Security News > 2022 > June
99% of surveyed IT decision makers state they have backup strategies in place, but just 26% have admitted they were unable to fully restore all data/documents when recovering from a backup, according to an annual survey conducted in April 2022 by Apricorn. In response to questioning around their existing backup strategy, 27% acknowledged having automated backup to both a central and personal repository.
50% of respondents cited efficiency as the top motivator for cloud investments. Increased security is the second most important business driver for organizations investing in cloud computing, with 48% of respondents citing it as a key factor in their investment.
The operators behind BRATA have once again added more capabilities to the Android mobile malware in an attempt to make their attacks against financial apps more stealthy. An acronym for "Brazilian Remote Access Tool Android," BRATA was first detected in the wild in Brazil in late 2018, before making its first appearance in Europe last April, while masquerading as antivirus software and other common productivity tools to trick users into downloading them.
Cisco on Wednesday rolled out fixes to address a critical security flaw affecting Email Security Appliance and Secure Email and Web Manager that could be exploited by an unauthenticated, remote attacker to sidestep authentication.Assigned the CVE identifier CVE-2022-20798, the bypass vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring system and stems from improper authentication checks when an affected device uses Lightweight Directory Access Protocol for external authentication.
Cybersecurity researchers have disclosed details about 15 security flaws in Siemens SINEC network management system, some of which could be chained by an attacker to achieve remote code execution on affected systems. "The vulnerabilities, if exploited, pose a number of risks to Siemens devices on the network including denial-of-service attacks, credential leaks, and remote code execution in certain circumstances," industrial security company Claroty said in a new report.
A researcher has discovered how to use your installed Google Chrome extensions to generate a fingerprint of your device that can be used to track you online. Yesterday, web developer 'z0ccc' shared a new fingerprinting method called 'Extension Fingerprints' that can generate a tracking hash based on a browser's installed Google Chrome extensions.
The threat actor behind BRATA banking trojan has evolved their tactics and improved the malware with information-stealing capabilities. Italian mobile security company Cleafy has been tracking BRATA activity and noticed in the most recent campaigns changes that lead to longer persistence on the device.
Microsoft fixes Follina and 55 other CVEsJune 2022 Patch Tuesday has been marked by Microsoft with the release of fixes for 55 new CVEs, as well as security updates that fix Follina, the Microsoft Windows Support Diagnostic Tool RCE that is being widely exploited by attackers. SaaS security: How to avoid "Death by 1000 apps"SaaS applications have become synonymous with modern business environments, and CISOs and security teams struggle to find a happy medium between ensuring the security of their SaaS portfolio and empowering the organization's streamlined business workflows and productivity.
Founded back in 2005, Palo Alto Networks is a cybersecurity giant that has earned the trust of the business community thanks to its impressive track record. The Palo Alto Networks Cybersecurity Fundamentals course helps you gain that same level of credibility, with 27 tutorials working towards official certification.
This week, ech0raix ransomware has started targeting vulnerable QNAP Network Attached Storage devices again, according to user reports and sample submissions on the ID Ransomware platform. Ech0raix had hit QNAP customers in multiple large-scale waves starting with the summer of 2019 when the attackers brute-forced their way into Internet-exposed NAS devices.