Category: Heimdal Security Blog

ESO Solutions, a key software provider for healthcare and emergency services, was the victim of a ransomware attack. This cyberattack led to unauthorized data access and encryption of various company systems. The breach, initially identified on September 28th, marked the…

Read more →

The National Security Agency (NSA) has unveiled its ‘2023 Cybersecurity Year in Review’. This document highlights the agency’s achievements in enhancing national security through cybersecurity. It emphasizes the value of NSA’s collaborations with U.S. government agencies, international allies, and the…

Read more →

The antivirus software stands as a critical defense line against cyber-attacks. To fully understand how it operates, it’s vital to understand the four distinct layers of antivirus security. Each layer contributes to the detection and neutralization of threats, ensuring a…

Read more →

The U.S. Justice Department (DoJ) announced on December 19th that the Federal Bureau of Investigations had disrupted the BlackCat ransomware threat group’s activity. The FBI offered a decryption tool to more than 500 affected victims. They also encourage potentially unknown…

Read more →

The Exploit Prediction Scoring System (EPSS) is a data-driven tool highlighting what vulnerabilities hackers will likely exploit. EPSS was created by a group of experts at the Forum of Incident Response and Security Teams (FIRST). Its purpose is to make…

Read more →

In a perfect world, you’d have the resources to defend yourself against every possible cybersecurity threat and vulnerability. The reality, however, is that even the largest organizations have limited resources to dedicate to cybersecurity. An effective security strategy, therefore, needs…

Read more →

The purpose of Heimdal®’s exercise is to analyze the complex dynamics between endpoint-based attacks, code-based vulnerabilities, and cyberattacks that leverage DNS in an attempt to establish a baseline for detection and response framework. To this end, we have analyzed two…

Read more →

Security researchers discovered a new JaskaGO malware stealer that can infect both Windows and macOS. JaskaGO uses various methods to persist in the infected system. Researchers observed various malware versions impersonating installers for legitimate software like CapCut video editor, AnyConnect,…

Read more →

Dena, the reputed German Energy Agency, is said to have fallen victim to the notorious LockBit ransomware group. The Dena cyberattack was revealed through a post on the threat actor’s dark web platform, where they disclose data breach incidents and…

Read more →

Researchers warn Lazarus threat actors still exploit known Log4j vulnerability to infect devices with new DLang malware strains. The new campaign, dubbed Operation Blacksmith, became active on March 23. Hackers target manufacturing, agricultural, and physical security companies that failed to…

Read more →

Toyota Financial Services (TFS) reveals that hackers stole their customers’ sensitive data in the last cyberattack. In November 2023, the Medusa threat group claimed the Toyota data breach and asked for a $8,000,000 ransom. The company did not seem to…

Read more →

This post is authored by Heimdal’s Valentin Rusu – Machine Learning Research Engineer and overall cybersecurity guru here at Heimdal. As an incident response manager himself, Valentin regularly coordinates security responses for companies of all shapes and sizes – including…

Read more →

Heimdal in partnership with Microsoft is addressing the needs of our customers and managed service providers through an advanced Next-Gen Antivirus (NGAV) upgrade. By leveraging Microsoft Defender and enhancing it with Heimdal Extended Threat Protection (XTP), our customers are shielded…

Read more →

Heimdal in partnership with Microsoft is addressing the needs of our customers and managed service providers through an advanced Next-Gen Antivirus (NGAV) upgrade. By leveraging Microsoft Defender and enhancing it with Heimdal Extended Threat Protection (XTP), our customers are shielded…

Read more →

Notorious North Korean hacking group, Lazarus, breached Taiwanese multimedia software company CyberLink and trojanized an installer to instead push malware in a complex supply chain attack, with the possibility of a worldwide reach. Activity that may have been connected to…

Read more →

Welltok, a Healthcare SaaS provider, has issued a warning about a significant data breach that compromised the personal information of nearly 8.5 million patients in the U.S. This breach occurred due to a cyberattack on a file transfer program used…

Read more →

Patch management involves distributing and applying updates to various endpoints, which is crucial in fixing software vulnerabilities or unforeseen system interactions.  60% of cyber incidents leading to covert data theft link to absent, misconfigured, or incompletely implemented patches.  A concerning…

Read more →

Organizations that want to avoid a security breach or attack naturally do everything in their power to avoid it from happening in the first place. The more proactive and preventative work you do, the higher your chance of avoiding an…

Read more →

Key Takeaways: Vulnerability prioritization is about deciding what to patch, and in what order.  Many organizations use unsatisfactory methods when prioritizing patches. Learn how a holistic, risk-based approach to vulnerability prioritization can improve patch management.  Find out how automated vulnerability…

Read more →

Researchers warn of an increase in NetSupport RAT (Remote Access Trojan) infections impacting education, government, and business services sectors. NetSupport Manager is a remote control and desktop management tool by NetSupport Ltd. Its initial role was to aid IT professionals…

Read more →