Category: Cyber Defense Magazine

By Rene Kolga, Head of Product, Nyotron. It’s no secret that enterprises struggle to find the skilled personnel they need to properly secure their IT systems and protect sensitive information like intellectual property, personally identifiable information(PII) and protected health information…

Read more →

While crooks continue to exploit the Coronavirus outbreak, the Europol announced to have arrested a man involved in COVID19 business scams. The Europol announced the arrest of a 39-year old man that is allegedly involved in Business email scam (BEC)…

Read more →

By Daniel Fried, General Manager (GM) and Senior Vice President (SVP), EMEA and Worldwide Channels, Veeam The issue of data protection and privacy was, until recently, a conversation confined to a specific group of people within an organization. Unless you…

Read more →

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online.…

Read more →

By Daniel Fried, General Manager (GM) and Senior Vice President (SVP), EMEA and Worldwide Channels, Veeam The issue of data protection and privacy was, until recently, a conversation confined to a specific group of people within an organization. Unless you…

Read more →

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online.…

Read more →

GTB Technologies, Inc. The Data Protection Company In today’s business environment, data is everything. With data volumes increasing exponentially, the cloud has become the go-to for many companies to store their vital information. Offloading data storage and management has worked…

Read more →

By Guido Ronchetti, CTO of XTN Cognitive Security XTN develops Behavioral-based Fraud and Threat Protection solutions designed to defend digital businesses. Our security solutions are Cognitive, using proprietary AI algorithms. We also employ behavioral biometric analysis, both to guarantee complete user profiling,…

Read more →

Cybersecurity researchers spotted a crypto-mining botnet, tracked as Vollgar, that has been hijacking MSSQL servers since at least 2018. Researchers at Guardicore Labs discovered a crypto-mining botnet, tracked as Vollgar botnet, that is targeting MSSQL databases since 2018. The botnet is…

Read more →

By Thomas Hatch Cybersecurity can oftentimes feel like you’re playing roulette. It can also feel like a long night in the casino where the longer you stay, the more likely you are to go home a loser. IT security is…

Read more →

By M. Michael Mitama, THETA432 We live in an era where we are continuously bombarded with marketing campaigns of the next silver-bullet that will stop “The Threat”. Overcompensation on malware and misclassification of malware as the threat is so commonplace,…

Read more →

Researchers found a piece of Raccoon Stealer that abuse of Google Cloud Services and leverages multiple delivery techniques. Racoon malware (aka Legion, Mohazo, and Racealer) is an info-stealer that recently appeared in the threat landscape that is advertised in hacking forums. The malware…

Read more →

For the third time in a few weeks, the FBI has issued an alert about supply chain attacks carried out by nation-state actors using the Kwampirs malware. The FBI has issued an alert about supply chain attacks using the Kwampirs…

Read more →

San Francisco, CA – At the RSA Conference 2020, Gary Berman and I  had the privilege of interviewing some of the top executives in the cybersecurity Community about what concerns weighed on their minds, regarding the state of the industry,…

Read more →

Security experts uncovered a new Coronavirus-themed phishing campaign, the messages inform recipients that they have been exposed to the virus. Experts continue to spot Coronavirus-themed attack, a new phishing campaign uses messages that pretend to be from a local hospital…

Read more →

By Laurent Oudot, Founder, CEO at TEHTRIS TEHTRIS is the European cybersecurity company that has designed and deployed the smart and holistic TEHTRIS XDR Platform in more than 50 countries within heterogeneous, international and distributed infrastructures. In 2019, TEHTRIS captured…

Read more →

San Francisco, CA. – The theme at RSA Conference 2020 focused on “The Human Element,” highlighting the current trend toward focusing on end-user experience, vulnerability, and empowerment throughout the InfoSec industry. During the conference, Olivier Vallez and I had the…

Read more →

The China-linked group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and ManageEngine in a campaign on a global scale. The China-linked cyberespionage group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and Zoho ManageEngine in a campaign on a…

