Latest

Cyber Security

Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.

So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.

It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.

Police car siren flashing blue in the night showing third-party data breach

Cyber Security News

Greater Manchester Police Investigating a Third-Party Data Breach From a Ransomware Attack

September 21, 2023

A third-party data breach has exposed the personal data of UK’s Greater Manchester Police (GMP) officers and staff. Company that produces GMP’s staff ID cards was affected by a ransomware attack.

Locks on laptop screen showing Iranian hackers target defense organizations with password spraying attacks

Cyber Security News

Iranian Hackers Use Password Spray Attacks to Compromise Defense Organizations, Pharmaceutical Firms

September 21, 2023

A recent campaign by Iranian hackers has been very successful in using password spray attacks to breach high-value targets, with a particular focus on defense organizations and satellites as well as pharmaceutical company research.

Jet engine from Airbus showing data breach involving compromised account

Cyber Security News

Airbus Data Breach from a Partner Airline’s Compromised Account Leaks Confidential Information

September 20, 2023

Airbus has confirmed a data breach that exposed confidential business information via a partner airline’s compromised account. Threat actors compromised a Turkish Airlines employee account using the Redline info-stealer malware in August 2023.

Hacker working on computer showing hacker mindset and cybersecurity workforce

Cyber Security Insights

Rethinking Cybersecurity: The Power of the Hacker Mindset

September 20, 2023

For organizations to stand a chance against cybercriminals, adopting a hacker mindset is crucial. Understanding their tactics, regularly updating skills, and proactively seeking vulnerabilities are the keys to outpacing cybercriminals.

Woman holding phone with Facebook on the screen showing Facebook Messenger phishing campaign

Cyber Security News

Facebook Messenger Phishing Campaign Targets Millions of Business Accounts Locking Out Owners

September 19, 2023

Facebook Messenger phishing campaign targeted millions of business accounts using fake and hijacked personal accounts to trick business owners into installing an infostealer that harvests passwords and cookies before locking them out.

Slot machines in the casino showing ransom payment for cyber attack

Cyber Security News

Caesars Entertainment Discloses Cyber Attack, Ransom Payment Made Weeks Before MGM Heist

September 19, 2023

Caesars Entertainment quietly disclosed its own recent cyber attack in a SEC filing. Unlike MGM, Caesars appears to have skated through their own incident by making a $15 million ransom payment to the hackers.

Close up of hacker's hand over device showing Apple zero-click zero-day used by Pegasus spyware

Cyber Security News

New Pegasus Spyware Zero-Click Patched Out by Apple in Ongoing Battle Against Commercial Zero-Days

September 18, 2023

Citizen Lab reports that the new Pegasus spyware zero-click zero-day impacts the most recent version of iOS (16.6) and likely prior versions dating back to the iPhone 8. As with the prior Pegasus attack vector, victims only need to receive a iMessage to be compromised; they do not need to open the message or interact with it.

Cyber Security Insights

SSE vs SASE: What You Need to Know

September 18, 2023

For IT leaders that only require a subset of Secure Access Service Edge (SASE) capabilities, preferring to focus mainly on the security aspects and leaving out the networking components, Security Service Edge (SSE), an emerging new cloud-native security framework, is potentially a better fit.

Man logging into laptop showing social engineering attacks on super administrators

Cyber Security News

Okta: Sophisticated Social Engineering Attacks Are Targeting Super Administrators

September 15, 2023

Okta has warned about social engineering attacks by sophisticated actors targeting super administrators by tricking service desk staff into resetting multi-factor authentication for privileged users.

Access granted message on computer screen showing advanced persistent threats APT

Cyber Security Insights

Attackers Aren’t Just Getting Bolder – They’re Getting More Persistent

September 15, 2023

When targeted by an Advanced Persistent Threat (APT), an organization needs to be ready to defend from a variety of different attacks coming from different directions, sometimes all at once, and sometimes over a period of time.

1 2 3 … 233