Tag: Heimdal Security Blog

Effectively managing third-party risks starts with a solid plan, and our Vendor Risk Assessment Template is the perfect tool to help you evaluate vendors and protect your business. Third-party vendors can introduce significant risks—ranging from cybersecurity vulnerabilities to compliance challenges.…

Read more →

The holiday season is a time of celebration, but it’s also a high-risk period for cyberattacks. Cybercriminals look to exploit reduced staffing, remote work, and the surge in online activity. As everyone scrambles for last-minute deals, these attackers find it easier…

Read more →

Organizations of all sizes rely on tools like Action1 to manage software updates and security patches. However, Action1 is not the only game in town. Businesses often need alternatives that better support remote devices, streamline software deployment, or align with…

Read more →

This post is authored by Heimdal’s Cybersecurity Architect and Technical Product Marketing Manager Andrei Hinodache. You may know him as the face of our popular series of webinars. If you want to watch the full webinar this EDR strategy guide…

Read more →

Meet Linda, the CFO of a multinational company. She is currently on her way to a business conference on the other side of the world. Linda makes many more trips like this these days. Once upon a time, jet-setting across…

Read more →

Meet Linda, the CFO of a multinational company. She is currently on her way to a business conference on the other side of the world. Linda makes many more trips like this these days. Once upon a time, jet-setting across…

Read more →

Today, organizations around the world are facing a perfect storm of inflation, smaller budgets, rising labor rates, and slower consumer demand. Against that backdrop, hackers are only getting more active. Businesses therefore have some difficult choices to make. Do you…

Read more →

A well-structured Cloud Security Policy is no longer a luxury—it’s a necessity. To help you stay ahead, we’re offering a free, downloadable Cloud Security Policy Template designed to simplify your cloud security journey. In this article, we’ll explore why a…

Read more →

New phishing tool, GoIssue, takes email addresses from public GitHub profiles and sends mass phishing messages to GitHub users. The tool is specifically designed to target GitHub developers. Researchers warn that compromising developers’ credentials opens the gate for source code…

Read more →

CISA warns that most of the top routinely exploited vulnerabilities during 2023 were zero-days. The FBI, the NSA, and 5 other cybersecurity authorities, like the UK’s National Cyber Security Centre (NCSC), were also partners in releasing The 2023 Top Routinely…

Read more →

Flexera is a popular choice for gaining visibility across multiple clouds. But you’ll need a few more capabilities to manage all your IT devices and keep software up to date. IT asset management should cover everything from online platforms to…

Read more →

A Privileged Access Workstation (PAW) is a secure computer built to safeguard sensitive tasks and privileged accounts. IT admins and security teams use PAWs to manage critical systems like the Active Directory. They also use them to access cloud services,…

Read more →

Google has recently announced that it plans to implement mandatory multi-factor authentication (MFA) on all Cloud accounts by the end of 2025. Google argues that MFA strengthens security without sacrificing a smooth and convenient online experience. It is reported that…

Read more →

A new malware named ‘SteelFox’ is actively used by threat actors to mine cryptocurrency and steal credit card data. The malware leverages the BYOVD (Bring Your Own Vulnerable Device) technique to obtain SYSTEM privileged on Windows machines. SteelFox is distributed…

Read more →

Any cybersecurity professional will know that regularly patching vulnerabilities is essential to protecting a network. Keeping apps, devices, and infrastructure up to date closes ‘back doors’ into your environment. But most cybersecurity professionals will also know there’s a big gap…

Read more →

“We have so many solutions now to solve single issues in our companies that the number of security solutions is becoming a risk itself” – Thomas Baasnes, Cybersecurity Director at Verdane. How many cybersecurity point solutions does your organization use?…

Read more →

Any cybersecurity professional will know that regularly patching vulnerabilities is essential to protecting a network. Keeping apps, devices, and infrastructure up to date closes ‘back doors’ into your environment. But most cybersecurity professionals will also know there’s a big gap…

Read more →

Nokia is investigating a potential data breach after Serbian hacker IntelBroker claimed to sell the company’s source code. The attacker said he got the data by breaching one of the telecom giant’s third-party vendor. In his post on BreachForums, he…

Read more →

Interlock ransomware operators created an encryptor meant to target FreeBSD servers. This is a practice that hackers often use in attacks on VMware ESXi servers and virtual machines. Now, the security researchers analyzed a sample of the FreeBSD ELF encryptor…

Read more →

LONDON, United Kingdom, 6 November 2024 – Heimdal, a leading provider of advanced cybersecurity solutions, and COOLSPIRiT, a UK-based expert in data management and IT infrastructure, are pleased to announce a strategic partnership to deliver cutting-edge security technologies to businesses…

