Threat groups exploited two recent Atlassian Confluence vulnerabilities to deploy Cerber ransomware. On October 31st, Atlassian released security updates for both flaws and urged users to patch. Both flaws, CVE-2023-22518 and CVE-2023-22515, are ranked 10 which is the maximum risk…
Tag: Heimdal Security Blog
New DDoS Attacks Waves. Cybersecurity Expert Robertino Matausch Explains HTTP/2 Rapid Reset
If you switched from using HTTP/1 to HTTP/2 you`re a possible target of massive DDoS attacks. Hackers started recently to exploit a key feature of the HTTP/2 protocol. The vulnerability was called CVE-2023-44487. The HTTP/2 Rapid Reset DDoS attacks that targeted…
The Threat Is Real. MacOS Patching Keeps Your Apple Safe
Any device that runs code is vulnerable to hacking and so are MacOS machines. They need patching just as any other endpoint. Most Apple users would swear that Macs are immune to viruses and other malware. The truth is they`re…
How To Break The Metrics Mirage in Vulnerability Management
Meet Jeff. He’s the CISO of a mid-sized financial services company – and it’s his job to keep the organization safe from security attacks. Every week, he checks the graphs and dashboards in his SIEM (security information and event management)…
Privilege Overreach, the Lurking PAM Security Threat
Managing privileged access to internal resources is a challenge for organizations worldwide. If left unaddressed, it could lead to data breaches, downtime, and financial loss. Statistics show that 80% of data breaches seem to be caused by misuse of privileged…
Silent Safeguards – The Essence of ISO 27001 Controls
ISO 27001, sometimes referred to as ISO/IEC 27001 is an international standard that addresses organizational information security. Issued in 2005 and with a second revision in 2013, the ISO 27001 standard describes the Information Security Management Systems requirements for global…
Non-Bank Financial Firms Are to Report Breaches in Less Than 30 Days
The U.S. Federal Trade Commission (FTC) requires all non-banking financial institutions to report data breaches to FTC within 30 days. The amendment to the Safeguard Rule refers to security incidents that impact more than 500 people. Samuel Levine, Director of…
Lockbit Targeted Boeing with Ransomware. Data Breach Under Investigation
On October 27th, Lockbit claimed to have breached Boeing and threatened to leak a massive amount of sensitive data. Three days later, the threat group removed the aircraft company`s name from the victim list. At first, hackers posted a message…
Toronto Public Library Under Cyberattack
Canada’s largest public library system reported a cyberattack that took down its website, member services pages, and limited access to its digital collections. The Toronto Public Library provides more than 12 million items across 100 branches to more than 1.2…
Separation of Privilege (SoP) 101: Definition and Best Practices
Separation of privilege is splitting up tasks and assigning rights to different parts of a system. It means that user privileges are segmented between various users and accounts, but you can also apply it to applications, system sub-components, tasks, and processes.…
Heimdal® Announces New Partnership with ResenNet, displacing ResenNet’s long-standing RMM provider, N-able
[Copenhagen, Denmark – October 2023] – Heimdal, the pioneer and leading provider of unified cybersecurity solutions, is thrilled to announce its latest strategic partnership with renowned Danish managed service provider (MSP) ResenNet. This collaboration marks a significant milestone in the…
European Governments Email Servers Targeted by Threat Actors
Since at least October 11, the Russian hacker organization Winter Vivern has been using a Roundcube Webmail zero-day vulnerability in attacks against think tanks and government agencies in Europe. According to security researchers, the cyberespionage group (also identified as TA473)…
Progress Software Releases Urgent Patches to Fix WS_FTP Server Vulnerabilities
Progress Software, the developer behind the MOVEit Transfer file-sharing platform recently issued a patch for a maximum severity vulnerability in its WS_FTP Server software and advises users to deploy the patch quickly. Details About the Vulnerabilities Discovered According to an…
9 Best Carbon Black Alternatives & Competitors in 2023
A quick search on the Internet retrieved a pack of VMware Carbon Black alternatives for endpoint protection services. I analyzed features, pros, cons and pricing and then I drew conclusions. So, here`s a list of 9 Best Carbon Black Alternatives…
12 Benefits of Zero Trust for Mid-Sized Businesses
Zero Trust security is evolving from “nice to have” to an absolute must for organizations everywhere. Fortunately, Zero Trust offers numerous advantages to companies of all sizes, including medium-sized ones. While achieving full Zero Trust is a long-term goal, even…
Why Organizations Struggle With Vulnerability Management?
