Security News
Thousands of small- and medium-sized businesses were affected, just because they trusted their suppliers. How can companies protect against this sort of breach?
Microsoft has added support for PrintNightmare exploitation detection to Microsoft Defender for Identity to help Security Operations teams detect attackers' attempts to abuse this critical vulnerability. As revealed by Microsoft program manager Daniel Naim, Defender for Identity now identifies Windows Print Spooler service exploitation and helps block lateral movement attempts within an org's network.
A critical SQL-injection security vulnerability in the WooCommerce e-commerce platform and a related plugin has been under attack as a zero-day bug, researchers have disclosed. The exploitation prompted WooCommerce to release an emergency patch for the issue late on Wednesday.
Security vendor SonicWall is warning customers to patch its enterprise secure VPN hardware to thwart an "Imminent ransomware campaign using stolen credentials" that's exploiting security holes in current models and those running legacy firmware. In a Thursday security notice, the company reported that researchers at Mandiant identified "Threat actors actively targeting" three SMA 100 models and nine older SRA-series secure VPN products no longer supported by SonicWall.
Security vendor SonicWall is warning customers to patch its enterprise secure VPN hardware to thwart an "Imminent ransomware campaign using stolen credentials" that's exploiting security holes in current models and those running legacy firmware. In a Thursday security notice, the company reported that researchers at Mandiant identified "Threat actors actively targeting" three SMA 100 models and nine older SRA-series secure VPN products no longer supported by SonicWall.
Coinbase is the largest exchange in the U.S., and researchers have detected numerous phishing campaigns against Coinbase users. Researchers at anti-phishing firm INKY have discovered dozens of current phishing campaigns targeting Coinbase users.
Cyber incidents continue to rise, ransomware accounts for nearly two-thirds of all malware attacks, and more cybercriminals are customizing malware for attacks on virtual infrastructure, Positive Technologies finds. According to the research, the number of attacks increased by 17% compared to Q1 2020, with 77% being targeted attacks, and incidents with individuals accounting for 12% of the total.
The healthcare industry experienced devastating effects from DNS attacks during the COVID-19 pandemic, more so than other industries, a report from EfficientIP and IDC shows. The report shows that healthcare is more vulnerable than other industries to a variety of consequences from attacks: healthcare is the most likely industry to suffer application downtime, with 53% of healthcare companies in the survey reporting that.
Networking equipment maker SonicWall is alerting customers of an "Imminent" ransomware campaign targeting its Secure Mobile Access 100 series and Secure Remote Access products running unpatched and end-of-life 8.x firmware. The warning comes more than a month after reports emerged that remote access vulnerabilities in SonicWall SRA 4600 VPN appliances are being exploited as an initial access vector for ransomware attacks to breach corporate networks worldwide.
Attivo Networks announced a new Cloud Infrastructure Entitlement Management solution, IDEntitleX, designed to deliver visibility and reduce the attack surface for identities and entitlements in the cloud. Organizations are moving to the public cloud in record-setting numbers, but with this growth comes unanticipated security challenges with user identity management and the explosion of "Non-human" identities such as applications, databases and data stores.