Thousands of unpatched VMware ESXi servers hit by ransomware via old bug (CVE-2021-21974)
Late last week, unknown attackers launched a widespread ransomware attack hitting VMware ESXi hypervisors via CVE-2021-21974, an easily exploitable vulnerability that allows …
While governments pass privacy laws, companies struggle to change
Government agencies keep making new privacy rules while end users fall victim to malpractice and scams. Bill Tolson, VP of Compliance and eDiscovery at Archive360, has spent …
Trends that impact on organizations’ 2023 security priorities
Although ransomware campaigns declined quarter over quarter in 2022, primarily due to the collapse of more experienced cybercriminal groups, IT leaders still consider them to …
Nevada Ransomware has released upgraded locker
Resecurity has identified a new version of Nevada Ransomware which recently emerged on the Dark Web right before the start of 2023. The actors behind this new project have an …
Week in review: Rail transport cybersecurity, “verified” OAuth apps used to infiltrate organizations
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Mounting cybersecurity pressure is creating headaches in railway boardrooms …
Patch your Jira Service Management Server and Data Center and check for compromise! (CVE-2023-22501)
Australian software maker Atlassian has released patches for CVE-2023-22501, a critical authentication vulnerability in Jira Service Management Server and Data Center, and is …
New infosec products of the week: February 3, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Arkose Labs, Hornetsecurity, HYCU, KELA, and Trulioo. Hornetsecurity unveils two …
Short-staffed SOCs struggle to gain visibility into cloud activities
Enterprises have a limited number of analysts running their security operations centers (SOCs) and are deploying multiple tools in an attempt to address their cloud security …
Inability to prevent bad things from happening seen as the worst part of a security job
83% of organizations experienced more than one data breach in 2022. However, 97% of respondents feel confident that they are well-equipped with the tools and processes needed …
Photos: Cybertech Tel Aviv 2023, part 2
Help Net Security is attending the Cybertech Tel Aviv 2023 conference and exhibition, which gathers cybersecurity experts, businesses and startups from around the world. Here …
The next cyber threat may come from within
71% of business executives worry about accidental internal staff error as one of the top threats facing their companies, almost on par with concern about outside attackers …
50% of organizations have indirect relationships with 200+ breached fourth-party vendors
98 percent of organizations have vendor relationships with at least one third-party that has experienced a breach in the last two years, according to SecurityScorecard and The …
Featured news
Sponsored
Don't miss
- Cybercriminals used a gaming engine to create undetectable malware loader
- ESET researchers analyze first UEFI bootkit for Linux systems
- QScanner: Linux command-line utility for scanning container images, conducting SCA
- Choosing the right secure messaging app for your organization
- Zero-day data security