Read more →

Experts from Qihoo 360’s NetLab recently spotted two zero-day campaigns targeting DrayTek enterprise-grade networking devices. Since December 2019, researchers from Qihoo 360 observed two different attack groups that are employing two zero-days exploits to take over DrayTek enterprise routers to eavesdrop…

Read more →

By Arun Gandhi, Director of Product Management of the Seceon Enterprises from all verticals are embracing digital transformation. This new, increasingly connected digital world is bringing tremendous efficiencies to the way we do business. Apart from these advantages, the digital…

Read more →

By David Ruiz Coronavirus has changed the face of the world, restricting countless individuals from dining at restaurants, working from cafes, and visiting their loved ones. But for cybercriminals, this global pandemic is expanding their horizons. In the past week,…

Read more →

By Alexander Schellong, VP Global Business, INFODAS Highly sensitive systems and data assets (domains) are often separated from the Internet or less critical systems. Separation is achieved through isolation, commonly referenced as an air gap. While isolation significantly increases the…

Read more →

By Salah, VP of Marketing at CipherCloud The ongoing cloud mobile digital transformation has brought cloud access security brokers (CASB+) front and center as an important part of enterprise cloud mobile security architectures. This article will take a closer look…

Read more →

By Michael Morris, Director of Global Technologies Alliances and Business Development, Endace A common challenge for security analysts, network operations and application teams is lacking the right data to troubleshoot security or performance issues quickly and conclusively. Typically, analysts are…

Read more →

By Dr. Ratinder Paul Singh Ahuja, Chairman of the Board & Chief R&D Officer ShieldX Networks                                                                                                         Securing Cloud-Generation Data Centers As many firms transition their data centers into the cloud and/or heavily virtualized environments, the old practice of securing…

Read more →

By Uzi Yair, Co-founder GTB Technologies, Inc. I recently came across several digital security vendor sites that describe themselves as a “DLP alternative.” Perusing through their pages, I came across comments such as “DLP is hard to deploy”, “DLP is…

Read more →

By Chris Jordan, CEO, Fluency Security Datacenters are basically toxic computer equipment in a constantly cooled warehouse. Their footprint is growing across the globe in places like Loudoun County, Virginia, a place not known for its cold weather. Much of…

Read more →

A Proactive Cybersecurity Paradigm By Daniel DeCloss, CEO, PlexTrac, Inc. Cybersecurity is hard, and attackers are relentless.  The job of protecting an organization from cyber threats can feel overwhelming and stressful.  The industry is short on talent and inundated with…

Read more →

In these trying times, I wanted to share with you, one of the most impressive solution that I’ve seen for Desktop as a Service (DaaS) that nearly instantly provides remote working to your local, regional and international workforce hosted on the cloud, globally.…

Read more →

The interactions between CCPA compliance and Security solutions. By Oren T. Dvoskin, Global Marketing Director, Sasa Software Introduction                                                 The California Consumer Privacy Act, AB 375 (”CCPA”) was enacted in June 2018, and became effective on January 20th 2020.  CCPA’s provisions…

Read more →

Organizations are delaying in patching Microsoft Exchange Server flaw (CVE-2020-0688) that Microsoft fixed with February 2020 Patch Day updates. Organizations are delaying in patching Microsoft Exchange Server flaw (CVE-2020-0688) that Microsoft fixed with February 2020 Patch Day updates. The CVE-2020-0688 flaw resides in the…

Read more →

Think Your Sensitive Systems Are Secure? Think Again. By Dana Tamir, VP Market Strategy for Silverfort Let me start by saying – you should be using MFA (Multi-Factor Authentication) on Everything! Passwords are no longer enough to validate the identity…

Read more →

#KILLTHEVIRUS #SAVEHUMANITY #GROWYOURPROFITS #BEBOUNTIFUL The world-wide pandemic – COVID-19 aka ‘the novel corona virus’ affects us all globally.  It’s going to take a ‘miracle’ and all of us working together in a ‘Great Awakening’ where higher ideals, higher vibrations and…

Read more →

Coronavirus-themed attacks continue to increase, experts observed new Coronavirus ransomware that acts as a cover for Kpot Infostealer. Last week, security experts from MalwareHunterTeam detected new ransomware dubbed CoronaVirus has been distributed through a malicious web site that was advertising a legitimate…

