Cybersecurity News
Cybersecurity News RSS Feed RSS

cyber freepik

Security researchers discover SUPERNOVA web shell activity linked to Chinese hackers

March 10, 2021

Researchers from the Counter Threat Unit (CTU) at Secureworks have discovered a possible link to China while examining how SolarWinds servers were used to deploy malware. According to Secureworks' new report, the authentication bypass vulnerability in SolarWinds Orion API, tracked as CVE-2020-10148, that can lead to remote execution of API commands, has been actively exploited by Spiral. When vulnerable servers are detected and exploited, a script capable of writing the SUPERNOVA web shell to disk is deployed using a PowerShell command.


Read More
5 mins with Borromeo

5 minutes with Michael Borromeo – Cybersecurity best practices with a hybrid workforce

Maria Henriquez
March 10, 2021
Hybrid work is emerging as a norm, especially for companies who have a mix of workers whose job requires coming into the office, and those who are able to accomplish their work at home. This hybrid workforce is expected to become more prevalent as 75% of workers want to retain flexibility over their schedule beyond the pandemic. To get some insight into how security executives executives can implement consistent security practices for the new hybrid workforce environment, we spoke to Michael Borromeo, Vice President, Data Protection at Stericycle, the provider of Shred-it information security services.
Read More
cyber security freepik

Starting 2021 with a clean cyber slate

Jack Mannino
March 10, 2021
The new year is upon us, and as such, it is a time to reflect on what worked over the past 12 months, and more importantly, what didn’t work. Organizations all over the world are utilizing applications, operating systems, and IoT devices while their data, and their customer’s data, increasingly lives in the cloud. Organizations should take the beginning of the year as a housekeeping opportunity to assess their systems to set themselves up for success in the new year.
Read More
data breach

New survey examines the impact of SolarWinds breach on cybersecurity

March 9, 2021
In the wake of the biggest breach in history, DomainTools’ new survey on “The Impact of the SolarWinds Breach on Cybersecurity” aims to capture the effects felt by 200 security researchers and analysts, threat hunters, managers, C-suite executives and those whose organizations join the collateral damage left in the fallout.
Read More
corporate security

Over two million corporate secrets detected on public GitHub in 2020

March 9, 2021
GitGuardian announced the results of its 2021 State of Secrets Sprawl on GitHub report. The report, which is based on GitGuardian’s constant monitoring of every single commit pushed to public GitHub, indicates an alarming growth of 20% year-over-year in the number of secrets found.  A growing volume of sensitive data - or secrets – such as API keys, private keys, certificates, username and passwords end up publicly exposed on GitHub, putting corporate security at risk as the vast majority of organizations are either ignoring the problem or poorly equipped to cope with it.
Read More
women

Half of women in cybersecurity report positive career impact from COVID-19

New Tessian report reveals that cybersecurity jobs weathered Covid-19 storm and explains why industry needs to address issue with equal pay to encourage more women to join
March 8, 2021
While the global job market has been hit hard by the pandemic, cybersecurity job recruitment thrived in 2020. According to a new global report from human layer security company Tessian, titled Opportunity in Cybersecurity 2021, 94% of women in cybersecurity hired new staff members in 2020 to support their teams, with IT, finance and healthcare industries making the most hires.
Read More

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!