September 2, 2021 In a joint cybersecurity advisory released by the FBI and CISA, the federal agencies urged organizations not to abandon their vigilance against ransomware attacks on weekends and holidays. The federal agencies noted that they "observed more...
September 1, 2021 The US Cybersecurity and Infrastructure Security Agency (CISA) recently added single-factor authentication (SFA) to its list of cybersecurity bad practices. The organization warns that the practice is "exceptionally risky" when used for remote authentication or more...
September 1, 2021 Microsoft recently released some recommendations for securing Azure Cosmos DB accounts. Microsoft presented several recommendations, including regenerating Cosmos DB keys, using a combination of firewall rules, vNet and/or Azure Private Link for all Azure Cosmos more...
September 1, 2021 Microsoft recently warned Office 365 customers not to rely on hovering over links to know whether they are being taken to a dangerous site. Instead, Microsoft says, users should look into the address bar, advise more...
September 1, 2021 Unsupported software, standard usernames and passwords, and one-factor authentication have been described by the U.S. Cybersecurity and Infrastructure Agency (CISA) as three of the most dangerous cybersecurity behaviors that all organizations should avoid. The use more...
August 31, 2021 Check Point Software Technologies has announced that it has acquired cybersecurity firm Avanan for an undisclosed amount. According to Dorit Dor, Chief Product Officer of Check Point, "More and more businesses are moving to cloud-email more...
August 31, 2021 Five malicious Docker container images were discovered on Docker Hub by Aqua Security's threat research arm, Nautilus, accounting for 120,000 pulls by unsuspecting users. Three of the images (thanhtudo, thieunutre and chanquaa) used a Python more...
August 31, 2021 The Securities and Exchange Commission announced that three broker-dealer and investment advisory firms will pay hundreds of thousands of dollars in penalties. Financial firm Cetera will pay $300,000, Cambridge Investment Research $250,000 and KMS Financial more...
August 31, 2021 Network-attached storage (NAS) maker QNAP is working on security updates to patch remote code execution and denial-of-service (DoS) vulnerabilities. The security vulnerabilities traced as CVE-2021-3711 and CVE-2021-3712 affect QNAP NAS devices running QTS, QuTS hero, more...
August 31, 2021 The details of a Microsoft Exchange Server vulnerability that allows hackers to steal email information have been disclosed. The vulnerability - "ProxyToken" - allows hackers to send emails without authentication. Instead, the attacker makes a more...
