Know thy enemy: The evolving behaviors of today’s cybercriminals

Know thy enemy: The evolving behaviors of today’s cybercriminals

Organizations in the energy/utilities, government, manufacturing, and healthcare sectors have witnessed an increase in cyberattacks over the past year. In fact, recent research found that nearly 1,000 government agencies and healthcare institutions experienced attacks in 2019. As these industries evolve and become more digitized, attackers have the opportunity to access more data than ever before. […]

Continue Reading
New, rapidly evolving IoT botnet Dark Nexus targets wide variety of devices

New, rapidly evolving IoT botnet Dark Nexus targets wide variety of devices

Credit: Dreamstime Security researchers are tracking a new botnet that has been in rapid development for the past several months and targets embedded devices with binaries that are cross-compiled for 12-CPU architectures. According to a new report from security vendor Bitdefender, the Dark Nexus botnet borrows ideas and features from previously successful Internet of Things […]

Continue Reading
Happy developers more likely to build secure apps

Happy developers more likely to build secure apps

There’s an intrinsic link between developer happiness and application security hygiene, and an alarming level of application breaches, according to Sonatype. For the first time ever, the findings prove the correlation between developer happiness and application security hygiene, with happy developers 3.6x less likely to neglect security when it comes to code quality. Happy developers […]

Continue Reading
Cybersecurity during the pandemic: Try these security solutions for free!

Cybersecurity during the pandemic: Try these security solutions for free!

In order to help global organizations of all sizes address cybersecurity during the COVID-19 pandemic, a number of vendors provide free (time-limited) access to their solutions. All of the offers below are available immediately, and they cover a number of areas. Vendors are listed alphabetically, and all require registration. Armorblox – Free email protection Armorblox […]

Continue Reading
Lawsuit accuses Zoom of overstating its privacy standards

Lawsuit accuses Zoom of overstating its privacy standards

The Zoom IPO Credit: Zoom Zoom Video Communications Inc has been slapped with a class action suit by one of its shareholders, accusing the video-conferencing app of overstating its privacy standards and failing to disclose that its service was not end-to-end encrypted. Shareholder Michael Drieu claimed in a court filing that a string of recent […]

Continue Reading
Actively exploited MS Exchange flaw present on 80% of exposed servers

Actively exploited MS Exchange flaw present on 80% of exposed servers

Attackers looking to exploit CVE-2020-0688, a critical Microsoft Exchange flaw patched by Microsoft in February 2020, don’t have to look hard to find a server they can attack: according to an internet-wide scan performed by Rapid7 researchers, there are at least 315,000 and possibly as many as 350,000 vulnerable on-premise Exchange servers (out of 433,464 […]

Continue Reading
AWS launches course for security essentials

AWS launches course for security essentials

Credit: Dreamstime Amazon Web Services (AWS) has launched its Security Essentials classroom course to lay the groundwork for understanding secure data handling in the AWS cloud. Built by AWS experts and delivered by AWS-accredited instructors, the foundation-level course is targeted at those involved in IT leadership, business-level professionals and anyone who uses AWS solutions and wants […]

Continue Reading
Radio frequency: An invisible espionage threat to enterprises

Radio frequency: An invisible espionage threat to enterprises

You can’t see it, but corporate airspaces are under attack via radio frequencies. Foreign governments, competitors and cyber criminals are all conducting radio-based attacks on enterprises. These sophisticated attacks use compromised RF devices as their entry points. Cell phones, wearables, health performance monitors and IoT infrastructure devices all offer new and unmonitored threat surfaces to […]

Continue Reading
US Govt flags Zoom’s response to security concerns

US Govt flags Zoom’s response to security concerns

Credit: Zoom Video conferencing company Zoom has been responsive to concerns over its software, the US Department of Homeland Security (DHS) said in a memo recently distributed to top government cybersecurity officials. The memo — drafted by DHS’s Cybersecurity and Infrastructure Security Agency and the Federal Risk and Authorization Management Program, which screens software used […]

Continue Reading

Why Palo Alto Networks Acquired CloudGenix, Jumped into SASE

On March 31, network security provider Palo Alto Networks (PAN) announced its intent to acquire software-defined wide-area network (SD-WAN) pioneer CloudGenix for about $420 million in cash. This is a healthy, albeit fair, premium for a company that has an estimated revenue of $45 million with about 250 customers.  For context, VMware paid roughly the […]

Continue Reading