Where Do Organizations Struggle With Vulnerability Management? With over 60% of companies having been the victims of cyberattacks in the last year, you can see that companies seem to be struggling with the way in which they manage vulnerabilities. Vulnerability…
Heimdal® Achieves ISAE 3000 SOC 2 Type II Certification, Demonstrating Compliance with the Highest Security Standards
Heimdal is delighted to announce that it has once again received accreditation for ISAE 3000 SOC 2 Type II for the 3rd time in a row, demonstrating its unwavering dedication to providing the highest level of data protection and security for…
Sony`s Systems Breached. Ransomed.vc Claims Stealing 260 GB of Data
Ransomed.vc threat group claims they`re responsible for an alleged Sony data breach and attempt to sell the stolen data on the dark web. While Ransomed.vc stated they compromised „all of Sony`s systems”, and stole 260 GB of data, the file…
Phobos Ransomware: Everything You Need to Know and More
In the ever-evolving landscape of cyber threats, ransomware remains a pervasive and destructive weapon in the arsenal of cybercriminals. Among the various ransomware strains, Phobos has gained notoriety for its sophisticated capabilities and devastating consequences. This article delves into Phobos…
NY College Must Spend $3.5M on Cybersecurity After Breach Affecting 200k Students
After a data breach in 2021 exposed the personal information of nearly 200,000 people, the attorney general of New York requested a university to invest $3.5 million in cybersecurity. The measure addresses the data security deficiencies that led to a…
7 Best Sophos Alternatives & Competitors in 2023 [Features, Pricing & Reviews]
In the ever-evolving cybersecurity landscape, businesses constantly seek robust security solutions to protect their digital assets. Sophos, a well-known name in the cybersecurity industry, has been a trusted choice for many organizations. However, with the market continuously expanding and new…
Apple Fixes 3 New Actively Exploited Zero-Day Vulnerabilities
Apple released an emergency security update to patch three newly identified zero-days exploited actively by threat actors. The vulnerabilities affected iPhone and Mac users, and with this, the total zero-days fixed by Apple this year rose to 16. What Do…
New Threat Group: Sandman Targets Telecommunication Companies Across the World With Infostealers
A previously unknown threat group known as “Sandman” is making its presence felt. The group uses a modular information-stealing malware called “LuaDream” to target telecommunication service providers in the Middle East, Western Europe, and South Asia. Sandman: How This New…
Computer Security Incident Response Team (CSIRT): How to Build One
According to the World Economic Forum, “widespread cybercrime and cyber insecurity” is rated as one of the greatest worldwide dangers for the following two and ten years. This means that your organization needs to constantly improve its cybersecurity posture. A…
International Criminal Court Reveals System Breach and Plans to Bolster Security
The International Criminal Court (ICC) announced on September 19th that hackers breached their computer systems. ICC storages highly sensitive information about war crimes and is thus one of the world`s most important public institutions. What We Know About the ICC…
Critical GitLab Pipeline Vulnerability Revealed. Users are urged to patch immediately
GitLab disclosed critical vulnerability that enables hackers to run pipelines as other users by leveraging scheduled security scan policies. The platform issued an advisory and urged users to apply available updates as soon as possible. The GitLab pipeline vulnerability was…
Improper Usage of SAS Token Leads to Massive Microsoft Data Leakage
Microsoft researchers leaked 38TB of sensitive data to a public GitHub repository while training open-source AI learning models. The Microsoft data leakage occurred starting July 2020 and white hat hackers only discovered and reported it on June 22nd, 2023. Consequently,…
Cryptocurrency Scams to Heavily Target TikTok Users
Cybercriminals heavily target TikTok users with cryptocurrency giveaway scams. The vast majority of the posts impersonate Elon Musk and relate to Tesla or SpaceX. These types of posts have been on other social media platforms – Instagram and Twitter –…
EDR for Banking: 6 Ways EDR Can Help Financial Organizations
There are financial advantages to investing in cybersecurity, especially in Endpoint Detection and Response (EDR) solutions. Breaching one financial institution can bring threat actors access to a variety of companies’ assets. That is because banks store money and data for…
Best Practices for Endpoint Security in Healthcare Institutions
While achieving compliance with industry standards is the minimum, it’s not enough to prevent insider threats, supply chain attacks, DDoS, or sophisticated cyberattacks such as double-extortion ransomware, phishing, business email compromise (BEC), info-stealing malware or attacks that leverage the domain…
How DNS Layer Security Stops Ransomware and Other Cyberattacks
DNS-Layer Security protects users from threats that arise from inbound and outbound traffic. It refers to monitoring communications between endpoints and the internet at a DNS-layer level. Imagine the DNS layer security as a gatekeeper who makes sure that all…
Two New York Hospitals Breached by the LockBit Ransomware Group
The notorious LockBit ransomware group claims to have breached two major hospitals from upstate New York, the Carthage Area Hospital and Claxton-Hepburn Medical Center. The two hospitals serve hundreds of thousands of patients. Details on the Attack: The Hospitals Are…
What Effect Does Firm Size Have on Ransomware Threats?
