Search results for: supply chain compromise

criminal

Cybercrime supply chain: Fueling the rise in ransomware

Trend Micro released a research detailing the murky cybercrime supply chain behind much of the recent surge in ransomware attacks. Demand has increased so much over the past two years that many cybercriminal markets now have their own “Access-as-a-Service” sections. “Media and corporate cybersecurity attention have been focused only on the ransomware payload when we need to focus first on mitigating the activity of initial access brokers,” said David Sancho, senior threat researcher for Trend … More

week in review

Week in review: 150+ HP multifunction printers open to attack, how to combat ransomware with visibility

Here’s an overview of some of last week’s most interesting news, articles and interviews: Determined APT is exploiting ManageEngine ServiceDesk Plus vulnerability (CVE-2021-44077) An APT group is leveraging a critical vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus to compromise organizations in a variety of sectors, including defense and tech. 150+ HP multifunction printers open to attack (CVE-2021-39237, CVE-2021-39238) Over 150 HP multifunction printers (MFPs) are open to attack via two exposed physical access port vulnerabilities … More

lock

The ripple effect: Why protection against supply chain attacks is a must

The SolarWinds attack continues to send ripples across the world of cybersecurity. For the uninitiated, this form of cyber attack was like a gradual spread of poison, and its fallout proved to be massive – starting with national (US) security concerns that Russia might have been involved and ending up with President Biden issuing an Executive Order on improving the nation’s cybersecurity, followed closely by similar efforts by the UK government. Whether or not it … More

security platform

Castellan releases Crisis Management module to drive organizational readiness and response

Castellan Solutions released a new Crisis Management module that empowers organizations to act and respond in the critical moments following the onset of a business disruption. The risk landscape is evolving, and business as usual is being challenged every day. As supply chain disruptions continue and cyber attacks increase in scale and frequency, it’s no longer a question of if disruption will occur, it’s when. Taking a holistic approach to managing risk through resilience management, … More

week in review

Week in review: Windows EoP flaw still exploitable, GoDaddy breach, malicious Python packages on PyPI

Here’s an overview of some of last week’s most interesting news, articles and interviews: After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379) A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its discoverer, still exploitable. GoDaddy breach: SSL keys, sFTP, database passwords of WordPress customers exposed GoDaddy, the popular internet domain registrar and web hosting company, has suffered … More

open source

Securing open-source code supply chains may help prevent the next big cyberattack

The headline-making supply chain attack on SolarWinds late last year sent a shock wave through the security community and had many CISOs and security leaders asking: “Is my software supply chain secure?” After months of analysis, we know that many (some might argue most) organizations are vulnerable to supply chain attacks. In a business world in which we all have so many third-party dependencies, no organization is an island, and no one is immune. The … More

online shopping

Small businesses urged to protect their customers from card skimming

With Black Friday and Cyber Monday quickly approaching, the UK National Cyber Security Centre (NCSC) is urging small online shops to protect their customers from card skimming cyber criminals. As part of NCSC’s Active Cyber Defence programme, the organization has already notified this year 4,151 small businesses that their sites have been compromised to steal customers’ payment details, and is now advising the rest to be on the alert. Online shops and card skimming: The … More

connected car

How do I select an automotive IoT security solution?

As the automotive industry rapidly evolves and cars become smarter, cybercriminals are becoming more sophisticated too, constantly finding new ways to compromise connected vehicles. Other than the possibility of being stolen, there is an even greater threat, which implies the vehicle being controlled by hackers thus putting human lives at risk. To select a suitable automotive IoT security solution, you need to think about a variety of factors. We’ve talked to several industry professionals to … More

python pi

Malicious Python packages employ advanced detection evasion techniques

JFrog researchers have discovered 11 malicious Python packages on PyPI, the official third-party package repository for Python, which have been collectively downloaded over 41,000 times. This is not the first time that malicious packages have been successfully introduced into online package repositories and will surely not be the last. What’s worrying the researchers is that attackers are using increasingly advanced techniques to avoid detection. Detection evasion techniques The malicious packages – importantpackage, important-package, pptest, ipboards, … More

Handshake

Armorblox email security platform integrates with Microsoft Sentinel to help stop email-based BEC

Armorblox announced that it has joined the Microsoft Intelligent Security Association (MISA), a coalition of independent software vendors and managed security service providers that have integrated their solutions into Microsoft’s security product ecosystem to help joint customers better defend themselves against a world of increasing cyber threats. To be considered for MISA, organizations must be nominated by Microsoft and demonstrate integrations that support the goal of improving enterprise security. MISA is an ecosystem of software … More

code

Lack of API visibility undermines basic principle of security

One of the oldest principles of security is that you cannot secure what you cannot see. Visibility has always been the starting place for monitoring and protecting attack surface and valuable resources. Various technical challenges have come to bear over the years—the shift to “let it all in” HTTP back in the late 90s, the subsequent advent and then common usage of encrypted traffic, the rise of shadow IT and groups or employees empowered to … More

security platform

BlastWave BlastShield addresses the three most common attack vectors

BlastWave announces BlastShield, an all-in-one SDP solution that combines infrastructure cloaking and passwordless multi-factor authentication (MFA) for identity-based secure remote network access for organizations who’ve adopted a zero trust security model. BlastShield enables organizations to hide on-premise and cloud workloads from outsiders and insider threats, concealing an organization’s infrastructure from cyberattacks through software-defined microsegmentation without modifications to existing network fabric and hardware. Using passwordless MFA, BlastShield prevents account takeovers while combining the SDP capabilities of … More