How Can CISOs Re-Analyze and Shift Focus?

How Can CISOs Re-Analyze and Shift Focus?

2020 was a year of relentless disruptions. The protective layer of secured enterprise networks and controlled IT environments of the physical premises did not exist. Over the past year, CISOs (Chief Information Security Officers) have had to grapple with the challenges of bolstering the security posture, minimizing risks, and ensuring business continuity in the new…

APT actors exploit flaw in ManageEngine single sign-on solution

APT actors exploit flaw in ManageEngine single sign-on solution

Credit: Dreamstime Cyber-espionage groups are exploiting a critical vulnerability patched earlier this month in ManageEngine ADSelfService Plus, a self-service password management and single sign-on (SSO) solution for Active Directory environments. The FBI, CISA and the United States Coast Guard Cyber Command (CGCYBER) urge organisations who use the product to deploy the available patch as soon…

Glitch in EventBuilder put 100 000 users’ personal data at risk

Glitch in EventBuilder put 100 000 users’ personal data at risk

Security company Clario Tech, in conjunction with cyber security researcher Bob Diachenko, discovered a vulnerability within EventBuilder, a virtual events integration tool for Microsoft. Clario notified EventBuilder of the danger earlier this year, and the popular webinar tool, which integrates with Microsoft Teams, has now closed the exposure. Exposing personal details More than one million…

India using our tech against Pakistan not acceptable: US firm

India using our tech against Pakistan not acceptable: US firm

A recent Forbes article has alleged the Indian government for abusing private technology against China and Pakistan. Earlier this year, researchers at Russian cybersecurity firm Kaspersky witnessed a cyberespionage campaign targeting Microsoft Windows PCs at government and telecom entities in China and Pakistan, the Forbes article read. The software used by the digital spies was…

Ransomware Reportedly Hits Iowa Farm Services Cooperative

Ransomware Reportedly Hits Iowa Farm Services Cooperative

Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service Researchers Believe NEW Cooperative Targeted By BlackMatter Gang Scott Ferguson (Ferguson_Writes) , Doug Olenick (DougOlenick) • September 20, 2021     (Source: NEW Cooperative’s Facebook Page) NEW Cooperative Inc., an Iowa-based farm services co-op, has reportedly been targeted by the BlackMatter ransomware gang, which is demanding a…

EventBuilder Data Exposure Leaves Over 100,000 Users’ Personal Data Vulnerable

EventBuilder Data Exposure Leaves Over 100,000 Users’ Personal Data Vulnerable

Over one million CSV/JSON files with personal information of event registrants using Microsoft Teams – including phone numbers and email addresses – have been exposed to potential cyber-criminals worldwide. Security company Clario Tech, in partnership with cybersecurity researcher Bob Diachenko, discovered the exposure within EventBuilder, a virtual events integration tool for Microsoft products. Details can…

Follow a Model, Not a Tool

Follow a Model, Not a Tool

The zero trust model is going mainstream, and for good reason. The rise in advanced attacks, plus IT trends that include the move to hybrid cloud and remote work, demand more exacting and granular defenses.  Zero trust ensures verification and authorization for every device, every application and every user gaining access to every resource. This…

Hacker Makes Off with $12 Million in Latest DeFi Breach

Hacker Makes Off with $12 Million in Latest DeFi Breach

Cross-Chain Protocol pNetwork Offers Hacker ‘Clean’ $1.5 Million Bug Bounty Dan Gunderman (dangun127) • September 20, 2021     (Source: Executium via Unsplash) Stay tuned for updates on this developing story. See Also: Accelerate Incident Response Times with Automated Investigation In the latest security incident involving a decentralized finance protocol, cross-chain project pNetwork…