enterprise
Cyber threats organizations should keep an eye on in 2023
In Malwarebytes’ most recent report on the current state of malware, the company has identified several high-profile cyber threats that organizations should be on the …
Prevent and detect Adobe ColdFusion exploitation (CVE-2023-26360, CVE-2023-26359)
When Adobe released security updates for its ColdFusion application development platform last month, it noted that one of the vulnerabilities (CVE-2023-26360) had been …
3CX supply chain attack: What do we know?
Five days have passed since the supply chain attack targeting 3CX customers gained wider public attention, but the software’s manufacturer is yet to confirm how the …
Ransomware gangs are exploiting IBM Aspera Faspex RCE flaw (CVE-2022-47986)
Attackers are exploiting a critical vulnerability (CVE-2022-47986) in the IBM Aspera Faspex centralized file transfer solution to breach organizations. About CVE-2022-47986 …
3CX customers targeted via trojanized desktop app
Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began …
Exchange Online will soon start blocking emails from old, vulnerable on-prem servers
Slowly but surely, Microsoft aims to make it impossible for unsupported and/or unpatched on-prem Microsoft Exchange servers to use the company’s Exchange Online hosted …
The SVB demise is a fraudster’s paradise, so take precautions
For those who haven’t followed the drama, Silicon Valley Bank has been shut down by the California Department of Financial Protection and Innovation, after a bank run that …
Veeam Backup & Replication admins, get patching! (CVE-2023-27532)
Veeam Software has patched CVE-2023-27532, a high-severity security hole in its widely-used Veeam Backup & Replication solution, and is urging customer to implement the …
How to achieve and shore up cyber resilience in a recession
Today’s business leaders are grappling with two opposing challenges. On the one hand, present day global economic and recessionary pressures mean spending policies need to be …
Google Cloud Platform allows data exfiltration without a (forensic) trace
Attackers can exfiltrate company data stored in Google Cloud Platform (GCP) storage buckets without leaving obvious forensic traces of the malicious activity in GCP’s …
Microsoft Exchange admins advised to expand antivirus scanning
After having stressed the importance of keeping Exchange servers updated last month, Microsoft is advising administrators to widen the scope of antivirus scanning on those …
Third-party risks overwhelm traditional ERM setups
Enterprise risk management (ERM) teams are struggling to effectively mitigate third-party risk in an increasingly interconnected business environment, according to Gartner. …
Featured news
Resources
Don't miss
- Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
- TikTok videos + ClickFix tactic = Malware infection
- DanaBot botnet disrupted, QakBot leader indicted
- Is privacy becoming a luxury? A candid look at consumer data use
- Unpatched Windows Server vulnerability allows full domain compromise