Read more →

A cybercrime gang focused on Business Email Compromise (BEC) has started using coronavirus-themed scam emails in its attacks. While the Coronavirus is spreading worldwide cybercriminals and nation-state actorsare launching COVID19-themed attacks on a global scale. Most of the attacks aimed…

Read more →

By Guido Ronchetti, CTO of XTN Cognitive Security XTN develops Behavioral-based Fraud and Threat Protection solutions designed to defend digital businesses. Our security solutions are Cognitive, using proprietary AI algorithms. We also employ behavioral biometric analysis, both to guarantee complete…

Read more →

A call for consumer education on-device security vulnerabilities in light of the increasing push for IoT security regulation By Brian Murray Throughout the past few decades, the Internet of Things and connected devices have become more and more ingrained in…

Read more →

By Christopher Kennedy, CISO and VP of Customer Success, AttackIQ 2020 Election Security Insecurity: Election security will be an open wound that can’t be healed in time for the 2020 election. There is still bad blood from the 2016 election…

Read more →

Enterprises plan on increasing their security budgets in the next year too. However, the key to preventing breaches relies upon accurately identifying and remediating gaps in current security defenses. By Stephan Chenette, co-founder, and CTO, AttackIQ Based on a survey…

Read more →

XTN develops Behavioral-based Fraud and Threat Protection solutions designed to defend digital businesses. Our security solutions are Cognitive,using proprietary AI algorithms. We also employ behavioral biometric analysis, both to guarantee complete user profiling, and to evaluate and block anomalies and…

Read more →

Facebook addressed a critical issue in WhatsApp that would have allowed attackers to read files from a user’s local file system, on macOS and Windows. Facebook has addressed a critical vulnerability in WhatsApp, tracked as CVE-2019-18426, that would have allowed…

Read more →

Vulnerabilities Allow An Attacker to Remotely Take-over Devices such as IP Phones Found Almost Everywhere from Conference Rooms to Trading Floors to Government Offices  Palo Alto, Calif., Feb. 5, 2020 — Armis, the leading enterprise IoT security company, announced the…

Read more →

Bedford, MA – Feb 05, 2020 Three Emerging Cybersecurity Startups Take the Stage to Launch Game-Changing Industry Solutions RSA® Conference, the world’s leading information security conferences and expositions, today revealed the three cybersecurity startups selected to participate in the second…

Read more →

Largest ever privacy related cash recovery for Facebook users who claimed the company’s facial recognition “Tag Suggestions” feature violated Illinois privacy law SAN FRANCISCO (January 29, 2020) – In what is the largest cash settlement ever resolving a privacy related…

Read more →

By Peter Goldstein, CTO, and co-founder, Valimail  Email security will prove to be the weakest link in election security. Email is implicated in more than 90 percent of all cybersecurity attacks, and election infrastructure is also vulnerable to email-based attacks.…

Read more →

By Corey Nachreiner  Each year, the WatchGuard Threat Lab research team examines the top emerging threats and trends across the information security landscape to develop predictions for the coming year. Even though the threats coming at you won’t be any…

Read more →

A leaked confidential report from the United Nations revealed that dozens of servers belonging to United Nations were “compromised” at offices in Geneva and Vienna. An internal confidential report from the United Nations that was leaked to The New Humanitarian…

Read more →

A vulnerability in the Zoom online meeting system could be exploited to join meetings and view all content shared by participants.  The popular video conferencing Zoom is affected by a vulnerability that could be exploited to join meetings and view…

Read more →

Blocking Privilege Escalation Attacks in Amazon Web Services (AWS) By Gerben Kleijn Security researcher Spencer Gietzen discovered and shared 21 privilege escalation attacks across Amazon Web Services (AWS) back in 2018. Gietzen’s work quickly became a valuable resource for others…

Read more →

The Greek government announced that a DDoS cyber attack hit the official state websites of the prime minister, the national police and fire service and several important ministries. Yesterday the Greek government announced that the official websites of the prime…

