Vulnerabilities in Dell computers allow RCE at the BIOS/UEFI level
An estimated 30 million Dell computers are affected by several vulnerabilities that may enable an attacker to remotely execute code in the pre-boot (BIOS/UEFI) environment, …
How a conference room speakerphone might let attackers into your company network
Several egregious vulnerabilities affecting the Stem Audio Table conference room speakerphone could be exploited by attackers to eavesdrop on what’s being discussed in …
Ransomware attackers are leveraging old SonicWall SRA flaw (CVE-2019-7481)
Since the beginning of the year, various cyber attackers leveraged a slew of zero-day vulnerabilities to compromise different SonicWall solutions. Crowdstrike now warns that a …
White House urges private sector to enhance their ransomware defenses
In light of the ransomware attacks hitting high-profile targets such as the Colonial Pipeline and JBS, the White House has issued an open letter to private sector companies, …
Sophos XDR: Threat hunting through the entire security ecosystem
Almost a decade ago, ransomware started becoming a prominent consumer problem, locking computers and threatening users with fines and jail time for supposedly downloading …
Q1 2021 ransomware trends: Most attacks involved threat to leak stolen data
The vast majority of ransomware attacks now include the theft of corporate data, Coveware says, but victims of data exfiltration extortion have very little to gain by paying a …
Organizations can no longer afford to overlook encrypted traffic
Whether you’re a small business operating out of a single office or a global enterprise with a huge and distributed corporate network, not inspecting the encrypted traffic …
Zero Trust creator talks about implementation, misconceptions, strategy
A little over a decade ago, John Kindervag outlined the Zero Trust security model. As a VP and Principal Analyst on the Security and Risk Team at Forrester Research, he spent …
5 key cybersecurity risks in 2021, and how to address them now
With an unexpected year of massive change behind us, many organizations have now an extensive remote workforce, new technologies in use, and digital transformation under way …
With data volumes and velocity multiplying, how do you choose the right data security solution?
There is no doubt that the COVID-19 pandemic has caused radical changes in our personal and working lives. The sudden and massive surge of employees working from home and the …
Microsoft releases one-click Exchange On-Premises Mitigation Tool
Microsoft has released Exchange On-Premises Mitigation Tool (EOMT), which quickly performs the initial steps for mitigating the ProxyLogon flaw (CVE-2021-26855) on any …
As attacks on Exchange servers escalate, Microsoft investigates potential PoC exploit leak
Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon (CVE-2021-26855) and three other vulnerabilities patched by Microsoft in early …