Search results for: vulnerability

Appointments

Mordecai Rosen joins Skybox Security as CEO

Skybox Security appoints Mordecai Rosen as Chief Executive Officer and closes $50 million in financing from CVC Growth Funds, Pantheon, and J.P. Morgan. Mr. Rosen is a seasoned security technology executive with over 25 years of experience and will focus on driving company growth and accelerating the adoption of the Software-as-a-Service (SaaS) solution for Security Policy and Vulnerability Management. “CVC is incredibly pleased to bring on Mo as the new CEO of Skybox and to … More

CISA

CISA releases ESXiArgs ransomware recovery script

According to the latest data, the number of ESXiArgs ransomware victims has surpassed 3,800, and CISA has published a recovery script for victim organizations. Fixing the mess The attacks started late last week and are still ongoing. Investigations point to a new family of ransomware dubbed ESXiArgs by the researchers – though, according to Paul Ducklin, Sophos Head of Technology for the Asia Pacific region, it should be just Args, as it’s a Linux program … More

brain

Generative AI: A benefit and a hazard

If there’s one thing people will remember about AI advances in 2022, it’ll be the advent of sophisticated generative models: DALL.E 2, Stable Diffusion, Midjourney, ChatGPT. They all made headlines – and they will change the way we work and live. Generative models will be integrated into the software we use every day. Sometime soon, we’ll be able to ask our email client to write a reply, ask our presentation software to generate an image … More

find

Attackers are searching for online store backups in public folders. Can they find yours?

Too many online store administrators are storing private backups in public folders and exposing database passwords, secret API keys, administrator URLs and customer data to attackers who know where to look. “Exposed secrets have been used to gain control of stores, extort merchants and intercept customer payments,” say Sansec threat researchers. Searching for exposed backups The researchers have analyzed 2037 online stores of various sizes and running of various e-commerce platforms and found that 250 … More

key

Released: Decryptor for Cl0p ransomware’s Linux variant

Flawed encryption logic used in Cl0p (Clop) ransomware’s Linux (ELF) variant has allowed SentinelOne researchers to create and release a free decryptor. “The [Cl0p] Windows variant encrypts the generated RC4 key responsible for the file encryption using the asymmetric algorithm RSA and a public key. In the Linux variant, the generated RC4 key is encrypted with a RC4 [hardcoded] ‘master-key’,” the researchers explained. The differences between Windows and Linux variants The Linux Cl0p variant is … More

security platform

OPSWAT MetaDefender Kiosk K2100 secures critical networks in challenging environments

OPSWAT unveiled MetaDefender Kiosk K2100, a new, ultra-rugged mobile kiosk designed to keep critical networks secure in even the harshest conditions. “OPSWAT has a deep understanding of the challenges OT security teams face,” said Sid Snitkin, VP, Cybersecurity Services at ARC Advisory Group. “I am impressed with the comprehensive suite of security solutions and services the company offers to address those challenges, and I’m excited that our ARC Industry Leadership Forum attendees will get to … More

Handshake

Industrial Defender and Nozomi Networks partner to protect critical operational technology

Nozomi Networks and Industrial Defender have unveiled a strategic partnership to enhance the security of critical infrastructure and manufacturing facilities. The companies’ joint solution combines asset visibility and threat detection capabilities from Nozomi Networks with change and configuration monitoring from Industrial Defender to provide the most complete and detailed view of OT assets and behavior in the industry. “Collaborating with industry leaders is essential for effectively defending against the growing cyber threats against operational technology. … More

vmware

Thousands of unpatched VMware ESXi servers hit by ransomware via old bug (CVE-2021-21974)

Late last week, unknown attackers launched a widespread ransomware attack hitting VMware ESXi hypervisors via CVE-2021-21974, an easily exploitable vulnerability that allows them to run exploit code remotely, without prior authentication. Patches for CVE-2021-21974, a vulnerability in ESXi’s OpenSLP service, have been provided by VMware two years ago, and this attack has revealed just how many servers are out there are still unpatched, with the SLP service still running and the OpenSLP port (427) still … More

analyst

Trends that impact on organizations’ 2023 security priorities

Although ransomware campaigns declined quarter over quarter in 2022, primarily due to the collapse of more experienced cybercriminal groups, IT leaders still consider them to be the most worrying cyber threats. “Aside from ransomware and the hybrid work model, in 2022, we saw an evolving threat landscape, regulatory changes, and the potential for a recession by the end of 2023,” explains Ida Siahaan, research director, Info-Tech Research Group. “Furthermore, organizations are still facing the ongoing … More

week in review

Week in review: Rail transport cybersecurity, “verified” OAuth apps used to infiltrate organizations

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Mounting cybersecurity pressure is creating headaches in railway boardrooms In this Help Net Security interview, Dimitri van Zantvliet is the Cybersecurity Director/CISO of Dutch Railways, and co-chair to the Dutch and European Rail ISAC, talks about cyber attacks on railway systems, build a practical cybersecurity approach, as well as cyber legislation. Critical OpenEMR vulnerabilities may allow attackers to access patients’ … More

Handshake

ExtraHop and Binary Defense join forces to protect customers against advanced threats

ExtraHop partners with Binary Defense to offer Reveal(x) 360, ExtraHop’s SaaS-based network detection and response (NDR) solution, as a managed service. As threats rapidly evolve, cybersecurity teams are finding themselves more strapped for resources than ever before, with shrinking budgets and widening talent gaps. Highlighting these concerns, ExtraHop’s 2022 Cyber Confidence Index cited training as a top challenge when it comes to defending against cyberattacks. To better address this vulnerability, ExtraHop and Binary Defense are … More

Handshake

Trace3 integrates Deepwatch services into their solutions

Deepwatch and Trace3 announced Trace3 Managed Detection and Response (MDR) Services powered by Deepwatch. Together, Deepwatch and Trace3 will deliver end-to-end solutions that enable clients to keep pace with the dynamic cyber threat landscape and deliver exceptional service and security outcomes. In addition, Trace3 has selected Deepwatch as its MDR partner for protecting its internal environment. “We believe in Deepwatch’s capabilities and have chosen them as our MDR partner for protecting our own systems,” said … More