In an increasingly digital world, the threat of ransomware looms large over organizations of all sizes. However, the impact of ransomware attacks can vary significantly depending on the size of the targeted firm. This article delves into the effects of…
5 Examples of DNS IoCs That Are Red Flags for Cyberattacks
In the increasingly digitalized world that we live in, doing business without being connected 24/7 is almost unthinkable. Any medium to large organization needs to have an online way of displaying its products or services. It also needs a fast…
Companies Affected by Ransomware [Updated 2023]
The increasing frequency and size of ransomware attacks are becoming a huge concern for thousands of organizations globally. All over the world, threat actors take advantage of security vulnerabilities and encrypt data belonging to all sorts of organizations: from private…
Banking Cybersecurity: The Risks Faced by Financial Institutions
A data breach in the financial sector is one of the most impactful events in the cybersecurity landscape. That is because Banking, Financial Services, and Insurance (BFSI) institutions/ financial institutions safeguard and store not only our money but also very…
How to Use DNS IoCs to Prevent Ransomware Attacks
As malware and attack techniques continue to evolve in sophistication, DNS IoCs help threat hunting teams to prevent ransomware attacks. Prioritizing threat hunting to prevent and mitigate advanced threats is critical to safeguarding an organization`s data and assets. The red…
GitHub Vulnerability Exposes Over 4,000 Repositories to Repojacking Attacks
New vulnerability in GitHub puts more than 4,000 repositories at risk. The flaw turns the code packages vulnerable to repojacking attacks. After researchers reported the vulnerability to GitHub, the code hosting platform released a fix. Repository hijacking (repojacking) is a…
Microsoft Teams Phishing Attacks: Ransomware Group Shifts Tactics
Microsoft revealed a shift in tactics by an initial access broker known for its ties to ransomware groups. The threat actor is known as Storm-0324 and had formerly spread Sage and GandCrab ransomware. Storm-0324 recently moved from deploying ransomware to…
Ransomware Trends and Predictions for 2023 and Beyond
New ransomware trends are on the rise as ransomware has emerged as one of the most formidable cyber threats in recent years, causing significant disruptions to businesses, governments, and individuals worldwide. As we step into 2023 and beyond, it’s crucial…
Patch Now! Mozilla Releases Security Updates For Firefox Zero Day Vulnerability
On September 12th, 2023, Mozilla released crucial security updates to address a critical Firefox zero day vulnerability. Security researchers also detected the flaw in the Thunderbird application. The zero-day was dubbed CVE-2023-4863 and has been actively exploited in the wild.…
MGM Resorts Suspends IT Systems Following Cyber Incident
MGM Resorts International confirmed that a cyber incident has disrupted several of its critical systems, affecting its main website, online reservations, and in-casino services, including ATMs, slot machines, and credit card machines. The company revealed this via a statement on…
What Is Managed Extended Detection and Response (MXDR)?
