Laptop technicians routinely violate the privacy of the people whose computers they repair: Researchers at University of Guelph in Ontario, Canada, recovered logs from laptops after receiving overnight repairs from 12 commercial shops. The logs showed that technicians from six of the locations had accessed personal data and that two of those shops also copied […]
Cyber News, Cyber Threat Trends
The Council of the European Union (EU) has adopted a new cybersecurity directive designed to improve resilience and incident response capacities across the EU, replacing NIS, the current directive on the security of network and information systems. The new directive, NIS2, will set the baseline for cybersecurity risk management measures and reporting obligations across sectors […]
Cyber News, Cyber Threat TrendsThe cybersecurity arm of Orange Business Services (OBS) organized a launch event at its Lyon campus, in France, for its latest annual threat report
Cyber News, Cyber Threat Trends
PFSense 6100 — Getting Started My initial configuration of a Netgate 6100 and PFSense This is a continuation of posts on Network Security In the last post I showed you how to direct all DNS requests to your preferred DNS servers. Redirect IoT Devices to Preferred DNS As noted that post did not include DNS over HTTPS (DoH) and you would […]
Cyber News, Cyber Threat Trends
It’s not news that phishing attacks are getting more complex and happening more often. This year alone, APWG reported a record-breaking total of 1,097,811 phishing attacks. These attacks continue to target organizations and individuals to gain their sensitive information. The hard news: they’re often successful, have a long-lasting negative impact on your organization and employees, including:
Cyber News, Cyber Threat TrendsCustomer identity and access management (CIAM), a subset of identity access management (IAM), is used to manage authentication and authorization of account creation and login process for public facing applications. To helps organizations compare their needs against the options in the market, CSO prepared a list with the top seven vendors in the market. To […]
Cyber News, Cyber Threat Trends
Google recently released a list of YARA detection rules for malicious variants of the legitimate Cobalt Strike penetration testing framework that are being used by hackers in the wild. Cobalt Strike is a commercial attack framework designed for red teams that has also been adopted by many threat actors, from APT groups to ransomware gangs […]
Cyber News, Cyber Threat Trends
Amazon Web Services (AWS) has resolved a cross-tenant vulnerability in its platform that could be weaponized by an attacker to gain unauthorized access to resources. The issue relates to a confused deputy problem, a type of privilege escalation where a program that doesn’t have permission to perform an action can coerce a more-privileged entity to perform […]
Cyber News, Cyber Threat Trends
Over a dozen security flaws have been discovered in baseboard management controller (BMC) firmware from Lanner that could expose operational technology (OT) and internet of things (IoT) networks to remote attacks. BMC refers to a specialized service processor, a system-on-chip (SoC), that’s found in server motherboards and is used for remote monitoring and management of […]
Cyber News, Cyber Threat Trends