Cybersecurity
Canadian, US authorities admit offensive action against ransomware gangs -- but not everyone's gung-ho.
"Sorting that out isn’t anymore the preserve of spy agencies or niche security organisations..."
Cybersecurity
A record number of software vulnerabilities was reported in 2021
Mean-time-to-Patch, meanwhile? 205 days...
Cybersecurity
New Lloyd's cyber insurance clauses: buyers, make sure you read the "war" exclusions closely
"Underwriters should consider... the impact on exposures across the portfolio."
Cybersecurity
This RAT is hiding in “February 31” in the Linux calendar -- and card skimming is moving from the browser to the server
Sophisticated new malware is attacking ecommerce servers
Cybersecurity
Cloud Postgres honeypots breached within seconds -- and your IP filter is unlikely to save you
IP-blocking won't do much...
Cybersecurity
"Keys to the cloud" stored in plain text in Azure AD security blooper
"It is best to assume that the credentials may have been compromised..."
Cybersecurity
Understanding Cyber Essentials' five core technical controls
At just £300 and with free insurance, you'd be mad not to...
Cybersecurity
BitLocker used to attack servers in "intrusion with almost no malware"
Hackers breached an organisation running on-premises Microsoft Exchange servers and after moving laterally proceeded to encrypt systems domain wide, using Microsoft's own BitLocker tool rather than malware associated with a Ransomware-as-a-Service group, analysts writing for The DFIR report said Monday. Dubbing it an "intrusion with almost no
Cybersecurity
FBI software vulnerability let hacker send thousands of emails from a federal domain
FBI blames "software misconfiguration". It could have been a lot worse...
Cybersecurity
Critical pre-auth RCE revealed in Palo Alto Networks' GlobalProtect
Wait, what? (Patch this one urgently...)
Cybersecurity
How a devastating ransomware attack forced a radical security rethink
"Like brain surgery without putting the victim to sleep"
Cybersecurity
REvil ransomware "affiliates" arrested, including alleged Kaseya hacker
Europol has announced the arrests of seven REvil/GandCrab ransomware group "affiliates". The arrests came as part of a global effort called operation "GoldDust" intended to take the fight to cybercriminals. This involved 17 different countries and cybersecurity companies BitDefender, KPN and McAfee Enterprises. The REvil