium Businesses (SMBs)
Small and medium businesses must prioritize cybersecurity to avoid financial, legal, and reputational risks. Using a unified cybersecurity platform or partnering with an MSSP offers effective, cost-efficient protection for endpoints and networks. This article will help you make an informed…
EDR vs NGAV: Which One Is Better For Your Organization?
Choosing between EDR and NGAV can feel like standing at a crossroads. Both safeguard your organization from cyber threats but take a different approach. To make the right choice, you must understand what challenges they address and how they integrate…
Cyberattack Disrupts Microchip Technology’s Activity
American microprocessor producer Microchip Technology Incorporated suffered a cyberattack last weekend. The incident impacted its systems and disrupted the workflow of some manufacturing units. On Saturday, August 17th, the IT team detected suspicious activities in their systems. The incident impacted…
How Should Your MSP Deal With the ‘Small Client Problem’?
The ‘small client problem’ is one of the most common issues that MSPs (and indeed, most service businesses) come up against. Small and medium-sized enterprises (SMEs) have far fewer resources than larger companies. They also tend not to fully appreciate…
Cyber Stressed! Top 3 MSP Cybersecurity Challenges [And How to Fix Them]
Running an MSP is an awesome job. You get to work with super smart people, solve intellectually stimulating problems, and make a measurable, positive difference to your customers’ businesses. But no one’s saying it’s all a bed of roses. There…
Heimdal and ViroSafe Partner to Strengthen Nordic Cybersecurity
COPENHAGEN, Denmark, August 19, 2024 – Heimdal has announced a strategic partnership with ViroSafe, one of Norway’s top IT security distributors. The collaboration will expand access to advanced cybersecurity solutions across Norway. Heimdal offers the widest range of cybersecurity tools…
SystemBC Malware Used to Target Users by Black Basta-Linked Threat Actors
“Multiple intrusion attempts” have been connected to an ongoing social engineering campaign purportedly tied to the Black Basta ransomware group, which aims to steal credentials and install a malware dropper named SystemBC. What Do We Know About the Operation? According…
2.7 billion Leaked Data Records Expose Personal Information of US People
Hackers leaked 2.7 billion data records containing personal information belonging to citizens of the United States for free, on a dark forum. The attackers claim they had exfiltrated the data from the National Public Data. The type of data in…
Microsoft Patched SmartScreen Zero-Day Without Announcing
Microsoft revealed that it had patched a critical SmartScreen zero-day vulnerability two months ago, during June 2024, on Patch Tuesday. Hackers had been exploiting the flaw in the wild as a zero-day since March 2024. More about the SmartScreen zero-day…
EDR Importance: Why Is EDR Important? (With Use Cases)
In 2021, it was revealed that a group of hackers dubbed ‘LightBasin’ had compromised over a dozen telecom firms around the world. Their activity had been going on, undetected, for at least five years. This breach is a classic example…
MDR vs MSSP: Key Differences and Full Guide
If you’re looking for external help with your organization’s security posture, one of the big decisions to make is whether you’ll go with generalists or specialists. On one hand, you could opt to work with a managed security service provider…
0.0.0.0 Day Vulnerability: An 18-Year-Old Flaw Actively Exploited by Threat Actors
Cybersecurity researchers have found a brand-new “0.0.0.0 Day” that affects all popular web browsers and that malevolent websites might use to compromise local networks. It is reported that the vulnerability exposes a fundamental flaw in how browsers handle requests, potentially…
ADT Breached: Customer Data Leaked on a Hacking Forum
The American building security company, ADT, announced that it had been the victim of a data breach. Threat actors allegedly broke into certain of ADT’s systems and stole customer information, the company claims in a Form 8-K regulatory document it…
RaaS Group Targets Corporate Networks with SharpRhino RAT
The Hunters International ransomware gang targets IT professionals with SharpRhino remote access trojan (RAT). The malware spoofs the installer of Angry IP Scanner, an ethical hacking tool. Hunters International is a top 10 ransomware group that shares code similarities with…
The Best MSSP Software You Should Consider Looking At in 2024
So, you’ve got together a team of security experts. You have a business plan for your managed security service provider (MSSP) company. You’ve identified a target market, chosen a security framework – and maybe you even have potential customers lined…
StormCloud Hacks ISP to Spread Malware Posing as Software Updates
The StormCloud Chinese threat group used a compromised Internet Service Provider (ISP) to distribute malware that spoofed software updates. The attackers exploited a vulnerable HTTP software system that failed to authenticate digital signatures. The DNS spoofing campaign impacted Windows and…
EDR Implementation: Essential Features, Considerations, And Best Practices
Today’s organizations rely on a more diverse array of devices than ever before. From laptops to desktops, smartphones to smart devices, IoT and more… the list goes on. This leaves a huge cybersecurity risk for those organizations that can’t inventory,…
10 Best Fortinet Competitors and Alternatives
While Fortinet offers strong endpoint protection and good integration, it has a few drawbacks including management complexities and also lacks OS compatibility checks. This article reviews the top 10 competitors and alternatives to Fortinet, showcasing options that might provide better…
MSSP vs. SOC – Key Considerations When Deciding Your Strategy
For many cybersecurity professionals, there comes a time when you need to weigh up outsourcing security to a Managed Security Service Provider (MSSP), versus keeping those tasks in-house by building your own Security Operations Center (SOC). So, we will be…
Sitting Ducks DNS Attacks Used to Hijack Over 35,000 Domains
More than 35,000 registered domains have been hijacked by threat actors in so-called Sitting Ducks attacks that allow claiming a domain without having access to the owner’s account at the DNS provider or registrar. Cybercriminals utilize inadequate ownership verification at…
8 EDR Best Practices You Need to Pay Attention to in 2024
Endpoint detection and response (EDR) is one of the most important and fundamental cybersecurity products on the market. Effectively, it acts as a modern-day, cloud-based defense against viruses, malware, and a whole range of other real-time cyber threats. And of…
Hackers Exploit Vmware ESXi Vulnerability in Ransomware Attacks
Microsoft researchers revealed that ransomware threat groups exploit the VMware ESXi vulnerability CVE-2024-37085 for mass encryption. The researchers discovered the VMware ESXi authentication bypass vulnerability on June 25. After that, VMware released a fix in the ESXi 8.0 U3 version.…
DigiCert Revokes 83,267 TLS Certificates Due to DNS Check Problem
DigiCert announced they’ll revoke 83,267 SSL/TLS certificates impacting 6,807 subscribers due to an issue of DNS-based validation. The Certificate Authority organization required the affected customers to reissue their certificates within 24 hours. Then set the deadline for August 3rd, to…
The Most Common DNS Security Risks in 2024 (And How to Mitigate Them)
DNS security risks are everywhere, and the stats show it too. A 2021 IDC survey of over 1,100 organizations across North America, Europe, and the Asia Pacific revealed that 87% had encountered DNS attacks. The average cost per attack was…
8 Benefits of Endpoint Detection & Response (EDR) You Should Know [2024]
Did you know, the average employee today uses 2.5 devices to carry out their work? Across businesses, this can add up to hundreds or even thousands of bits of kit. One 2021 study in the UK found two-thirds of large…