Read more →

Schneider Electric, a French multinational specializing in energy management and automation solutions, has confirmed a cybersecurity incident involving unauthorized access to one of its internal project execution tracking platforms. The breach was reported after a threat actor known as “Grep”…

Read more →

Looking for Darktrace alternatives can feel like hunting for missing puzzle pieces. Yes, Darktrace does a good job at detecting network threats. But these days, you must consider covering various protection layers to secure your system. Endpoint detection and response,…

Read more →

COPENHAGEN, Denmark, November 4, 2024 – Heimdal is proud to announce that it has once again secured the ISAE 3000 SOC 2 Type II certification, marking the fourth consecutive achievement of this prestigious accreditation, further solidifying its role in supporting…

Read more →

The European Commission has adopted new cybersecurity rules for critical infrastructure across the EU, taking a major step toward enhancing digital resilience. This implementing regulation under the updated NIS2 Directive specifies cybersecurity measures for essential sectors and outlines when companies…

Read more →

Microsoft warns that Chinese threat actors steal credentials in password-spray attacks by using the Quad7 (7777) botnet, which is made up of hijacked SOHO routers. Quad7 is a botnet that consists of compromised SOHO routers. Cybersecurity specialists reported that the…

Read more →

An ongoing spear-phishing campaign is affecting a variety of companies, including governmental agencies. According to Microsoft, the Russian APT group Midnight Blizzard (also known as APT29, UNC2452, and Cozy Bear) is behind the attacks. The same threat actors breached the…

Read more →

Deploying patches is time-consuming, tedious, and uses up a lot of resources. No wonder many IT employees see it as drudge work. The good news is there’s a smarter way to do it: by implementing patch management software. Key takeaways:…

Read more →

DNS MX records are a key element in delivering an email successfully to its rightful recipient.  But have you ever wondered what it takes to deliver an email? When sending an email, a lot happens within fractions of seconds to…

Read more →

Hackers exploited an RCE flaw to target over 22,000 CyberPanel servers with PSAUX ransomware. Nearly all CyberPanel instances went offline as a result. Researchers said that in fact there are three vulnerabilities in CyberPanel versions 2.3.6 and 2.3.7 that allowed…

Read more →

A new version of the Qilin ransomware was discovered by cybersecurity researchers. The new version comes with increased sophistication and tactics to evade detection. The new variant is being tracked as Qilin.B by researchers at Halcyon and it notably supports…

Read more →

UnitedHealth confirms for the first time that over 100 million people had their personal information and healthcare records stolen during the Change Healthcare ransomware attack. Change Healthcare initially published a data breach notification warning in June, stating that a ransomware…

Read more →

Is your organization planning to implement a privileged access management (PAM) solution? If you already have passwords, an anti-virus, and a firewall, you might be wondering why you need to implement another cybersecurity technology. This article will help you understand…

Read more →

Researchers warn that NotLockBit, a new malware family mimicking LockBit ransomware, can impact Windows and macOS systems. The malware appears to be the first fully functional ransomware targeting macOS systems, moving beyond previous proof-of-concept (PoC) samples. What is NotLockBit Ransomware…

Read more →

CISA pushes for stronger security requirements to safeguard sensitive personal and government-related data from foreign adversaries. The need to implement Executive Order 14117, signed by President Biden in February 2024, is what triggered the Cybersecurity and Infrastructure Security Agency’s (CISA)…

Read more →

Microsoft is alerting business clients to a flaw that resulted in critical logs being partially lost for nearly a month. This puts at risk businesses who depend on this data to identify unwanted activity. Microsoft is alerting enterprise customers that…

Read more →

Managing access to sensitive systems and data is more crucial than ever. Organizations across all industries face significant challenges in ensuring that their security measures keep pace with the complexities of user access management. To address these challenges, we’ve developed…

Read more →

Managed Security Services (MSS) refers to outsourcing security functions to a specialized provider. All MSS main types aim to offer top technology and expertise at a convenient price. Not all of them are a good match to your company. Let’s…

Read more →

The F5 BIG-IP Local Traffic Manager (LTM) module is used by threat actors to manage unencrypted persistent cookies, which the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is alerting users to as a means of network surveillance. The advisory stated…

Read more →

Privileged Access Management (PAM) deployment isn’t always successful. And on Reddit, SysAdmins aren’t holding back: It’s overkill and I hate it PAM is expensive and difficult to implement I can say that it is hot garbage with every ounce of…

