Cybersecurity
Category Added in a WPeMatico Campaign
When organizations get hit by ransomware and pay the crooks to decrypt the encrypted data and delete the stolen data, they can never be entirely sure the criminals will do as they promised. And even if an organization gets its data decrypted, they cannot be sure the stolen data has indeed been wiped and won’t […]
IT professionals have developed a sophisticated understanding of the enterprise attack surface – what it is, how to quantify it and how to manage it. The process is simple: begin by thoroughly assessing the attack surface, encompassing the entire IT environment. Identify all potential entry and exit points where unauthorized access could occur. Strengthen these […]
The incident highlights concerns over the security of the SEC’s social media accounts and the need for better protections against market manipulation through false tweets.
The British Library has refuted reports that the recovery costs for its recent ransomware attack will reach nearly $9 million. The library said that the final costs are still unconfirmed and no additional funding bids have been made.
Jan 10, 2024NewsroomRansomware / Data Security A decryptor for the Tortilla variant of the Babuk ransomware has been released by Cisco Talos, allowing victims targeted by the malware to regain access to their files. The cybersecurity firm said the threat intelligence it shared with Dutch law enforcement authorities made it possible to arrest the threat […]
Jan 10, 2024NewsroomPatch Management / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This includes CVE-2023-27524 (CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution. […]
Microsoft’s January 2024 Patch Tuesday includes security updates for 49 flaws and 12 remote code execution vulnerabilities. Two critical vulnerabilities were fixed, including a Windows Kerberos Security Feature Bypass and a Hyper-V RCE.
Users are recommended to switch to the mobile versions available on iOS and Google Play. The decision to sunset the desktop app is part of Twilio’s effort to focus on areas with higher demand.
A blind SQL injection vulnerability (CVE-2023-51448) in Cacti, a widely-used network monitoring, performance and fault management framework, could lead to information disclosure and potentially remote code execution. Cacti is often used in network operation centers of telecoms and web hosting providers, to collect network performance data and store it in RRDtool, a logging and graphing […]