Tag: Heimdal Security Blog

Looking to find the right privileged access management (PAM) solution for your organization? Well, you’ve certainly come to the right place… PAM tools play a key role in any modern cybersecurity strategy. Without them, you can’t hope to protect yourself…

Read more →

The Importance of Choosing the Right Privilege Identity Management Solution The essence of effective Privileged Identity Management (PIM) lies not in identity or management but in privilege. A robust PIM system focuses on identifying those who should, and equally importantly,…

Read more →

Threat and Vulnerability Management plays a crucial role in safeguarding information systems.  It involves identifying, assessing, and mitigating vulnerabilities in software, hardware, and organizational processes. Effective TVM not only anticipates and counters potential cyber threats but also ensures compliance with…

Read more →

Keenan data breach exposes sensitive data belonging to 1,509,616 individuals. The insurance broker company notified the impacted customers and employees on January 26th, 2024. According to the data breach notification, the hackers gained access to Keenan`s network on August 21st,…

Read more →

Cactus Ransomware claims responsibility for the January 17th Schneider Electric data breach. Schneider Electric confirms hackers got access to their Resource Advisor cloud platform. The French-based energy giant says the attack only hit their Sustainability Business division. The platform holds…

Read more →

The Heimdal Partner NEXUS program is now live. NEXUS, or the ‘Network of Excellence, Unity, and Safeguarding’ is a global initiative designed to enhance cybersecurity partnerships. Tailored for resellers, distributors, and MSP/MSSPs, it aims to improve customer security and expand…

Read more →

With data breaches on the rise, it’s important to limit access to your organization’s sensitive data. A user access review software can help you do so.  This article provides you with a comprehensive overview of the 10 best User Access…

Read more →

CISA and FBI released an advisory on Androxgh0st malware IoCs (Indicators of Compromise) and warned about hackers using this threat to steal credentials. The advisory contains: a list of specific Androxgh0st IoCs examples of malicious activities linked to it details…

Read more →

The National Cyber Security Centre Finland announced a surge in Akira ransomware attacks. Threat actors used Akira malware in six out of the seven ransomware attacks reported in December 2023. The attackers used VPNs that lacked multi-factor authentication. They exploited…

Read more →

During his initial statements since becoming the National Cyber Director in December, Harry Coker stated that the White House plans to “reduce unnecessary barriers” that federal contractors have while trying to fill cybersecurity positions, such as the need for a…

Read more →

We all know that maintaining up-to-date systems is crucial. Patch management plays a vital role in this process. This article serves as a hub for various patch management templates, each designed to streamline and enhance the efficiency of your patch…

Read more →

Key takeaways: Why privileged access management requires a continuous approach; The common pitfalls of poor privileged access management; How to create an effective, end-to-end privileged access management lifecycle. Privileged access management (PAM) is an essential tool of any modern cybersecurity…

Read more →

I got to talk to Dragoș Roșioru, a seasoned MXDR expert, about incident response best practices and challenges.   Get an in-depth understanding of the do’s and don’ts in incident response as Dragoș explains how to avoid the most common mistakes…

Read more →

The Terrapin attack, a newly identified security threat, jeopardizes nearly 11 million SSH servers that are accessible online. Originating from academic research at Ruhr University Bochum in Germany, this attack specifically targets the SSH protocol, affecting both clients and servers.…

Read more →

HealthEC LLC, a leading provider in health management solutions, experienced a significant data breach, impacting approximately 4.5 million individuals. This incident affected patients who received care through one of HealthEC’s client organizations. The company’s population health management platform, used by…

Read more →

Security research and consulting firm SRLabs exploited a vulnerability in the encryption algorithm of a specific strain of Black Basta ransomware to develop and release a decryptor tool named Black Basta Buster. This tool, released in response to the activities…

Read more →

Transformative Healthcare announces Fallon Ambulance data breach exposed sensitive information of 911,757 customers. Fallon ceased operations in December 2022 but is still responsible for a data storage archive that hackers targeted with ransomware. The ALPHV threat group a.k.a. BlackCat, claimed…

Read more →

Over 1.3 million customers across the U.S. are being alerted by mortgage servicing company LoanCare that a data breach at its parent company, Fidelity National Financial, may have compromised their private information. With 1.2 million loans and $390 billion in…

Read more →

Katholische Hospitalvereinigung Ostwestfalen (KHO), a German hospital network, has confirmed that a cyberattack launched by the Lockbit ransomware group is the cause of recent service disruptions at three hospitals in its network. The attack occurred in the early morning of…

Read more →

Citrix bugs caused a lot of problems throughout the year, and as we’re closing down 2023, it seems it’s not over. This time, Xfinity, Comcast’s cable television and internet division has been the victim of a data breach caused by…

Read more →