Read more →

Although job platforms and social networking sites work hard to combat fake listings, scammers consistently find new ways to bypass security measures. These fraudulent listings often go public, putting job seekers at serious risk. We reviewed 2,670 posts and comments…

Read more →

New Jersey, often seen as the corridor between New York and Philadelphia, is not only a strategic location for businesses but also a hub for technology services, including top Managed Service Providers.  Managed Service Providers play a crucial role in…

Read more →

SentinelOne shines in endpoint detection and response, but EDR is just one piece of the in-depth defense puzzle. Choosing the right cybersecurity solution is key to safeguarding your systems. To fully protect your network, cloud, or email, you’ll need more…

Read more →

A newly discovered vulnerability in the open-source CUPS (Common Unix Printing System) printing system can be used by threat actors to launch DDoS attacks with a 600x amplification factor. Known as CVE-2024-47176, the security flaw in the cups-browsed daemon can…

Read more →

Privileged access management is one of the most important topics in cybersecurity – yet it can be a minefield to get right. For hackers, elevated permissions are one of the absolute best ways to plan and execute a successful account.…

Read more →

Admin rights are one of the most important and fundamental aspects of cybersecurity. Without elevated permissions, hackers will have a hard time stealing your data or disrupting your services. For that reason, they’re often trying to gain access to an…

Read more →

UMC Health System was hit by a ransomware attack at the end of September. The attack caused the healthcare institution to divert patients to other clinics. Initially, the healthcare provider was unable to process messages from the patient portal. Also,…

Read more →

System Administrators warn that an optional Windows 11 update released on September 23rd creates issues for some computers. The cumulative update preview for Windows 11 Version 23H2 for x64-based systems brought new features for the Start menu, taskbar, and lock…

Read more →

Most people today have at least some experience with patching. If you own a smartphone, you will be familiar with Android or iOS updates. Same goes with the apps on your phone. Whether you use banking, travel or social media…

Read more →

Patch management is stressful. In one of our Heimdal webinars, we ran a snap poll with sysadmins about how they find the patch management process. The results confirm what most of us already know: the vast majority (93%) have experienced…

Read more →

When it comes to threat detection, it’s important to get the right tools for the job. Unfortunately, that can be easier said than done. Whether it’s a SIEM, EDR, XDR, MDR, or any of a whole other range of confusing…

Read more →

COPENHAGEN, Denmark, and Dubai, UAE, September 30, 2024 – Heimdal and emt Distribution announce a strategic partnership that combines Heimdal’s advanced cybersecurity solutions with emt Distribution’s deep market expertise. The collaboration will deliver sophisticated yet user friendly products to the…

Read more →

In their latest advisory, CISA warns about the dangers of threat actors trying to breach the networks of critical infrastructure by targeting Internet-exposed industrial devices using ‘unsophisticated’ methods such as brute force attacks and default credentials. Details From the Advisory…

Read more →

The bustling metropolis of New York is not only a hub for finance, media, and culture but also a dynamic space for technology services, including top Managed Service Providers.  Managed Service Providers (MSPs) play a pivotal role in supporting businesses…

Read more →

The water supply system of Arkansas City, Kansas, activated manual operation mode to contain a cyberattack. The security team discovered the attack on Sunday morning. City authorities say the water supply remains safe and there are no service disruptions. FBI…

Read more →

Kaspersky deleted itself and deployed another antivirus instead without warning, say former US users. The Russian cybersecurity company will be banned from sales and software updates in the US, starting September 29th, 2024. In June this year, the U.S. government…

Read more →

Although job platforms and social networking sites work hard to combat fake listings, scammers consistently find new ways to bypass security measures. These fraudulent listings often go public, putting job seekers at serious risk. We reviewed 2,670 posts and comments…

Read more →

Would you buy a car without checking if it has an engine? If you did, you’d wish you’d looked under the hood before investing.  The same applies to privileged access management. Without the right controls, you expose yourself to bad…

Read more →

Endpoint devices, such as desktops, laptops, tablets, and smartphones, form the backbone of modern corporate infrastructure. They allow employees flexibility and access to essential resources, but they also present significant security risks if not managed properly. This Endpoint Security Policy…

Read more →

DNS security is important for protecting corporate networks from DDoS attacks, phishing, ransomware, and data breaches. The domain name system is the cornerstone of the Internet but is not safe by design. Multiple layers of protection — like DNSSEC and…

Read more →

Choosing the right cybersecurity solution can make or break your defense strategy. While Huntress is a solid option, it has its drawbacks. Users say its reporting features could be better and that it has a steep learning curve. IT admins…

