Category: Heimdal Security Blog

In an increasingly digital world, the threat of ransomware looms large over organizations of all sizes. However, the impact of ransomware attacks can vary significantly depending on the size of the targeted firm.  This article delves into the effects of…

Read more →

In the increasingly digitalized world that we live in, doing business without being connected 24/7 is almost unthinkable. Any medium to large organization needs to have an online way of displaying its products or services. It also needs a fast…

Read more →

The increasing frequency and size of ransomware attacks are becoming a huge concern for thousands of organizations globally. All over the world, threat actors take advantage of security vulnerabilities and encrypt data belonging to all sorts of organizations: from private…

Read more →

A data breach in the financial sector is one of the most impactful events in the cybersecurity landscape. That is because Banking, Financial Services, and Insurance (BFSI) institutions/ financial institutions safeguard and store not only our money but also very…

Read more →

As malware and attack techniques continue to evolve in sophistication, DNS IoCs help threat hunting teams to prevent ransomware attacks. Prioritizing threat hunting to prevent and mitigate advanced threats is critical to safeguarding an organization`s data and assets. The red…

Read more →

New vulnerability in GitHub puts more than 4,000 repositories at risk. The flaw turns the code packages vulnerable to repojacking attacks. After researchers reported the vulnerability to GitHub, the code hosting platform released a fix. Repository hijacking (repojacking) is a…

Read more →

Microsoft revealed a shift in tactics by an initial access broker known for its ties to ransomware groups. The threat actor is known as Storm-0324 and had formerly spread Sage and GandCrab ransomware. Storm-0324 recently moved from deploying ransomware to…

Read more →

New ransomware trends are on the rise as ransomware has emerged as one of the most formidable cyber threats in recent years, causing significant disruptions to businesses, governments, and individuals worldwide.  As we step into 2023 and beyond, it’s crucial…

Read more →

On September 12th, 2023, Mozilla released crucial security updates to address a critical Firefox zero day vulnerability. Security researchers also detected the flaw in the Thunderbird application. The zero-day was dubbed CVE-2023-4863 and has been actively exploited in the wild.…

Read more →

MGM Resorts International confirmed that a cyber incident has disrupted several of its critical systems, affecting its main website, online reservations, and in-casino services, including ATMs, slot machines, and credit card machines. The company revealed this via a statement on…

Read more →

Managed Extended Detection and Response (MXDR) is yet another step toward the perfect security solution. Researchers designed MXDR with two major vectors in mind. First, it had to keep up with the latest internal and external threats. Second, to protect…

Read more →

Patching, a highly necessary, yet sometimes neglected practice of resolving security risks related to vulnerabilities, can prove difficult for organizations of all sizes. You probably already know that a regular and well-defined patch management routine proactively ensures your systems function…

Read more →

The Ragnar Locker ransomware gang claims responsibility for the cyberattack on Mayanei Hayeshua hospital from Israel. The incident occurred in August 2023, and cybercriminals allegedly managed to steal 1TB of data. Now, the criminal gang threatens to leak all that…

Read more →

Chief Information Security Officers (CISOs) bear the responsibility of safeguarding their organizations against an ever-evolving array of cyber threats. Among a myriad of other challenges, Privileged Access Management (PAM) emerges as a pivotal domain. However, implementing PAM solutions involves navigating…

Read more →

Secured authentication to databases and systems is essential to enterprise cybersecurity management. According to the 2023 Data Breach Investigations Report, 82% of all breaches stem from human error, often due to mishandled or compromised login details that allow malicious entities…

Read more →

The Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform are both affected by a serious vulnerability that might allow remote attackers to counterfeit credentials and bypass authentication. Cisco BroadWorks is a cloud communication services platform used by…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a new critical-severity vulnerability to its KEV catalog. The issue is tracked as CVE-2023-33246 and it affects Apache’s RocketMQ distributed messaging and streaming platform. Exploiting the vulnerability is possible without authentication…

Read more →

Minneapolis Public Schools (MPS) recently disclosed the full extent of a data breach from earlier this year, affecting more than 105,000 individuals. The breach, initially attributed to the Medusa ransomware group, compromised a wide range of personal information. The Breach…

Read more →

ASUS routers have come under the spotlight due to three critical remote code execution vulnerabilities. These vulnerabilities pose a significant threat, with all three receiving a CVSS v3.1 score of 9.8 out of 10.0. They can be exploited remotely and…

Read more →

In the ever-evolving threascape, staying ahead of the latest vulnerabilities is crucial for individuals, organizations, and government institutions. This year, we have witnessed a plethora of vulnerabilities stretched across various software, hardware, and platforms. In this article, we will deep-dive…

Read more →