Thousands, Possibly Millions, of Businesses Affected by Latest Ransomware Attack
Kaseya Platform Targeted in Large-Scale Global Ransomware Attack Over the holiday weekend, notorious cybercrime group, REvil, successfully launched a ransomware attack targeting Managed Service Providers (MSPs). This unprecedented hack triggered an infection chain compromising a massive, global supply chain, with reports showing at least 1,000 businesses over 17 countries being affected. The attack reportedly started […]
Defending Active Directory Against AdminSDHolder Attacks
Active Directory Permissions Attack: Hackers Gain Persistence with AdminSDHolder Active Directory (AD) tends to be a common target for hackers, as it controls the security and infrastructure for most IT systems. Attackers aim to get privileged access to a Windows Server Active Directory and remain undetected for as long as possible. These techniques used by […]
New Microsoft Report Suggests Basic Authentication as Source of Business Email Compromise (BEC) Attacks
Microsoft Examines Basic Authentication’s Role in BEC Attacks In late 2019, Microsoft announced their intent to remove basic authentication from Exchange Online protocols. Though for many organizations using Microsoft 365, a combination of basic authentication and connection protocols, like POP3 and IMAP4, is still standard practice for accessing Exchange Online mailboxes. A recent report released […]
Microsoft Remote Desktop Protocol (RDP) Vulnerability Discovered
Microsoft Remote Desktop Protocol (RDP) is one of the most popular solutions used to access critical infrastructure servers for many organizations, including those who run virtual servers on Microsoft Azure. A group of hackers, called the Secret Club, inadvertently found a major flaw in Microsoft Remote Desktop Protocol (RDP) technology. A researcher found a cleartext […]
Warning: 12-Year-Old Vulnerabilities Lying Deep in Dell PCs Puts ‘Hundreds of Millions at Risk’
Five vulnerabilities were discovered by researchers from cybersecurity firm SentinelOne in a driver for Dell PCs’ BIOS (the code responsible for launching the PC and its operating system), in particular the DBUtil driver. For 12 years, these “high severity” weaknesses have been resident. Hundreds of millions of devices are at risk and should patch on […]
New Study Reveals Top Concerns for Microsoft Platform Management
Managing Microsoft environments can be complex and time-consuming, but they provide critical services to maintain business continuity and allow access to employees to keep them productive. Whether on-premises Active Directory, hybrid, or Microsoft 365 (formerly Office 365), IT executives must balance efficiency while maintaining Active Directory security, such as managing user and group permissions, and […]
NSA Discovers New Critical Exchange Server Vulnerabilities
Microsoft released three new patches for its Exchange Server software on Tuesday after the National Security Agency (NSA) alerted the company to a fresh batch of critical vulnerabilities. All discovered flaws, four in total, lead to remote code execution on a vulnerable machine. “We urge all owners and operators of Microsoft Exchange Servers to apply […]
Disgruntled IT Contractor in Jail | Protect Against Insider Threats
Large-scale internal security breaches are becoming increasingly more popular, costing companies millions of dollars each year. The sum of this loss comes from the financial damages of the breach itself and, in some cases more importantly, damage to the company’s reputation, translating to big dollars off the company’s bottom line. A recent judgement serves as […]
The #1 Way to Prevent Insider Threats
Protecting Your Critical Assets with Insider Threat Prevention Data Breaches Happen Data security is nothing new. Where there is sensitive information, there are those who seek to access, steal, and misuse it, mostly for financial gain. The unfortunate truth about malicious activities is that a third of all data breaches are perpetrated by someone from […]
Security Budgets During COVID-19 – A New Infographic
When lockdown protocols kicked in due to COVID-19’s rapid spread all around the world, teams across many industries migrated to a work-from-home normal. However, with remote work comes new security risks—like employees accessing sensitive company assets through personal devices and home wifi. How have security budgets changed as a result of new and broadening security […]