Read more →

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. According to ZDNet, the hackers involved in the attack against the Mitsubishi Electric have exploited a zero-day vulnerability in Trend Micro OfficeScan…

Read more →

  The phone of the Amazon billionaire Jeff Bezos was hacked in 2018 after receiving a WhatsApp message from the personal account of the crown prince of Saudi Arabia. In April 2019, Gavin de Becker, the investigator hired by Amazon chief…

Read more →

US military claims to have disrupted the online propaganda activity of the Islamic State (ISIS) in a hacking operation dating back at least to 2016. In 2016, the US Cyber Command carried out successful operations against the online propaganda of…

Read more →

Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate information. Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. According to the company, attackers did not obtain sensitive information…

Read more →

Hack the Army bug bounty program results: 146 valid vulnerabilities were reported by white hat hackers and more than $275,000 were paid in rewards. The second Hack the Army bug bounty program ran between October 9 and November 15, 2019…

Read more →

The insurance industry is facing the challenges of disruption caused by the technological advancements in artificial intelligence (AI) and machine learning (ML). Insurance carriers are now able to know more about their customers than ever before. They can use data…

Read more →

P&N Bank discloses data breach, customer account information, balances exposed The Australian P&N Bank is notifying its customers a data breach that has exposed personally identifiable information (PII) and sensitive account data. P&N Bank, a division of Police & Nurses…

Read more →

Las Vegas, NV – The days of the paternalistic approach to cybersecurity may be numbered. Until recently, the data security and privacy ecosystem have been driven by the assumption that end-users are helpless and vulnerable – sitting ducks that must…

Read more →

What Is Secure Access Service Edge (Sase) And Why It Matters By Paul Martini, CEO, iboss The world of technology that exists today is substantially different from that of only a few years ago. The cloud has changed everything. Mobile…

Read more →

By Matthew Gyde, CEO, Security, NTT Ltd. The Dawn of a New Era As 2020 dawns, we stand at the threshold of a new decade that’s certain to reveal challenges to the security landscape we could scarcely have imagined in…

Read more →

After Years of Vigilant Service, US Veterans must remain Vigilant Online and Guard their Home like US Marines Guard the President of the United States (POTUS) US Veterans are twice as likely as non-Veterans to be targets of online scams. …

Read more →

By Chris Hallenbeck, CISO of the Americas at Tanium U.S. state and local governments have been observing the proposed State and Local Cybersecurity Government Act of 2019, especially since it was endorsed by the National Association of State Chief Information…

Read more →

It’s time to move beyond static lists of things forbidden and things allowed. By Aron Hsiao, Director of Marketing and Insights, Plurilock Static lists have long been at the heart of cybersecurity. Today, virtually every cybersecurity practice currently depends on…

Read more →

By Christina Luttrell, IDology The approach of the new year is a good time to reflect on the fraud landscape and its impact on businesses and consumers. Fraudsters continue to push the envelope, exploring new tactics and expanding the tried and…

Read more →

By Pedro Tavares Nowadays, cybersecurity is seen as an attractive landscape for ambitious people and a truly great opportunity to fight cybercrime. During the past few months, many cyberattacks have targeted companies around the world. The reason being, there’s a…

Read more →

By Corey Nachreiner, CTO of WatchGuard Technologies Each year, the WatchGuard Threat Lab research team examines the top emerging threats and trends across the information security landscape to develop predictions for the coming year. Even though the threats coming at…

Read more →

Program Failures and How to Avoid Them By Chris Hickman, chief security officer, Keyfactor Public Key Infrastructure (PKI) has survived the test of time. Today, IT leaders and managers view PKI as a vital layer within the security framework, helping…

Read more →

Security and Privacy in the IoT age By Lokesh Yamasani, Director – IT Security (Security Officer), Satellite Healthcare We are living in a digital age, let alone the so-called “Age of IoT”. What makes it an “Age of IoT”? The…

Read more →

By Julian Weinberger, CISSP, Director of Systems Engineering at NCP engineering Regulatory initiatives such as the EU General Data Protection Regulation (GDPR) have granted consumers powerful rights to determine how organizations collect and use personally identifiable information. Companies that hold on…