Managed Extended Detection and Response (MXDR) is yet another step toward the perfect security solution. Researchers designed MXDR with two major vectors in mind. First, it had to keep up with the latest internal and external threats. Second, to protect…
Patch Management Policy: A Practical Guide
Patching, a highly necessary, yet sometimes neglected practice of resolving security risks related to vulnerabilities, can prove difficult for organizations of all sizes. You probably already know that a regular and well-defined patch management routine proactively ensures your systems function…
Ragnar Locker Claims Israel Hospital Cyberattack
The Ragnar Locker ransomware gang claims responsibility for the cyberattack on Mayanei Hayeshua hospital from Israel. The incident occurred in August 2023, and cybercriminals allegedly managed to steal 1TB of data. Now, the criminal gang threatens to leak all that…
Navigating PAM Implementation Risks: A Comprehensive Guide for CISOs
Chief Information Security Officers (CISOs) bear the responsibility of safeguarding their organizations against an ever-evolving array of cyber threats. Among a myriad of other challenges, Privileged Access Management (PAM) emerges as a pivotal domain. However, implementing PAM solutions involves navigating…
What Is Token-Based Authentication?
Secured authentication to databases and systems is essential to enterprise cybersecurity management. According to the 2023 Data Breach Investigations Report, 82% of all breaches stem from human error, often due to mishandled or compromised login details that allow malicious entities…
Cisco BroadWorks Is Affected by a Critical-Severity Vulnerability
The Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform are both affected by a serious vulnerability that might allow remote attackers to counterfeit credentials and bypass authentication. Cisco BroadWorks is a cloud communication services platform used by…
Warning: RocketMQ Vulnerability Actively Exploited by Threat Actors
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a new critical-severity vulnerability to its KEV catalog. The issue is tracked as CVE-2023-33246 and it affects Apache’s RocketMQ distributed messaging and streaming platform. Exploiting the vulnerability is possible without authentication…
Minneapolis School District Reveals Full Extent of Data Breach
Minneapolis Public Schools (MPS) recently disclosed the full extent of a data breach from earlier this year, affecting more than 105,000 individuals. The breach, initially attributed to the Medusa ransomware group, compromised a wide range of personal information. The Breach…
Vulnerabilities Uncovered: Critical Remote Code Execution Risks in ASUS Routers
ASUS routers have come under the spotlight due to three critical remote code execution vulnerabilities. These vulnerabilities pose a significant threat, with all three receiving a CVSS v3.1 score of 9.8 out of 10.0. They can be exploited remotely and…
Heimdal®’s Semiannual Rundown of the Most Exploited Vulnerabilities of 2023
In the ever-evolving threascape, staying ahead of the latest vulnerabilities is crucial for individuals, organizations, and government institutions. This year, we have witnessed a plethora of vulnerabilities stretched across various software, hardware, and platforms. In this article, we will deep-dive…
University of Sydney Reports Data Breach
The University of Sydney (USYD) has reported a data breach involving a third-party service provider, leading to the exposure of personal information for a subset of international applicants. The breach did not affect local students, staff, alumni, or donors. Upon…
Freecycle Confirms Data Breach Affecting Over 7 Million Users
Freecycle, a global online platform promoting the exchange of used items, announced a significant data breach affecting over 7 million of its users. The nonprofit organization became aware of the intrusion on August 30th, though the stolen information had been…
5 Ways Heimdal® Protects You From DNS Attacks
As cyber-attacks continue to proliferate, it’s essential for organizations to stay ahead of the game when it comes to security. One area that requires particular attention is the Domain Name System (DNS). DNS attacks are more common than one might…
Heimdal Announces Expansion into the Indian Market
Mumbai, 31st August 2023 — Heimdal, a global leader in cybersecurity solutions, is thrilled to announce its official entry into the Indian market. This strategic expansion marks a significant milestone in Heimdal’s mission to provide cutting-edge cybersecurity services to businesses…
Why Is MDR Better Than EDR: Enhancing Cybersecurity in the Modern World
Cybersecurity has become a paramount concern for businesses and organizations in today’s interconnected world. The rise of sophisticated cyber threats and the increasing complexity of IT environments have made it crucial for companies to invest in robust security solutions. Managed…
7 Key MXDR Benefits
