enterprise Archives - Page 2 of 5 - Cyber Security Minute

HermeticRansom used as a smokescreen for wiper attacks | Kaspersky official blog

Issued by: Kaspersky Blog

Our researchers analyzed the HermeticRansom malware also known as Elections GoRansom. By and large, this is a fairly simple cryptor. What is interesting in this case is the purpose for which attackers are using it. HermeticRansom goals HermeticRansom attacked computers at the same time as another malware known as HermeticWiper, and based on publicly available…

Vulnerabilities

4 years since Sperctre vulnerability discovery | Kaspersky official blog

Issued by: Kaspersky Blog

Four years have passed since the first publication of the research on Spectre and Meltdown, hardware vulnerabilities in modern processors. Since then, researchers discovered several similar flaws, that are potentially capable of leaking confidential data. The researchers also showed examples of attacks using these vulnerabilities, although most of them are unlikely to be used in…

Network Security

Enterprise data loss prevention market to reach $6.265 billion by 2026

Issued by: Help Net Security

The global enterprise data loss prevention market is projected to grow at a CAGR of 21.03% to reach $6.265 billion by 2026, from $1.647 billion in 2019, according to ResearchAndMarkets. The enterprise data loss prevention market is highly driven by the escalating demand for an optimized solution with a spike in cybersecurity threats to enterprises….

Malware & Threats

Tens of thousands unpatched GitLab servers under attack via CVE-2021-22205

Issued by: Help Net Security

Attackers are actively exploiting an “old” vulnerability (CVE-2021-22205) to take over on-premise GitLab servers, Rapid7 researcher Jacob Baines warns. The additional bad news is that at least half of the 60,000 internet-facing GitLab installations the company detects are not patched against this issue. What are the attackers doing with these servers? Damian Menscher, a security…

Application Security

MVSP: A minimum cybersecurity baseline to simplify vendor security assessment

Issued by: Help Net Security

Any organization that’s actively working on managing its cybersecurity risk can’t ignore the risk that goes with third-party vendors having access to its critical systems and customer data. “Up until today, organizations of all sizes have had to design and implement their own security baselines for vendors that align with their risk posture. Unfortunately, this…

Vulnerabilities

Nagios XI vulnerabilities open enterprise IT infrastructure to attack

Issued by: Help Net Security

Researchers have unearthed 11 vulnerabilities affecting Nagios XI, a widely used enterprise IT infrastructure/network monitoring solution, some of which can be chained to allow remote code execution with root privileges on the underlying system. Attackers are likely to try to exploit vulnerabilities in network management systems like Nagios because their oversee critical network components and…

Vulnerabilities

OMI vulnerabilities threaten Linux virtual machines on Azure

Issued by: Kaspersky Blog

News has surfaced of a rather dangerous practice in Microsoft Azure, whereby when a user creates a Linux virtual machine and enables certain Azure services, the Azure platform automatically installs the Open Management Infrastructure (OMI) agent on the machine. The user won’t know it. Although a stealth installation might sound terrible on its face, this…

Malware & Threats

White House urges private sector to enhance their ransomware defenses

Issued by: Help Net Security

In light of the ransomware attacks hitting high-profile targets such as the Colonial Pipeline and JBS, the White House has issued an open letter to private sector companies, urging them to do their part to stymie the threat. The Federal Government is working with partners around the world to disrupt and deter ransomware actors, by…

Vulnerabilities

CFOs taking strategic roles after overcoming COVID-19 challenges

Issued by: Help Net Security

CFOs are taking on greater strategic and enterprise-building roles after guiding their organizations through the challenges of COVID-19. CFO Research of Argyle Advisory & Research Services and FTI Consulting surveyed 325 corporate finance executives to better understand how CFOs and the finance function drive enterprise value. Five key themes The work of CFOs during the…

Malware & Threats

6 new ways threat actors will attack in 2021

Issued by: CSO

When COVID-19 hit and then started forcing massive enterprise changes in March, it caused a significant change in the enterprise threat landscape. That is even more troubling given that it all happened within a few days, which required the cutting of security corners for everything, especially the creation of remote sites. COVID also accelerated movement…