enterprise
Scammers are impersonating the DarkSide ransomware gang
Someone out there is impersonating the infamous DarkSide ransomware gang and trying to trick companies in the energy and food industry to part with 100 Bitcoins, Trend Micro …
Microsoft Defender for Endpoint now detects jailbroken iOS devices
Microsoft has announced new and improved capabilities for enterprise security teams that use Microsoft Defender for Endpoint on Android and iOS and Microsoft threat and …
How a conference room speakerphone might let attackers into your company network
Several egregious vulnerabilities affecting the Stem Audio Table conference room speakerphone could be exploited by attackers to eavesdrop on what’s being discussed in …
Can your MFA implementations stymie MFA bypass attacks?
Shay Nahari, Head of Red-Team services at CyberArk, says that they’ve been increasingly asked by customers to probe their multi-factor authentication (MFA) defenses, …
What happens to email accounts once credentials are compromised?
Agari researchers entered unique credentials belonging to fake personas into phishing sites posing as widely used enterprise applications, and waited to see what the phishers …
Beware of “Ransomware system update” emails!
Emails referencing the Colonial Pipeline ransomware attack and looking like they’ve been sent from the corporate IT help desk have been hitting employees’ inboxes …
New Google tool reveals dependencies for open source projects
Google has been working on a new, experimental tool to help developers discover the dependencies of the open source packages/libraries they use and known security …
White House urges private sector to enhance their ransomware defenses
In light of the ransomware attacks hitting high-profile targets such as the Colonial Pipeline and JBS, the White House has issued an open letter to private sector companies, …
Enterprise networks vulnerable to 20-year-old exploits
Popular preconceptions of enterprise security and network usage are often inaccurate, according to Cato Networks. While exotic attacks and nation-states such as Russia and …
Happy birthday GDPR: IoT impact and practical tips for compliance
With the GDPR now in its third year, compliance with the EU data privacy regulation is still a significant issue for organizations to tackle, especially especially when it …
Can zero trust kill our need to talk about locations?
As security professionals, we have acknowledged for over a decade that our data resides outside our network. Yet, we still talk about strategies for protecting the enterprise …
Sophos XDR: Threat hunting through the entire security ecosystem
Almost a decade ago, ransomware started becoming a prominent consumer problem, locking computers and threatening users with fines and jail time for supposedly downloading …