Security News

At least six Russian Advanced Persistent Threat actors and other unattributed threats, have conducted destructive attacks, espionage operations, or both, while Russian military forces attack the country by land, air, and sea. It is unclear whether computer network operators and physical forces are just independently pursuing a common set of priorities or actively coordinating.

This article will answer that very question as well as why you need a Vulnerability Assessment Report and where you can get one from. What is a Vulnerability Assessment Report and why do you need one?

The USA's policy of decoupling its technology industries from China lacks a strategy, a theory of success, and an understanding of how to achieve its ill-defined goals, according to a new paper by Jon Bateman from the thinktank Carnegie Endowment for International Peace. "The United States cannot afford simply to muddle through technological decoupling, one of the most consequential global trends of the early twenty-first century," wrote Bateman, a former senior intelligence analyst, policy adviser and speechwriter at the US Department of Defense, in the document, titled "US China Technological 'Decoupling', a Strategy and Policy Framework."

A recent Hive ransomware attack carried out by an affiliate involved the exploitation of "ProxyShell" vulnerabilities in the Microsoft Exchange Server that were disclosed last year to encrypt an unnamed customer's network. "The actor managed to achieve its malicious goals and encrypt the environment in less than 72 hours from the initial compromise," Varonis security researcher, Nadav Ovadia, said in a post-mortem analysis of the incident.

In The State of Pentesting 2022 Report, Cobalt studied data from 2,380 pentests and surveyed 602 cybersecurity and software development professionals. The report focuses on issues and stats relevant to both the security and development teams.

Report: Many SMBs wouldn't survive a ransomware attack. A new report from cybersecurity provider CyberCatch reveals why SMBs may not be able to withstand an attack and offers advice on how they can better protect themselves.

Report: Organizations are better prepared to fight ransomware, but gaps remain. A report released Tuesday by disaster recovery provider Zerto examines how companies that seem prepared for an attack can still be vulnerable.

Report: Organizations better prepared to fight ransomware, but gaps remain. A report released Tuesday by disaster recovery provider Zerto examines how companies that seem prepared for an attack can still be vulnerable.

In this video, Craig Lurey, CTO and Co-Founder of Keeper Security, talks about the new secure add-on to the Keeper enterprise platform, called Compliance Reports. Keeper Compliance Reports allow Keeper Administrators to monitor and report the access permissions of privileged accounts across the entire organization, in a zero-trust and zero-knowledge security environment.

Cybercriminals have used fake emergency data requests to steal sensitive customer data from service providers and social media firms. As infosec journalist Brian Krebs first reported, some miscreants are using stolen police email accounts to send fake EDR requests to companies to obtain netizens' info.