Search results for: software

week in review

Week in review: Drupal-based sites open to attack, cPanel 2FA bypass vulnerability

Here’s an overview of some of last week’s most interesting news and articles: Challenges organizations face in combating third-party cyber risk A CyberGRX report reveals trends and challenges organizations of all sizes face in combating third-party cyber risk today. Each insight was gleaned from proprietary assessment data gathered from a sample of 4,000 third parties. cPanel 2FA bypass vulnerability can be exploited through brute force A two-factor authentication (2FA) bypass vulnerability affecting the popular cPanel … More

Group-IB launches new threat hunting and attack prevention solution

Group-IB has revealed the results of its yearslong development of proprietary high-tech products for threat hunting and research — Threat Intelligence & Attribution and Threat Hunting Framework. Group-IB has become the first company to offer a new type of solution called Threat Intelligence & Attribution. The system is designed to create and customize a cyber threat map for a specific company, correlate individual cybersecurity events in real time, and attribute attacks to a particular threat … More

bomb

Attacks are rising in all vectors and types

DDoS, web application, bot, and other attacks have surged exponentially compared to the first half of 2019, according to CDNetworks. In particular, attacks on web applications rose by 800%. These alarming statistics show that enterprises are experiencing challenging times in their attempts to defend against cyber attacks and protect their online assets. Hackers extremely sensitive to industry transformation The report goes on to say that hackers are extremely sensitive to industry transformation. For this reason, … More

remote work

Top digital security worries when it comes to remote employees

26% of remote workers have experienced a cyber attack personally, while 45% of employers have asked their employees to use their personal devices for work since the start of the pandemic, according to a Microsoft research. The study surveyed 500 employees and 200 business decision makers in September 2020 about remote working, digital security behaviours, and the worries they now face. Retrofitting cybersecurity The accelerated transition to homeworking is placing pressure on organizations to support … More

money

Cyber insurance claims on the rise

External attacks on companies result in the most expensive cyber insurance losses, but it is employee mistakes and technical problems that are the most frequent generator of claims by number, according to a report from Allianz Global Corporate & Specialty (AGCS). The study analyzes 1,736 cyber-related insurance claims worth EUR 660mn (US$ 770mn) involving AGCS and other insurers from 2015 to 2020. “Losses from incidents such as distributed denial of service (DDoS) attacks or phishing … More

gear

Automation to shape cybersecurity activities in 2021

Automation will play a major role in shaping cybersecurity attack and defence activities in 2021, WatchGuard predicts. Traditionally a high-investment, high-return targeted attack, in 2021 automation tools will replace manual techniques to help cybercriminals launch spear phishing campaigns at record volumes, by harvesting victim-specific data from social media sites and company web pages. Automated spear phishing attacks to prey on fears And as society continues to grapple with the impact of COVID-19, it is likely … More

Amazon MWAA: Enabling data engineers to easily execute data processing workflows in the cloud

Amazon Web Services announced the general availability of Amazon Managed Workflows for Apache Airflow (MWAA), a new managed service that makes it easy for data engineers to execute data processing workflows in the cloud. Apache Airflow is a popular open-source tool that helps customers author, schedule, and monitor workflows. With Amazon MWAA, customers can use the same familiar Airflow platform as they do today to manage their workflows, and enjoy improved scalability, availability, and security … More

AdaCore launches new edition of GNAT Pro to support Wind River Helix Virtualization Platform

AdaCore launched a new edition of its premier GNAT Pro Ada, C and C++ development toolsuites in support of the Wind River Helix Virtualization Platform. Offered in separate Ada and C/C++ packages, GNAT Pro enhances Helix Platform’s ability to consolidate mixed-criticality aerospace, defence and automotive applications onto a scalable, agile and certifiable platform. By choosing GNAT Pro, Helix Platform customers will experience a consistent software development toolchain across each of their Helix Platform partitions and … More

cpanel

cPanel 2FA bypass vulnerability can be exploited through brute force

A two-factor authentication (2FA) bypass vulnerability affecting the popular cPanel & WHM software suite may allow attackers to access secured accounts, Digital Defense researchers have found. The vulnerability has been patched last week and, by now, web hosting providers have hopefully upgraded their installations. Still, admins of sites that are managed through cPanel should check whether their provider did perform the update (and demand they do it if they haven’t). About the cPanel 2FA bypass … More

Rockwell Automation improves security of visualization apps with new industrial PCs and software

Rockwell Automation announced the release of new industrial PCs and software to markedly improve the reliability and security of visualization applications. Visualization systems are often among the most expensive plant floor systems to maintain and are a common target for unauthorized users looking to access control system assets and intellectual property. The new industrial Allen-Bradley VersaView 6300 PCs and thin clients combine with FactoryTalk View human-machine interface (HMI) software and ThinManager thin-client management software to … More

TeamViewer 15.12 for macOS: Improved performance and less energy consumption

TeamViewer released TeamViewer 15.12 for macOS, which already supports the new custom architecture known as Apple Silicon. The TeamViewer app is optimized to use the new architecture to the fullest without relying on the Rosetta 2 emulation. The latest TeamViewer client supports the Apple Silicon structure as well as the new macOS Big Sur, which will be the first operating system on Apple Silicon. The key benefits of using the latest version, which supports Apple … More

Entersekt partners with Cellulant to guard against digital banking and payment fraud

Entersekt has announced a partnership with Cellulant, an African financial technology company. The partnership will further enhance Cellulant’s cybersecurity by proactively securing its digital banking channels and guarding against digital banking and payment fraud. Entersekt is working with the Cellulant team to integrate its mobile software development kit with Cellulant’s product stack, making Entersekt’s authentication and app security solutions available to Cellulant’s clients. Two large Kenyan banking groups are already working on their deployment. “We … More