In September 2016, the United States internet infrastructure took a heavy blow that left many of the Fortune 500 businesses in digital darkness. The attack, initially pinned on a hostile nation-state, was in fact the work of teenagers wielding a botnet of about 100,000 IoT devices.
- EternalDarkness or SMBGhost is the latest vulnerability affecting the Microsoft SMB protocol which was first reported in March 2020
- This is high-severity threat because SMB vulnerabilities very-often are quickly adopted by “wormified” malicious attacks. As-of publishing of this post, PoCs exist for DoS and local privilege escalation
- Bitdefender Hypervisor Introspection stops the local privilege escalation 0-day attack without any additional configurations or updates. See the Demo below.
Enterprise governance, risk, and compliance programs are designed, in important part, to ensure that companies stay on track and manage risk and uncertainty. Many organizations, due to the COVID-19 pandemic, are now finding whether their risk management and cybersecurity plans will work as intended.
Last Monday, Microsoft published a security advisory detailing a new font-parsing remote code-execution vulnerability targeting Windows 7 devices.
While the COVID-19 is confining workers to home and keeping offices empty, cybercriminals and other bad actors have no compulsion in continuing their DDoS attacks. The only difference appears to be in the scale of attacks, which are slowly moving from large to small targets. On top of that, an increase in attacks aimed at VPN providers is expected.
Building more robust security for the growing Internet of Things (IoT) has been a focal point for many over the past few years. Might blockchain, the distributed ledger technology for overseeing transactions across a network over time, be an ideal solution?
Intrusion detection, incident response, and digital forensics - these are all essential stages of managing a cyberattack. While different in nature, they all share one thing: they come after an attack has breached your systems.
The legal sector is a prime target for cybercriminals, and the vast majority of IT leaders in the industry consider insider threats a significant concern. 77% think employees are directly responsible for exposing valuable data by mistake.
A snapshot of the breach exposure of major enterprises has revealed 23 million pairs of credentials containing Fortune 1000 corporate email addresses and plaintext passwords.
- Security’s challenge is matching awareness of external threats to internal goals and the ability to execute
- Managed Detection and Response addresses key customer gaps in visibility, alerts, skills, and outcomes
- Outsourcing security operations to a managed SOC allows internal teams to focus on higher-value projects
Companies have been using videoconferencing applications for a long time, so the adjustment needed to do it from home is not major. Still, many employees have been thrown into the deep end and suddenly need to master the art of videoconferencing safely.
Let’s face it: CIOs are quite busy as they drive forward with their digital transformation efforts, build their DevOps teams, and continue their work to ensure that their business-technology systems are aligned with business needs — and somewhere within all of that work they have to find a way to keep these systems secure.
