Security News

This combination will enable organizations to shrink their attack surface, prioritize vulnerabilities to remediate, and reduce their exposure to cyber threats and ransomware attacks by taking a proactive, risk-based approach to patch management. "And unpatched vulnerabilities remain one of the common points of infiltration into organizations' ecosystems. I'm committed to the global fight against ransomware. And I truly believe that the combination of risk-based vulnerability prioritization and automated patch intelligence can help organizations reduce their exposure and make a major impact in global cyberspace. Together, RiskSense and Ivanti will help customers drive operational efficiencies and defend against the next wave of sophisticated cyber threats, including ransomware attacks."

Security researchers have devised a way to block the recently disclosed PetitPotam attack vector that allows hackers to take control of a Windows domain controller easily. Last month, security researcher GILLES Lionel disclosed a new method called PetitPotam that forces a Windows machine, including a Windows domain controller, to authenticate against a threat actor's malicious NTLM relay server using the Microsoft Encrypting File System Remote Protocol.

If you're the kind of person who was paying attention to ransomware years ago and want to make sure you're prepared for the next kind of attack before it hits, pay attention to Gartner's latest report. Here are five things to know about cyber-physical attacks.

The recent trend of cyberattacks on physical infrastructure is a concern for everyone. Tom Merritt explains with five things we should know.

Kaspersky's quarterly DDoS attack report is one that its writers describe as "Relatively calm," but don't let that statement fool you: There's still a lot of dangerous DDoS threats and new actors waiting for their time to strike. The expected calm doesn't mean there's time to take a break: Cybercriminals definitely aren't, with Kaspersky reporting two new potential DDoS attack vectors and a rise in DDoS attacks as a ransomware tool.

An attack earlier this month on Iran's train system, which disrupted rail service and taunted Iran's leadership via hacked public transit display screens, used a never-before-seen wiper malware called Meteor that appears to have been design for reuse, a security researcher has found. The initial attack, dubbed MeteorExpress, occurred July 9, when "a wiper attack paralyzed the Iranian train system," according to a report by Juan Andres Guerrero-Saade at Sentinel Systems.

Microsoft has shared more information on how organizations can protect Windows domain controllers and other Windows servers against potential PetitPotam attacks. PetitPotam is the name assigned to a vulnerability that can be exploited by an unauthenticated attacker to get a targeted server to connect to an arbitrary server and perform NTLM authentication.

Operating systems have been restored at South Africa's state-owned logistics firm, the company said Thursday following a cyber-attack last week that hit the country's key port terminals. The attack began on July 22 and lasted for days, forcing Transnet to switch to manual systems.

TrapX Security launched TrapX DeceptionGrid 7.2 featuring a new capability to protect containerized environments such as Kubernetes. TrapX DeceptionGrid secures container environments across on-premises and cloud infrastructures, independent of attack vectors.

Authorities at the University of California San Diego Health reported a phishing attack lead to a major breach of its network, which allowed an adversary to gain access to sensitive patient, student and employee data. A Wednesday notice from UCSD Health explains the attack occurred between Dec. 2, 2020 and April 8, 2021 and exposed personal information including full names, addresses, date of birth, email, social security number and the date and cost of medical services.