Yearly Archives: 2021
‘Don’t take Tom Bossert’s word on Trinity Cyber’: startup snags big-name board additions
The analyst from FireEye that discovered the SolarWinds attack and the co-founder of Tenable will join the advisory board of Trinity Cyber – contributing expertise to the company that counts former homeland security adviser Tom Bossert among its top executives.
The post ‘Don’t take Tom Bossert’s word on Trinity Cyber’: startup snags big-name board additions appeared first on SC Media.
Even dead employees pose a security risk when their accounts are still active
Ransomware attackers compromised deceased employee’s account to access a domain admin account. The incident is a sad reminder of some cyber hygiene standards too often overlooked.
The post Even dead employees pose a security risk when their accounts are still active appeared first on SC Media.
Apple Patches Three New iOS Zero-Days
While Apple has a significant focus on making iOS secure, one researcher said increasingly complex capabilities often bring vulnerabilities.
The post Apple Patches Three New iOS Zero-Days appeared first on SC Media.
‘One of the most beautiful bugs I’ve seen’: Decade-old sudo bug grants Linux root access
Cybersecurity researchers and the U.S. Cyber Command are warning users about a decade-old buffer overflow bug in sudo that can grant root access to malicious users with low level access to systems. The vulnerability, discovered by Qualys and nicknamed “Baron Samedit,” affects all versions of Linux Qualys has tested against. The glitch allows users, even…
The post ‘One of the most beautiful bugs I’ve seen’: Decade-old sudo bug grants Linux root access appeared first on SC Media.
Law enforcement strikes back at Emotet, one of the world’s most popular ransomware loaders
The voluntary, collaborative posture taken by different private and public stakeholders is what sets this takedown apart from others.
The post Law enforcement strikes back at Emotet, one of the world’s most popular ransomware loaders appeared first on SC Media.
Law enforcement strikes back at Emotet, one of the world’s most popular ransomware loaders
The voluntary, collaborative posture taken by different private and public stakeholders is what sets this takedown apart from others.
The post Law enforcement strikes back at Emotet, one of the world’s most popular ransomware loaders appeared first on SC Media.
Phishing scheme shows CEOs may be ‘most valuable asset,’ and ‘greatest vulnerability’
Cybercriminals have been using a phishing kit featuring fake Office 365 password alerts as a lure to target the credentials of chief executives, business owners and other high-level corporate leaders – often companies’ biggest security liabilities.
The post Phishing scheme shows CEOs may be ‘most valuable asset,’ and ‘greatest vulnerability’ appeared first on SC Media.
BEC attack techniques exploit Microsoft 365 messages
Attackers exploit Microsoft 365 “read receipt” and “out of office” message loopholes to evade auto-remediation of a malicious email.
The post BEC attack techniques exploit Microsoft 365 messages appeared first on SC Media.
The cyber ‘journeymen’: Apprentices may be the solution to the skills gap
Aspiring infosec professionals have the opportunity to hone their craft as companies develop talent from within, potentially with government funding, and chip away at the diversity problem.
The post The cyber ‘journeymen’: Apprentices may be the solution to the skills gap appeared first on SC Media.