Read more →

Microsoft revealed that hackers have exploited as zero-day a Windows MSHTML platform spoofing vulnerability for more than two months. The company released a patch for CVE-2024-43461, during the September Patch Tuesday. They didn’t know that hackers were exploiting this flaw…

Read more →

So, you’re running a reasonably successful MSP. You’re busy and have regular clients. Your profits, while not stellar, are good enough. You’ve got a decent reputation, not too much employee churn, and things are basically working fine.  Let’s not minimize…

Read more →

When was the last time your business struck lucky?  Perhaps a big new client contacted you out of the blue. Maybe you got talking to a stranger in a restaurant – and it turned out they needed support with IT.…

Read more →

The last few years have seen a profound shift in the IT managed services market. Today, there is increasing customer demand for managed services providers (MSPs) and managed security services providers (MSSPs) to demonstrate their security and compliance credentials. To…

Read more →

Are you considering investing in Microsoft Defender Endpoint Security or SentinelOne Singularity, but you are not sure which one? Choosing a cybersecurity solution is an important task that can even affect your overall business performance. Don’t worry! Knowing how important…

Read more →

Are you considering investing in CrowdStrike Falcon or ESET Endpoint Security, but you are not sure which one? Choosing a cybersecurity solution is an important task that can even affect your overall business performance. Don’t worry! Knowing how important is…

Read more →

Are you considering investing in CrowdStrike Falcon or Microsoft Defender Endpoint, but you are not sure which one? Choosing a cybersecurity solution is an important task that can even affect your overall business performance. Don’t worry! Knowing how important is…

Read more →

Are you considering investing in CrowdStrike Falcon or Microsoft Defender Endpoint, but you are not sure which one? Choosing a cybersecurity solution is an important task that can even affect your overall business performance. Don’t worry! Knowing how important is…

Read more →

Are you considering investing in CrowdStrike Falcon or Microsoft Defender Endpoint, but you are not sure which one? Choosing a cybersecurity solution is an important task that can even affect your overall business performance. Don’t worry! Knowing how important is…

Read more →

A cyberattack on Highline Public Schools in Washington blocked educational activities for three days. 17,500 students in 34 schools from Washington State, as well as 2000 staff members, remained at home on September 9th. Because of this cyberattack, Highline Public…

Read more →

Payment gateway provider Slim CD data breach compromised the credit card data of 1,693,000 US and Canadian users. The breach remained undetected for almost a year. Hackers breached Slim CD’s system in August 2023, but the company only detected suspicious…

Read more →

Open XDR vs native XDR is a recurring question in cybersecurity. Your guide through the decision process should be the company’s specific needs. Lack of information often makes choosing an XDR solution a slow process. Neglecting XDR because of indecisiveness…

Read more →

American chip producer Microchip confirms that employee data was stolen during the cyberattack they suffered in August. The incident happened on August 17, and Microchip disclosed it on August 20, declaring that some of their manufacturing facilities had been affected.…

Read more →

The Russian threat actors responsible for the worldwide attacks on key infrastructure, identified as Cadet Blizzard and Ember Bear, have been connected by the United States and its allies to Unit 29155 of the Main Directorate of the General Staff…

Read more →

Zyxel released updates to fix a critical vulnerability that impacts 28 access points (AP) and security router version. The Zyxel vulnerability is tracked as CVE-2024-7261 and has a 9.8 CVSS score, which is considered critical. The flaw enables hackers to…

Read more →

Privileged access management (PAM) is a key part of modern cybersecurity. In simple terms, it’s the strategy you use to monitor and control access to the most sensitive assets or data – like confidential customer information or mission-critical servers. The…

Read more →

Transport for London (TfL) announced on September 2nd that they have detected an ongoing cybersecurity incident. The attack did not disrupt services. For the moment, there is no evidence of the attackers succeeding to compromise customers data. TfL’s security team…

Read more →

RansomHub ransomware affiliates have reportedly breached over 200 victims from a wide range of critical U.S. infrastructure sectors. This ransomware-as-a-service (RaaS) operation reached this milestone quickly, being first spotted in February 2024. The ransomware group specializes in data-theft-based extortion rather…

Read more →

Extended detection and response (XDR) products have become an increasingly common feature of the cybersecurity market in recent years. Today, they’re by far the most advanced option on the market for identifying and responding to emerging threats and sophisticated attacks.…

Read more →

Top cybersecurity companies play a pivotal role in addressing the financial impact of cybercrime, as evidenced by Cybersecurity Ventures’ forecast that in 2024, global cybercrime damage costs will reach $9.5 trillion USD annually, $793 billion USD monthly, and $182.5 billion…

