Security News
A month ago, the FBI, CISA and the U.S. Coast Guard Cyber Command warned that state-backed advanced persistent threat actors are likely among those who'd been actively exploiting a critical flaw in a Zoho-owned single sign-on and password management tool since early August. In a recent Threatpost podcast, George Glass, head of threat intelligence at Redscan - a subdivision of the Kroll responder team that manages detection and response - said that the incident has worried the firm's main clients, who are concerned that it could turn into a similar scenario to the the calamitous, widespread SolarWinds attacks in April.
![S3 Ep54: Another 0-day, double Apache patch, and Fight The Phish [Podcast]](/static/build/img/news/s3-ep54-another-0-day-double-apache-patch-and-fight-the-phish-podcast-small.jpg)
A recent report found that two-thirds, or 67 percent, of surveyed organizations have suffered a ransomware attack, about half have been hit multiple times, and 16 percent have been hit three or more times. According to Fortinet's Global State of Ransomware Report 2021, released last week, most organizations report that ransomware is their top most concerning cyber-threat.
![S3 Ep53: Apple Pay, giftcards, cybermonth, and ransomware busts [Podcast]](/static/build/img/news/s3-ep53-apple-pay-giftcards-cybermonth-and-ransomware-busts-podcast-small.jpg)
LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast. WHERE TO FIND THE PODCAST ONLINE. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found.
![S3 Ep52: Let’s Encrypt, Outlook leak, and VMware exploit [Podcast]](/static/build/img/news/s3-ep52-lets-encrypt-outlook-leak-and-vmware-exploit-podcast-small.jpg)
![S3 Ep51: OMIGOD a gaping hole, waybill scams, and Face ID hacked [Podcast]](/static/build/img/news/s3-ep51-omigod-a-gaping-hole-waybill-scams-and-face-id-hacked-podcast-small.jpg)
" A scarily exploitable hole in Microsoft open source code. Memory lane: cool mobile devices from the pre-iPhone era.
Keeping availability away from customers via DDoS can have a painful impact on businesses as they find their doors blocked to customers, keeping them from making transactions. Over the years, DDoS attacks have evolved regarding level of sophistication, metrics and the techniques that threat actors employ.
![S3 Ep50: Two 0-days plus another 0-day plus a fast food bug [Podcast]](/static/build/img/news/s3-ep50-two-0-days-plus-another-0-day-plus-a-fast-food-bug-podcast-small.jpg)
Oh! No! A touchpad user turns right into left, and vice versa. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.
Imperva's Elad Erez discusses findings that 46 percent of on-prem databases are sitting ducks, unpatched and vulnerable to attack, each with an average of 26 flaws. A five-year longitudinal study found that nearly one out of every two on-premises databases globally - 46 percent - is vulnerable to attack, given that it has at least one unpatched vulnerability.
![S3 Ep49: Poison PACs, pointless alarms and phunky bugs [Podcast]](/static/build/img/news/s3-ep49-poison-pacs-pointless-alarms-and-phunky-bugs-podcast-small.jpg)
A home alarm system that almost anyone can turn off. Oh! No! When you grab your laptop but it's not yours.