Security News

New features in Metasploit 6.2.0. Capture plugin - While Metasploit has always included modules to steal credentials on a network, a new 'Capture' plugin has been introduced that offers a more streamlined approach.

Report: Many SMBs wouldn't survive a ransomware attack. A new report from cybersecurity provider CyberCatch reveals why SMBs may not be able to withstand an attack and offers advice on how they can better protect themselves.

More than 40% of SMBs surveyed have been hit with a cybersecurity breach. Cyberattacks pose a threat to all organizations large and small, but SMBs can be particularly vulnerable as they often lack the budget, resources and expertise to prevent and recover from a successful security breach.

Microsoft has released the optional KB5011563 cumulative update preview for Windows 11, with fixes for stop errors triggering blue screens of death and other issues. As mentioned in the beginning, today's Windows 11 optional update highlights are fixes for two BSODs triggered by stop errors in DirectX and the SMB Server.

The findings of the report take into account security events occurring across more than 120,000 user accounts during the period of January 1st to December 31st, 2021 and shows that the vast majority of attacks on top SaaS platforms such as Microsoft 365, Google Workspace, Slack and Dropbox are originating from the countries of Russia and China. Over the last several weeks, there has been a sharp rise in activity from countries with consistently high levels of both attempted and successful attacks originating within their borders - Russia and China.

Cyberattacks on SMBs are increasing, will your business be ready? As the number of cyberattacks continues to rise and may jump even higher with the new Senate bill passed Tuesday, small-to-medium businesses should be on higher alert of potential cyberattacks.

Microsoft says its new endpoint security solution for small and medium-sized businesses known as Microsoft Defender for Business has hit general availability. It has started rolling out to new and existing Microsoft 365 Business Premium customers worldwide starting today, March 1st. Microsoft Defender for Business helps companies with up to 300 employees defend against cybersecurity threats, including malware, phishing, and ransomware in environments with Windows, macOS, iOS, and Android devices.

As the number of ransomware attacks continue to rise, Blackberry has found as a part of its annual threat report that there may be a shared economy amongst cyber criminals that is growing. "This infrastructure has also incubated a criminal shared economy, with threat groups sharing and outsourcing malware allowing for attacks to happen at scale. In fact, some of the biggest cyber incidents of 2021 look to have been the result of this outsourcing."

Cisco has released patches for multiple vulnerabilities in the Small Business RV Series router platform that could allow remote attackers to gain complete control over the device, in many cases, without authentication. In total, there are fifteen vulnerabilities fixed by these security updates, with five of them rated as Critical as threat actors can use them to gain 'root' privileges or remotely execute commands on the device.

Most of us have heard the three primary approaches mentioned - Native XDR, Open XDR and Hybrid XDR - but still don't understand the key benefits and drawbacks of each. Native XDR. A single vendor that offers all components of an XDR solution is considered Native XDR. This means that the buyer will not need to purchase and integrate additional technology solutions into the Native XDR platform to enjoy the benefits.