Tag: Heimdal Security Blog

An ongoing spear-phishing campaign is affecting a variety of companies, including governmental agencies. According to Microsoft, the Russian APT group Midnight Blizzard (also known as APT29, UNC2452, and Cozy Bear) is behind the attacks. The same threat actors breached the…

Read more →

Deploying patches is time-consuming, tedious, and uses up a lot of resources. No wonder many IT employees see it as drudge work. The good news is there’s a smarter way to do it: by implementing patch management software. Key takeaways:…

Read more →

DNS MX records are a key element in delivering an email successfully to its rightful recipient.  But have you ever wondered what it takes to deliver an email? When sending an email, a lot happens within fractions of seconds to…

Read more →

Hackers exploited an RCE flaw to target over 22,000 CyberPanel servers with PSAUX ransomware. Nearly all CyberPanel instances went offline as a result. Researchers said that in fact there are three vulnerabilities in CyberPanel versions 2.3.6 and 2.3.7 that allowed…

Read more →

A new version of the Qilin ransomware was discovered by cybersecurity researchers. The new version comes with increased sophistication and tactics to evade detection. The new variant is being tracked as Qilin.B by researchers at Halcyon and it notably supports…

Read more →

UnitedHealth confirms for the first time that over 100 million people had their personal information and healthcare records stolen during the Change Healthcare ransomware attack. Change Healthcare initially published a data breach notification warning in June, stating that a ransomware…

Read more →

Is your organization planning to implement a privileged access management (PAM) solution? If you already have passwords, an anti-virus, and a firewall, you might be wondering why you need to implement another cybersecurity technology. This article will help you understand…

Read more →

Researchers warn that NotLockBit, a new malware family mimicking LockBit ransomware, can impact Windows and macOS systems. The malware appears to be the first fully functional ransomware targeting macOS systems, moving beyond previous proof-of-concept (PoC) samples. What is NotLockBit Ransomware…

Read more →

CISA pushes for stronger security requirements to safeguard sensitive personal and government-related data from foreign adversaries. The need to implement Executive Order 14117, signed by President Biden in February 2024, is what triggered the Cybersecurity and Infrastructure Security Agency’s (CISA)…

Read more →

Microsoft is alerting business clients to a flaw that resulted in critical logs being partially lost for nearly a month. This puts at risk businesses who depend on this data to identify unwanted activity. Microsoft is alerting enterprise customers that…

Read more →

Managing access to sensitive systems and data is more crucial than ever. Organizations across all industries face significant challenges in ensuring that their security measures keep pace with the complexities of user access management. To address these challenges, we’ve developed…

Read more →

Managing access to sensitive systems and data is more crucial than ever. Organizations across all industries face significant challenges in ensuring that their security measures keep pace with the complexities of user access management. To address these challenges, we’ve developed…

Read more →

Managed Security Services (MSS) refers to outsourcing security functions to a specialized provider. All MSS main types aim to offer top technology and expertise at a convenient price. Not all of them are a good match to your company. Let’s…

Read more →

The F5 BIG-IP Local Traffic Manager (LTM) module is used by threat actors to manage unencrypted persistent cookies, which the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is alerting users to as a means of network surveillance. The advisory stated…

Read more →

Privileged Access Management (PAM) deployment isn’t always successful. And on Reddit, SysAdmins aren’t holding back: It’s overkill and I hate it PAM is expensive and difficult to implement I can say that it is hot garbage with every ounce of…

Read more →

Although job platforms and social networking sites work hard to combat fake listings, scammers consistently find new ways to bypass security measures. These fraudulent listings often go public, putting job seekers at serious risk. We reviewed 2,670 posts and comments…

Read more →

New Jersey, often seen as the corridor between New York and Philadelphia, is not only a strategic location for businesses but also a hub for technology services, including top Managed Service Providers.  Managed Service Providers play a crucial role in…

Read more →

SentinelOne shines in endpoint detection and response, but EDR is just one piece of the in-depth defense puzzle. Choosing the right cybersecurity solution is key to safeguarding your systems. To fully protect your network, cloud, or email, you’ll need more…

Read more →

A newly discovered vulnerability in the open-source CUPS (Common Unix Printing System) printing system can be used by threat actors to launch DDoS attacks with a 600x amplification factor. Known as CVE-2024-47176, the security flaw in the cups-browsed daemon can…

Read more →

Privileged access management is one of the most important topics in cybersecurity – yet it can be a minefield to get right. For hackers, elevated permissions are one of the absolute best ways to plan and execute a successful account.…

Read more →