enterprise
Why SAP systems need to be brought into the cybersecurity fold
SAP’s status as a leading business process management software provider is undeniable. Today, the company serves over 230 million cloud users and 99 of the top 100 companies …
The challenges of managing the modern external attack surface
Qualys recently added External Attack Surface Management (EASM) capabilities to the Qualys Cloud Platform. In this interview for Help Net Security, Kunal Modasiya, VP of …
36% of orgs expose insecure FTP protocol to the internet, and some still use Telnet
A significant percentage of organizations expose insecure or highly sensitive protocols, including SMB, SSH, and Telnet, to the public internet, the ExtraHop Benchmarking …
Could criminalizing ransomware payments put a stop to the current crime wave?
In this Help Net Security video, Charl van der Walt, Head of Security Research, Orange Cyberdefense, discusses whether criminalizing ransomware payments could quell the …
Phishers use custom phishing kit to hijack MFA-protected enterprise Microsoft accounts
An ongoing, large-scale phishing campaign is targeting owners of business email accounts at companies in the FinTech, Lending, Insurance, Energy and Manufacturing sectors in …
VMware: Patch this critical vulnerability immediately! (CVE-2022-31656)
VMware has released fixes for ten vulnerabilities, including CVE-2022-31656, an authentication bypass vulnerability affecting VMware Workspace ONE Access, Identity Manager and …
How to spot deep-faked candidates during interviews
The FBI recently issued a warning that malicious attackers are using deepfakes to apply for a variety of remote work positions via virtual interviews over the internet. These …
Browser synchronization abuse: Bookmarks as a covert data exfiltration channel
Two universal and seemingly innocuous browser features – the ability to create bookmarks (aka “favorites”) and browser synchronization – make …
Attackers are slowly abandoning malicious macros
Malicious macro-enabled documents as vehicles for email-based malware delivery are being used less and less, Proofpoint researchers have noticed. Threat actors are switching …
Minimizing risk: Key cybersecurity-related M&A considerations
Global M&A hit new highs in 2021 reaching an eye-popping $5.1 trillion in total deal value, according to PwC. With economic headwinds leaving acquisition as the only …
Microsoft adds default protection against RDP brute-force attacks
“Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors,” David Weston of Enterprise and OS Security at …
Introducing the book: Managing the Dynamic Nature of Cyber Security
In order to provide organizations with knowledge to lower their cyber risk, Dr. Sander Zeijlemaker, launched his book – “Managing the Dynamic Nature of Cyber Security: A …