Security News

One of the vulnerabilities that Microsoft addressed on June 2020 Patch Tuesday is a Server Message Block protocol bug that could allow an attacker to leak kernel memory remotely, without authentication. Called SMBleed and tracked as CVE-2020-1206, the vulnerability could be chained with SMBGhost, a flaw addressed in March 2020, to achieve pre-authentication remote code execution, security researchers with ZecOps reveal.

Despite a quarter of respondents saying they could recover data lost in a disaster in under 10 minutes and 30% in under an hour, 16% confess that they don't know their RTO, or recovery time objective, which is an important measure that shows how quickly an organization can bounce back from a data loss. "Make no mistake," Reeder said, "If a business does not have a disaster recovery solution in place, or at the very least a solution to back up its data, there is no way it can get the data back from a data loss event."

Ninety-two percent of SMB executives said they believe their businesses are prepared to recover from a disaster. "That data suggests that there are either varying definitions of what it means to be able to recover from a disaster or, quite simply, a lack of understanding of what it truly means to be able to recover from a disaster. Make no mistake, if a business does not have a disaster recovery solution in place, or at the very least a solution to back up its data, there is no way it can get the data back from a data loss event."

Cybersecurity researchers today uncovered a new critical vulnerability affecting the Server Message Block protocol that could allow attackers to leak kernel memory remotely, and when combined with a previously disclosed "Wormable" bug, the flaw can be exploited to achieve remote code execution attacks. The newly discovered vulnerability impacts Windows 10 versions 1903 and 1909, for which Microsoft today released security patches as part of its monthly Patch Tuesday updates for June.

Nearly one in seven senior decision makers said their organization has already experienced at least one cyberattack since the start of the COVID-19 pandemic, according to a new report by Alliant Cybersecurity. SEE: Cybersecurity: SMBs are keeping up with big companies, according to Cisco survey.

Cisco survey finds security experts at mid-sized companies have strong incident response plans and prioritize proactive threat hunting. Security teams at small businesses are just as good at defending corporate data and networks as their colleagues at bigger organizations, according to a new survey from Cisco.

Organizations hit by ransomware attacks can suffer several types of losses. A report released Tuesday by Infrascale illustrates how SMBs are faring at defending themselves against ransomware.

73% of those SMBs that have been the targets of ransomware attacks actually have paid a ransom, Infrascale reveals. B2B orgs were more likely to be ransomware targets than B2Cs. Business-to-business organizations were more likely to have experienced a ransomware attack than business-to-consumer entities, according to the Infrascale survey results.

Researchers have observed a new skimmer from the prolific Magecart Group that has been actively harvesting payment-card data from 19 different victim websites, mainly belonging to small- and medium-sized businesses, for several months. "In some cases, we've seen MakeFrame using compromised sites for all three of its functions - hosting the skimming code itself, loading the skimmer on other compromised websites and exfiltrating the stolen data," Herman and Ihm wrote.

"Data protection can come into play in a wide array of important ways - including data security and encryption, data recovery, email protection and data archiving. It also provides the ability to recover quickly from a disaster, protection from and mitigation of ransomware, and physical device protection. Plus, it can prevent user error," said Reeder. Top executives in education see data backup and data recovery as the most important aspects of data protection.