Supply-chain attack on Kaseya impacting 1000+ businesses
More than 1000 businesses from around the world have reportedly been impacted in a supply-chain attack targeting Kaseya software.
Stories by Lucian Constantin
Flaws in Dell's over-the-air device recovery and update impacts millions of devices
As many as 40 million Dell devices are vulnerable to targeted man-in-the-middle attacks. Dell advises BIOS/UEFI updates.
Active Directory Certificate Services a big security blindspot on enterprise networks
Microsoft's Active Directory PKI component commonly have configuration mistakes that allow attackers to gain account and domain-level privileges.
Thousands of publicly accessible VMware vCenter Servers vulnerable to critical flaws
Three weeks after releasing patches for a critical vulnerability in VMware vCenter, thousands of servers remain vulnerable to attacks.
Siloscape malware escapes Windows containers to backdoor Kubernetes clusters
This newly discovered malware is the first to take advantage of an obscure Windows container escape technique to seek out and infect Kubernetes clusters.
Spy groups hack into companies using zero-day flaw in Pulse Secure VPN
Known and unknown groups are using VPN vulnerabilities to circumvent authentication and establish backdoors.
FBI cleans web shells from hacked Microsoft Exchange servers in rare active defence move
The FBI has been deleting backdoors placed by cyber espionage group Hafnium on Microsoft Exchange servers, signalling a more active defence approach.
How data poisoning attacks corrupt machine learning models
Data poisoning involves tampering with and polluting a machine learning model's training data, impacting the ability to produce accurate predictions.
Top cyber crime gangs use targeted fake job offers to deploy stealthy backdoor
The Golden Chickens cyber criminal gang is believed to sell its more_eggs backdoor for campaigns executed using information from LinkedIn profiles.
PHP backdoor attempt shows need for better code authenticity verification
Attackers were able to place malicious code in the PHP central code repository, forcing changes to the PHP Group's infrastructure.
Cloudflare attempts to become corporate network backbone with centralised management and security
Magic WAN and Magic Firewall aim to simplify linking sites and data centres while allowing organisations to better enforce security policies.
Explaining Ryuk ransomware, a targeted and devastatingly effective attack
Ryuk attacks are targeted to the most vulnerable, most likely to pay companies and are often paired with other malware such as TrickBot.
What is hashing? The best way to protect stored passwords
Hashing is a cryptographic process that makes it harder for attackers to decrypt stored passwords, if used correctly.
Intel, Microsoft join DARPA effort to accelerate fully homomorphic encryption
Aims to improve performance of FHE to make it practical for business and government to better protect confidential data in the cloud.
New free software signing service aims to strengthen open source ecosystem
The Linux Foundation's sigstore code-signing software, developed with IBM and Red Hat, will help prevent attacks on the software supply chain
Brand Post
Huawei Unveils A Powerful Vision For SMEs And The Channel At Huawei Connect 2023
Sponsored By