Read more →

Microsoft announced hosting a Windows Endpoint Security Ecosystem Summit on September 10th. The event aims to find ways of improving security and resiliency for joint customers. Discussions will take place at Microsoft’s headquarters in Redmond, Washington. Corporate Vice President Aidan…

Read more →

The Canadian airport parking company revealed that the Park’N Fly data breach impacted the data of 1 million customers. An unauthorized third party breached their network between July 11 and July 13. According to the company’s note to the impacted…

Read more →

The last few years have seen a profound shift in the IT managed services market. Today, there is increasing customer demand for managed services providers (MSPs) and managed security services providers (MSSPs) to demonstrate their security and compliance credentials. To…

Read more →

Choosing between EDR and NGAV can feel like standing at a crossroads. Both NGAV and EDR solutions safeguard your organization from cyber threats but take a different approach. To make the right choice, you must understand what challenges they address…

Read more →

Small and medium businesses must prioritize cybersecurity to avoid financial, legal, and reputational risks. Using a unified cybersecurity platform or partnering with an MSSP offers effective, cost-efficient protection for endpoints and networks. This article will help you make an informed…

Read more →

Choosing between EDR and NGAV can feel like standing at a crossroads. Both safeguard your organization from cyber threats but take a different approach. To make the right choice, you must understand what challenges they address and how they integrate…

Read more →

American microprocessor producer Microchip Technology Incorporated suffered a cyberattack last weekend. The incident impacted its systems and disrupted the workflow of some manufacturing units. On Saturday, August 17th, the IT team detected suspicious activities in their systems. The incident impacted…

Read more →

The ‘small client problem’ is one of the most common issues that MSPs (and indeed, most service businesses) come up against. Small and medium-sized enterprises (SMEs) have far fewer resources than larger companies. They also tend not to fully appreciate…

Read more →

Running an MSP is an awesome job. You get to work with super smart people, solve intellectually stimulating problems, and make a measurable, positive difference to your customers’ businesses. But no one’s saying it’s all a bed of roses. There…

Read more →

COPENHAGEN, Denmark, August 19, 2024 – Heimdal has announced a strategic partnership with ViroSafe, one of Norway’s top IT security distributors. The collaboration will expand access to advanced cybersecurity solutions across Norway. Heimdal offers the widest range of cybersecurity tools…

Read more →

“Multiple intrusion attempts” have been connected to an ongoing social engineering campaign purportedly tied to the Black Basta ransomware group, which aims to steal credentials and install a malware dropper named SystemBC. What Do We Know About the Operation? According…

Read more →

Hackers leaked 2.7 billion data records containing personal information belonging to citizens of the United States for free, on a dark forum. The attackers claim they had exfiltrated the data from the National Public Data. The type of data in…

Read more →

Microsoft revealed that it had patched a critical SmartScreen zero-day vulnerability two months ago, during June 2024, on Patch Tuesday. Hackers had been exploiting the flaw in the wild as a zero-day since March 2024. More about the SmartScreen zero-day…

Read more →

In 2021, it was revealed that a group of hackers dubbed ‘LightBasin’ had compromised over a dozen telecom firms around the world. Their activity had been going on, undetected, for at least five years. This breach is a classic example…

Read more →

If you’re looking for external help with your organization’s security posture, one of the big decisions to make is whether you’ll go with generalists or specialists. On one hand, you could opt to work with a managed security service provider…

Read more →

Cybersecurity researchers have found a brand-new “0.0.0.0 Day” that affects all popular web browsers and that malevolent websites might use to compromise local networks. It is reported that the vulnerability exposes a fundamental flaw in how browsers handle requests, potentially…

Read more →

The American building security company, ADT, announced that it had been the victim of a data breach. Threat actors allegedly broke into certain of ADT’s systems and stole customer information, the company claims in a Form 8-K regulatory document it…

Read more →

The Hunters International ransomware gang targets IT professionals with SharpRhino remote access trojan (RAT). The malware spoofs the installer of Angry IP Scanner, an ethical hacking tool. Hunters International is a top 10 ransomware group that shares code similarities with…

Read more →

So, you’ve got together a team of security experts. You have a business plan for your managed security service provider (MSSP) company. You’ve identified a target market, chosen a security framework – and maybe you even have potential customers lined…

Read more →

The StormCloud Chinese threat group used a compromised Internet Service Provider (ISP) to distribute malware that spoofed software updates. The attackers exploited a vulnerable HTTP software system that failed to authenticate digital signatures. The DNS spoofing campaign impacted Windows and…

Read more →