Read more →

Europe Cybersecurity Market is estimated to be over USD 25 billion in 2018 and is expected to register a lucrative growth between 2019 and 2025 with a CAGR of over 13% By Shashie Pawar, PR & Media Communicator (Graphical Research)…

Read more →

By Julian Weinberger, CISSP, Director of Systems Engineering at NCP engineering Regulatory initiatives such as the EU General Data Protection Regulation (GDPR) have granted consumers powerful rights to determine how organizations collect and use personally identifiable information. Companies that hold on…

Read more →

Six Features to Consider When Evaluating SSL/TLS Inspection Solutions By Babur Khan, Technical Marketing Engineer, A10 Networks Encrypted traffic accounts for a large and growing percentage of all internet traffic. While the adoption of Secure Sockets Layer (SSL), and its…

Read more →

By Jonathan Krause, Owner, Forensic Control Whilst large scale cyber-attacks are well documented, there is also an increasing number of e-commerce small businesses at threat from targeted attacks. A report released by Verizon showed that approximately 43% of cyber-attacks targeted…

Read more →

In this era of video chatting and social media live streaming, your computer’s webcam can never be more relevant. By Anda Warner, Marketing Specialist,  SEOforX In this era of video chatting and social media live streaming, your computer’s webcam can…

Read more →

By Chris Morales, head of security analytics at Vectra Remote Desktop Protocol (RDP) is an invaluable tool for any business wanting to save money and create efficiencies through centrally controlling all its computer assets no matter how far away or…

Read more →

A flaw in the popular TikTok app could allow attackers to hijack any user account just by knowing the mobile number of the victim. Security experts from CheckPoint have discovered a critical vulnerability in the popular TikTok app that could…

Read more →

By Joshua Williams, Senior Cloud and Automations Solutions Engineer, FireMon The collective security community is spending too time much worrying about vulnerabilities. They need to shift some of those resources and take a good hard look at misconfigurations, especially in…

Read more →

By Richard Menear, CEO, Burning Tree In any business, we inherently want to trust the people we work with. By and large, we can. However, the reality is that insiders remain one of the main threats to your organization’s information…

Read more →

No single solution can offer a silver bullet for cybersecurity. Nevertheless, critical facilities such as manufacturing plants and power stations are currently in danger of relying too heavily on firewalls by regarding them not merely as a first line of…

Read more →

By Haythem Hammour, Product Marketing Manager, Brinqa A primary goal for most information security organizations today is the identification, prioritization, and remediation of cyber risk. Businesses struggle with risk management for a variety of reasons, including disconnected teams and stakeholders,…

Read more →

By Michael Yehoshua On October 23, toothpaste maker Colgate and world champion swimmer, Michael Phelps, the ambassador for the company’s Save Water initiative, headed over 1,100 organizations across the United States for the fifth annual ‘Imagine a Day without Water’.…

Read more →

By Atif Mushtaq, CEO, SlashNext Some of the most common and helpful ways to optimize web browsers are by adding extensions, such as those offered by Google Chrome. These typically small software add-ons can be attached to a browser for…

Read more →

Connecting to public networks is easy but staying safe on these networks is not easy as we think! Here are some tips to stay safe on public hotspots. By Susan Alexandra, Contributing Writer Public Wi-Fi is a free commodity shared…

Read more →

By Dan Cole, Director, Product Management, ThreatConnect With the advent of the next decade upon us, predictions for the future are sure to abound. Prophets will prophesy, forecasters will forecast, augurs will augur, and soothsayers will… sooth… say… But we…

Read more →

By Gary Golomb, co-founder and chief scientist, Awake Security The lay reader may think computer and network security is mostly about controlling for malware, rogue code, exploits, ransomware, nation-state attacks, and the like. In reality, computer and network security are…

Read more →

By Emil Hozan, Security Analyst, WatchGuard Technologies As the security landscape continues to grow and shift, WatchGuard’s Threat Lab research team continues to offer insights into the latest malware and network attacks with its quarterly Internet Security Report (ISR). This…

Read more →