Protecting businesses has gotten increasingly difficult today. The sophistication of cyberattacks, the growth of distributed workforces, and the increased reliance on third-party providers have greatly expanded the attack surface, making it more complex than ever. In order to minimize the…
Sourcegraph’s Website Breached by Threat Actors
Popular AI-powered coding platform Sourcegraph reveals that its website was breached this week due to a leaked site-admin access token. The token leaked online on July 14th, but it took until the 28th of August for an attacker to use…
Malicious Generative AI Tools. Buzz, Threat, and Solution
After almost a year of generative AI euphoria and praising the Open.Ai ChatGPT model, it`s time to take a step back. Let`s assess how this amazing piece of technology changed the cyber threat landscape. Like any innovation, generative AI tools…
SapphireStealer: A New Open-Source Information Stealer Malware to Look Out For
A new malware is gaining traction in the cyber world. Dubbed SapphireStealer, this open-source .NET-based information-stealing malware has been observed to be used by threat groups, with some of them even creating their own customized variations. As reported by TheHackerNews,…
Ransomware-as-a-Service (RaaS) – The Rising Threat to Cybersecurity
Ransomware trends are on the rise, even more so today than in the previous years. According to Group-IB’s Hi-Tech Crime Trends Report 2021/2022, the increase of the ransomware industry happened due to a combination of poor corporate security and a thriving…
Weaknesses in Cisco ASA SSL VPNs Exploited Through Brute-Force Attacks
In a recent surge of cyber threats, hackers have targeted Cisco Adaptive Security Appliance (ASA) SSL VPNs using a combination of brute-force attacks and credential stuffing. These attacks have taken advantage of security vulnerabilities, particularly the absence of robust multi-factor…
Notorious QakBot Malware Dismantled: $8.6M Seized and 700K Computers Freed
On Tuesday, the U.S. Department of Justice announced the disruption of an international law enforcement operation that targeted the QakBot botnet and its related malware, which has been linked to numerous cyberattacks and caused nearly $60 million in global losses…
Heimdal’s MXDR Adapt, an Innovative Adaptive Control for Enhanced Threat Detection and Response
Heimdal® unveils MXDR Adapt, a transformative evolution of its Managed Extended Detection and Response (MXDR) solution. This revolutionary adaptive control enhances the capabilities of the existing MXDR (24×7 SOC) offering, reaffirming Heimdal’s commitment to equipping clients with unprecedented customization in…
Zero-Day Alert! Critical Flaw in Citrix ADC and Gateway Exploited in the Wild (Updated)
Citrix urged customers to patch NetScaler ADC and Gateway products after discovering a critical-severity zero-day vulnerability. The flaw was dubbed CVE-2023-3519, ranked 9.8 on the CVSS, and was observed exploited in the wild. The company released updated versions of the…
47,000 London Metropolitan Police Personnel Impacted by Data Breach
London`s Metropolitan Police announced bolstering cybersecurity measures after one of its suppliers detected a data breach. A contractor responsible for printing warrant cards and staff passes was the target of a cyberattack. Data belonging to 47,000 officers and police staff…
Enhancing Cybersecurity: How XDR Software Empowers CISOs
As modern threats surpass traditional security measures, XDR software steps in as a revolutionary solution. A software that empowers CISOs to proactively navigate the evolving threat landscape. Understanding the Challenge CISOs face a daunting task. Cybercriminals are becoming more sophisticated,…
DreamBus Malware Exploits Unpatched RocketMQ Servers
Threat actors exploit a known remote code vulnerability in RocketMQ servers to infect devices with DreamBus malware. CVE-2023-33246 was discovered in May 2023 and received a 9.8 score, which labels it as critical. It is a permission verification issue that…
Mom’s Meals Warns of Major Data Breach Affecting Over 1.2 Million Individuals
Mom’s Meals, a medical meal delivery service operated by PurFoods in the U.S., has alerted its users about a significant ransomware attack. The breach has compromised the personal information of approximately 1.2 million customers, employees, and independent contractors. The initial…
Nordic Users Targeted by National Danish Police Phishing Attack
A new type of cyber-attack is currently spreading like wildfire in the Nordics, targeting email addresses indiscriminate of user profiles (i.e., small office/home user, home user, mobile user, power user, and large business user). Earmarked the National Danish Police phishing…
How to Manage XDR Alerts with Heimdal
Heimdal XDR offers you full visibility into network traffic, user behavior, and endpoint activity. It makes investigating threats much easier, showing you how threats happened and when they occurred. This means you can quickly figure out why each alert was…
How to Implement an XDR Software?
