Security News > 2021 > January
The cyber offensive is said to have originated in August last year, with the attacks aimed specifically at energy and construction companies, said researchers from Check Point Research today in a joint analysis in partnership with industrial cybersecurity firm Otorio. Although phishing campaigns engineered for credential theft are among the most prevalent reasons for data breaches, what makes this operation stand out is an operational security failure that led to the attackers unintentionally exposing the credentials they had stolen to the public Internet.
It's no wonder: ransomware attacks cripple organizations due to the costs of downtime, recovery, regulatory penalties, and lost revenue. Attackers are using the noise of ransomware to their advantage as it provides the perfect cover to distract attention so they can take aim at their real target: exfiltrating IP, research, and other valuable data from the corporate network.
SWIFT is the world's largest provider of secure financial messaging services to banks and other financial institutions. To help financial institutions detect, defend and recover from cyberthreats, SWIFT designed its Customer Security Program in 2016.
53% of CISOs and CSOs in the UK&I reported that their organization suffered at least one significant cyberattack in 2020, with 14% experiencing multiple attacks, a Proofpoint survey reveals. Those in larger organizations feel at greater threat, with this figure jumping to 89% amongst CSOs and CISOs from organizations over 2,500 employees and 83% from those with 5,000 employees or more.
A Russian researcher has made public on GitHub a functional exploit targeting a critical vulnerability that SAP patched in its Solution Manager product in March 2020. Tracked as CVE-2020-6207 and featuring a CVSS score of 10, the security flaw is a missing authorization check in the EEM Manager component of SolMan, which could allow an unauthenticated, remote attacker to execute operating system commands on hosts, as the SMDAgent.
IT leaders have growing concerns about their ability to keep up with digital transformation, a Dynatrace survey of 700 CIOs reveals. 93% of CIOs say IT's ability to maximize value for the business is hindered by challenges, including IT and business teams working in silos.
Private LTE/5G infrastructure is any 3GPP-based LTE and/or 5G network deployed for a specific enterprise/industrial customer that provides dedicated access. Private LTE/5G infrastructure carries traffic native to a specific organization, with no shared resources in use by any third-party entities.
Understandably, the application security importance may be pushed at the bottom of your things-to-do list. It is crucial to sensitize your employees about the application security importance through routine dedicated training programs.
BitDam announced that it is enhancing its offering for MSPs by adding a unique MSP console to its Advanced Threat Protection solution. The new BitDam MSP console's centralized dashboard view allows MSPs to view and manage all customers at one time and on one screen.
PacketFabric announced it has launched Cloud Router, a multi-cloud connectivity solution. Cloud Router will super-serve the enterprise as well as small business who are seeking a future-proofed way to connect multiple cloud providers.