Tag: Heimdal Security Blog

Hackers leaked 2.7 billion data records containing personal information belonging to citizens of the United States for free, on a dark forum. The attackers claim they had exfiltrated the data from the National Public Data. The type of data in…

Read more →

Microsoft revealed that it had patched a critical SmartScreen zero-day vulnerability two months ago, during June 2024, on Patch Tuesday. Hackers had been exploiting the flaw in the wild as a zero-day since March 2024. More about the SmartScreen zero-day…

Read more →

In 2021, it was revealed that a group of hackers dubbed ‘LightBasin’ had compromised over a dozen telecom firms around the world. Their activity had been going on, undetected, for at least five years. This breach is a classic example…

Read more →

If you’re looking for external help with your organization’s security posture, one of the big decisions to make is whether you’ll go with generalists or specialists. On one hand, you could opt to work with a managed security service provider…

Read more →

Cybersecurity researchers have found a brand-new “0.0.0.0 Day” that affects all popular web browsers and that malevolent websites might use to compromise local networks. It is reported that the vulnerability exposes a fundamental flaw in how browsers handle requests, potentially…

Read more →

The American building security company, ADT, announced that it had been the victim of a data breach. Threat actors allegedly broke into certain of ADT’s systems and stole customer information, the company claims in a Form 8-K regulatory document it…

Read more →

The Hunters International ransomware gang targets IT professionals with SharpRhino remote access trojan (RAT). The malware spoofs the installer of Angry IP Scanner, an ethical hacking tool. Hunters International is a top 10 ransomware group that shares code similarities with…

Read more →

So, you’ve got together a team of security experts. You have a business plan for your managed security service provider (MSSP) company. You’ve identified a target market, chosen a security framework – and maybe you even have potential customers lined…

Read more →

The StormCloud Chinese threat group used a compromised Internet Service Provider (ISP) to distribute malware that spoofed software updates. The attackers exploited a vulnerable HTTP software system that failed to authenticate digital signatures. The DNS spoofing campaign impacted Windows and…

Read more →

Today’s organizations rely on a more diverse array of devices than ever before. From laptops to desktops, smartphones to smart devices, IoT and more… the list goes on. This leaves a huge cybersecurity risk for those organizations that can’t inventory,…

Read more →

While Fortinet offers strong endpoint protection and good integration, it has a few drawbacks including management complexities and also lacks OS compatibility checks. This article reviews the top 10 competitors and alternatives to Fortinet, showcasing options that might provide better…

Read more →

For many cybersecurity professionals, there comes a time when you need to weigh up outsourcing security to a Managed Security Service Provider (MSSP), versus keeping those tasks in-house by building your own Security Operations Center (SOC). So, we will be…

Read more →

More than 35,000 registered domains have been hijacked by threat actors in so-called Sitting Ducks attacks that allow claiming a domain without having access to the owner’s account at the DNS provider or registrar. Cybercriminals utilize inadequate ownership verification at…

Read more →

Endpoint detection and response (EDR) is one of the most important and fundamental cybersecurity products on the market. Effectively, it acts as a modern-day, cloud-based defense against viruses, malware, and a whole range of other real-time cyber threats. And of…

Read more →

Microsoft researchers revealed that ransomware threat groups exploit the VMware ESXi vulnerability CVE-2024-37085 for mass encryption. The researchers discovered the VMware ESXi authentication bypass vulnerability on June 25. After that, VMware released a fix in the ESXi 8.0 U3 version.…

Read more →

DigiCert announced they’ll revoke 83,267 SSL/TLS certificates impacting 6,807 subscribers due to an issue of DNS-based validation. The Certificate Authority organization required the affected customers to reissue their certificates within 24 hours. Then set the deadline for August 3rd, to…

Read more →

DNS security risks are everywhere, and the stats show it too. A 2021 IDC survey of over 1,100 organizations across North America, Europe, and the Asia Pacific revealed that 87% had encountered DNS attacks. The average cost per attack was…

Read more →

Did you know, the average employee today uses 2.5 devices to carry out their work? Across businesses, this can add up to hundreds or even thousands of bits of kit. One 2021 study in the UK found two-thirds of large…

Read more →

Threat actors are exploiting publicly known exploits to chain together ServiceNow flaws in order to infiltrate government organizations and commercial companies in data theft campaigns. Security researchers monitored the malicious activity and identified multiple victims, including government agencies, data centres,…

Read more →

Qualys is one of the leading vulnerability, patch, and compliance management providers.  While Qualys has long been a leader in cloud-based cybersecurity (it launched in 1999), it’s not suitable for everyone. It can be expensive, its scanning process can be…

Read more →