Traditional security solutions are no longer enough to protect your business from sophisticated attacks. As a cybersecurity professional, you have probably heard of XDR (Extended Detection and Response), a strategy that is gaining popularity due to the numerous benefits it…
Global Privacy Agencies Urge Social Media to Protect User Data from Scraping
In a statement published online, 12 data protection and privacy authorities from around the world urge social media platforms to strengthen their defenses against data scrapers. The UK, Australia, Canada, Hong Kong/China, Switzerland, Norway, New Zealand, Columbia, Morocco, Argentina, and…
French Unemployment Agency Announces a Data Breach
Pole emploi, the government’s unemployment registration and financial assistance office in France, announced a data breach. The incident affected 10 million French citizens whose data were exposed. Details About the Pole Emploi Data Breach The agency disclosed a security event…
The 12 Best Endpoint Security Software Solutions and Tools [2023]
Choosing the right endpoint security software can feel overwhelming, especially in a market valued at 13.4 billion U.S. dollars in 2023 and expected to grow to 29 billion U.S. dollars by 2027 (Statista). Organizations worldwide turn to endpoint security solutions…
How to Choose the Best XDR Solution for Your Organization?
The fact that malicious software gets smarter and more sophisticated every day that goes by is no news to any IT professional. Add the fact that the attack surface continues to expand as our lives get highly connected to the…
What Is a Host Intrusion Detection System (HIDS) and How It Works
HIDS stands for host-based intrusion detection system and is an application that monitors a computer or network for suspicious activities. The monitored activities can include external actors` intrusions and also internal misuse of resources or data. A host intrusion detection…
How Does XDR Software Help Security Teams
XDR software collects and processes data from various security layers, networks, and endpoints in an organization`s IT environment. It is a fast and accurate tool that helps security teams detect and respond faster to cyber threats wherever they might be…
XDR Security for MSSPs
Given the complexity of today’s digital environment, organizations, especially Small and Medium-sized Enterprises (SMEs), are learning that maintaining a robust security posture is a top priority and are turning to Managed Security Service Providers (MSSPs) to help them secure their…
Thousands of Openfire Servers at Risk from Critical CVE
Over 3,000 Openfire servers have yet to be updated against a critical security vulnerability. Tracked as CVE-2023-32315, the flaw has been actively exploited for more than two months, putting unpatched servers at significant risk. Upon a Closer Look Openfire, a…
University of Minnesota Reports Massive Data Breach
The University of Minnesota is currently conducting an investigation into a substantial data breach that could potentially impact a large number of alumni and members of the university community. Millions Potentially Exposed The breach was brought to light last month…
Ransomware Vs. Malware: What’s The Difference?
