Security News
Microsoft 365 has all the tools you need to run your organization in the cloud, from personal productivity to group collaboration, to advanced analytics and security management. While it does include compliance and policy tools, it doesn't claim to offer a full set of data recovery tools.
Toronto-based Citizen Lab has warned that an app required by Beijing law to attend the 2022 Olympics contains vulnerabilities that can leak calls and data to malicious users, as well as the potential to subject the user to scanning for censored keywords. The playbooks [PDF], which are documents that serve as info guides for Olympics-goers, instruct international visitors to download the app and use it to monitor health for 14 days prior to their departure for China.
As more companies focus on digital adoption goals in 2022, finding security tools to detect malicious activity is top-of-mind for executives. As cybercrime is set to cost the world 10.5 trillion dollars annually by 2025, IT executives and their teams will need to make policy changes, step up security training and use cybersecurity tools such as these to manage digital security in 2022 - and beyond.
Cyber criminals, under the moniker Aquatic Panda, are the latest advanced persistent threat group to exploit the Log4Shell vulnerability. Researchers from CrowdStrike Falcon OverWatch recently disrupted the threat actors using Log4Shell exploit tools on a vulnerable VMware installation during an attack that involved of a large undisclosed academic institution, according to research released Wednesday.
A new study showed that two-thirds of organizations are currently spending $100,000 or more annually on observability tools, with 38% spending $300,000 or more annually. Despite these investments, 75% of companies are still struggling to achieve true observability, according to LogDNA. While many organizations have four or more tools in their arsenal, they're often dissatisfied; in fact, more than half are unable to implement the tools they want because of vendor lock-in.
In recent attacks, the AvosLocker ransomware gang has started focusing on disabling endpoint security solutions that stand in their way by rebooting compromised systems into Windows Safe Mode. This tactic makes it easier to encrypt victims' files since most security solutions will be automatically disabled after Windows devices boot in Safe Mode.
Among all of the attacks aimed at rank-and-file users, there's one that stands out - the tech support scam. Tech support scams happen when people receive a message - either through a popup on their screen or an unsolicited phone call - insisting that something's wrong with their computer and needs fixing.
Kali Linux 2021.4 was released today by Offensive Security and includes further Apple M1 support, increased Samba compatibility, nine new tools, and an update for all three main desktop. Kali Linux is a Linux distribution allowing cybersecurity professionals and ethical hackers to perform penetration testing and security audits against internal and remote networks.
Offensive Security released Kali Linux 2021.4, which comes with a number of improvements: wider Samba compatibility, switching package manager mirrors, enhanced Apple M1 support, Kaboxer theming, updates to Xfce, GNOME and KDE, Raspberry Pi Zero 2 W + USBArmory MkII ARM images, as well as new tools. Starting Kali Linux 2021.4, the Samba client is now configured for Wide Compatibility so that it can connect to pretty much every Samba server out there, regardless of the version of the protocol in use.
Israel's Ministry of Defense has dramatically restricted the number of countries to which cybersecurity firms in the country are allowed to sell offensive hacking and surveillance tools to, cutting off 65 nations from the export list. In curtailing the exports, the move effectively makes it harder for local cybersecurity firms to market their software to countries with totalitarian regimes or with a track record of perpetrating human abuses.