The National Security Agency (NSA) released a Cybersecurity Advisory on Russian state-sponsored actors exploiting CVE-2020-4006, a command-injection vulnerability in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. The actors were found exploiting this vulnerability to access protected data on affected systems and abuse federated authentication.
When we hear the term “critical infrastructure,” we want to believe that the assets – whether they are physical or digital – are extremely secure. Our minds conjure images of the vaults of Fort Knox, which are protected from every angle. However, critical infrastructure of the digital variety is not necessarily any more secure than any other digital asset. It all comes down to how meticulous the organization is in looking for and quickly closing vulnerabilities and security gaps that expose an attack surface for a bad actor to exploit.
With more Americans expected to do their holiday shopping online during the COVID-19 pandemic, US agencies and cybersecurity leaders are urging all consumers to be on alert for holiday shopping scams and cyber threats, which historically spike during the holiday season. Here, we talk to Michael Rezek, Vice President of Business Development and Cybersecurity Strategy at Accedian, about the technologies retailers need to adopt to ensure a smooth holiday shopping season, how to see the warning signs for bad actors, how to proactively manage them and what to do to prevent them in the first place.
To combat commonly exploited protocols, the Center for Internet Security, Inc. (CIS) has released guidance to help organizations mitigate these risks to protect and defend against the most pervasive cyber threats faced today that can be exploited through RDP.
Both organizations and consumers are evolving, becoming more digital, and requiring features that align with the current environment. As businesses are transforming digitally, consumers are surrounded by a plethora of applications and are using apps more than ever in daily life. Unfortunately, companies and individuals are at greater risk than ever because applications are among the top targets for threat actors.
Department store chain Kmart has suffered a cyberattack by the Egregor ransomware operation, resulting in the encryption of devices and servers connected to the company’s networks. According to Bleeping Computer, online stores continue to operate, but the 'Transformco Human Resources Site,' 88sears.com, is currently offline, leading employees to believe the outage is caused by the recent ransomware attack.
Organizations mostly monitor what they already know about, leaving unknown assets unprotected and open to attackers
December 4, 2020
CyCognito announced new research in partnership with Enterprise Strategy Group (ESG) that revealed most security professionals recognize that attack surface protection is important, but their operational practices and tools used aren’t up to the challenge.
A new partnership aims to help healthcare IT vendors and services firms improve their overall risk and security profile and provide greater transparency to thousands of healthcare providers. As part of the partnership, KLAS, which has conducted deep research and analysis on more than 900 healthcare IT products and services, will introduce a new Cybersecurity Readiness Assessment.
Iranian cyber threat actors have been continuously improving their offensive cyber capabilities. They continue to engage in more conventional offensive cyber activities ranging from website defacement, distributed denial of service (DDoS) attacks, and theft of personally identifiable information (PII), to more advanced activities—including social media-driven influence operations, destructive malware, and, potentially, cyber-enabled kinetic attacks, warns the Cybersecurity and Infrastructure Security Agency (CISA).
Healthcare is a vitally important industry, especially today. Sadly, healthcare organizations are frequently the targets of cyberattacks. This is especially important today because many of these attacks impede the ability of the organizations to offer care to their patients. The most severe attacks can even cause life-threatening situations.
RSS
