How do I select a data encryption solution for my business?
It is a mathematical certainty that data is more protected by communication products that provide end-to-end encryption (E2EE). Yet, many CISOs are required to prioritize …
A perspective on security threats and trends, from inception to impact
Sophos published a report which flags how ransomware and fast-changing attacker behaviors, from advanced to entry level, will shape the threat landscape and IT security in …
70% of organizations experienced a public cloud security incident in the last year
70% of organizations experienced a public cloud security incident in the last year – including ransomware and other malware (50%), exposed data (29%), compromised accounts …
Fake “DNS Update” emails targeting site owners and admins
Attackers are trying to trick web administrators into sharing their admin account login credentials by urging them to activate DNSSEC for their domain. Scam emails lead to …
Paying the ransom = paying double
Paying cybercriminals to restore data encrypted during a ransomware attack is not an easy and inexpensive path to recovery, a Sophos survey reveals. In fact, the total cost of …
Attackers exploiting a zero-day in Sophos firewalls, have yours been hit?
Sophos has released an emergency hotfix for an actively exploited zero-day SQL injection vulnerability in its XG Firewalls, and has rolled it out to all units with the …
No, Corona Antivirus can’t fight COVID-19
COVID-19-themed scams are exploding both online and offline. Hijacked Twitter accounts peddling fake cures, scammy sites offering emergency supplies, misinformation campaigns, …
Microsoft releases patch for leaked SMBv3 RCE flaw
After the inadvertent leaking of details about a wormable Windows SMBv3 RCE flaw (CVE-2020-0796) on Tuesday, Microsoft has rushed to release a patch (i.e., security updates). …
Coronavirus-themed scams and attacks intensify
Scammers and other criminals are always quick to take advantage of crises, and this latest – centered around the spread of the deadly Covid-19 coronavirus around the …
Google fixes another Chrome zero-day exploited in the wild
For the third time in a year, Google has fixed a Chrome zero-day (CVE-2020-6418) that is being actively exploited by attackers in the wild. About CVE-2020-6418 No details have …
What is flowing through your enterprise network?
Since Edward Snowden’s revelations of sweeping internet surveillance by the NSA, the push to encrypt the web has been unrelenting. Bolstered by Google’s various initiatives …
Ransomware uses vulnerable, signed driver to disable endpoint security
Ransomware-wielding attackers have devised a novel tactic for disabling security protections that might get in their way: they are using a deprecated, vulnerable but signed …