Cyber-attacks can come in many forms. In the world of cybersecurity, the terms “ransomware” and “malware” are often used interchangeably, leading to confusion about their distinct characteristics and implications. While both ransomware and malware fall under the broader category of…
Into the Heimdalverse
Hey there, fellow digital explorers! Welcome to a journey that promises to take your cybersecurity understanding to a whole new dimension. As the Stellar Strategist of Product Prowess (Head of Product Marketing) at Heimdal, I’m excited to guide you through…
Danish Cloud Hosting Companies Ravaged by Ransomware Attacks
CloudNordic and AzeroCloud, Danish hosting firms specializing in cloud services, have been hit hard by ransomware attacks, causing widespread data loss and operational disruptions. The companies are steadfast in their decision not to pay the ransom demanded by the hackers.…
New HiatusRAT Malware Campaign Targets U.S. Defense Department`s Server
Threat actors launched a reconnaissance attack against a server belonging to the U.S. Department of Defense, as part of HiatusRAT Malware Campaign. The adversaries also targeted Taiwan-based organizations, such as several companies and a municipal government institution. HiatusRAT was first…
An Essential Guide to XDR Software
In this comprehensive guide, we look into the topic of XDR (Extended Detection and Response) software, shedding light on its significance from various perspectives. Whether you’re seeking to strengthen your personal cybersecurity or your organization’s digital defenses, by the end…
Exploring the Top ManageEngine Competitors & Alternatives in 2023
ManageEngine has long been a prominent player in the IT management software landscape. However, several viable ManageEngine competitors and alternatives have emerged, each with unique features and capabilities that cater to different organizational needs. In this article, a roundup of the…
New Ivanti Zero-Day Vulnerability Allows Hackers to Access Sensitive APIs
Researchers observed a critical Ivanti Sentry API authentication bypass vulnerability exploited in the wild. The flaw was dubbed CVE-2023-38035 and it enables authentication bypass on Ivanti Sentry versions 9.18 and prior, due to improper Apache HTTPD configuration. According to the…
Threat Actors Leak 2.6 Million DuoLingo Users` Data on Hacking Forum
Malicious actors exposed 2.6 million DuoLingo users` data on the dark web. The announcement posted on August 22nd made the data available for a cost of only $2.13. The scraped DuoLingo data was previously for sale on another dark forum,…
Vulnerabilities in TP-Link IoT Devices Can Get You Hacked
Four new vulnerabilities have been discovered in the TP-Link Tapo L530E smart bulb and TP-Link’s Tapo app. Researchers from Universita di Catania and the University of London say that hackers could exploit these flaws to steal WiFi passwords. TP-Link Tapo…
Ten Ways an XDR Service Can Empower IT Managers
In today’s rapidly evolving digital landscape, cyber threats have become more sophisticated and pervasive than ever before. As businesses increasingly rely on technology, the role of IT managers has expanded to encompass not only network maintenance and system optimization but…
Cuba Ransomware Exploits Veeam Flaw, Targets U.S. and Latin American Entities
The Cuba ransomware gang has been seen launching attacks on critical infrastructure organizations in the U.S. and IT firms in Latin America, employing a mix of older and newer hacking tools. The latest campaign, identified by BlackBerry’s Threat Research and…
Introducing Heimdal XDR: A Game-Changer Disrupting the Market with the Widest Range of Next-Generation Solutions
Heimdal® has announced its entry into the Extended Detection and Response (XDR) market with a disruptive SaaS platform. The company offers the widest XDR suite in the industry, featuring 10-in-1 award-winning solutions, all in one unified, easy-to-use console. Discover Extended Detection…
WinRAR Vulnerability Allows Remote Code Execution
A vulnerability in WinRAR, the widely used file compression and archiving software for Windows, could allow remote attackers to execute arbitrary code on a user’s computer by exploiting a flaw in the processing of recovery volumes. The vulnerability, identified as…
What Is Network Access Control (NAC)?
Network Access Control (NAC) is a cybersecurity technology that regulates access to network resources based on predefined policies and regulations. By identifying, verifying, and assessing the compliance of devices and users trying to connect to a network, NAC helps guarantee…
BlackCat Sphynx: The Ransomware Operation Evolves Once Again
Researchers at Microsoft discovered a new version of the BlackCat ransomware. Dubbed ‘Sphynx’, this version embeds the Impacket networking framework and the Remcom hacking tool, both enabling spreading laterally across a breached network. Back in April, the cybersecurity researcher VX-Underground…
What Is Next-Generation Antivirus (NGAV) and How Does It Work?
As the cybercrime landscape evolves, you may wonder if the old Antivirus solution that you have installed on your organization’s endpoints still does the job. Traditional antivirus software initially offered sufficient defense against the majority of viruses before they evolved…
Short Staffed in Cybersecurity? It’s Time for MXDR!
In today’s rapidly evolving digital landscape, cybersecurity has become a paramount concern for businesses and individuals alike. The increasing frequency and sophistication of cyberattacks have left organizations struggling to keep up with the relentless threats. Enter the webinar titled “Short…
Ongoing Phishing Campaign Targets Zimbra Collaborations Email Servers Worldwide
Zimbra Collaboration email servers worldwide are being targeted by threat actors. Recently, cybersecurity researchers have uncovered an ongoing phishing campaign, that has been underway since at least April 2023. Threat actors are sending phishing emails to organizations worldwide, with no…