Category Archives: Security News

7 vulnerabilities in popular DNS forwarding software open door to range of attacks

Researchers at JSOF have discovered distinct spoofing and buffer overflow vulnerabilities associated with DNSMasq, used in networking devices to cache and forward Domain Name System requests.

The post 7 vulnerabilities in popular DNS forwarding software open door to range of attacks appeared first on SC Media.

Continue reading

Posted in Network Security, Security News, Threat intelligence, Vulnerabilities, Vulnerability Management | Comments Off on 7 vulnerabilities in popular DNS forwarding software open door to range of attacks

Free cyber career training coursework emerges as a perk in tough times

New complimentary offerings are helping current, aspiring and unemployed infosec professionals gain an upper hand in a down economy, while aiding an industry facing a growing skills gap.

The post Free cyber career training coursework emerges as a perk in tough times appeared first on SC Media.

Continue reading

Posted in Careers, Featured, Network Security, Security News, Training | Comments Off on Free cyber career training coursework emerges as a perk in tough times

FIN11 e-crime group shifted to CL0P ransomware and big game hunting

FIN11 has increasingly factored CL0P ransomware into its operations, and its clear they also put a substantial amount of effort into each follow-up compromise.

The post FIN11 e-crime group shifted to CL0P ransomware and big game hunting appeared first on SC Media.

Continue reading

Posted in Cybercrime, Ransomware, Security News | Comments Off on FIN11 e-crime group shifted to CL0P ransomware and big game hunting

Biden to invest in cyber workforce, but without plan to overcome lingering staffing hurdles

President-elect Joe Biden announced funding to modernize secure IT and lure cyber talent to the public sector as part of his plan to stimulate the economy and rebuild in the wake of the pandemic. But cybersecurity experts remain skeptical that the newfound funding focus on cybersecurity will be enough to draw the necessary talent. Noting…

The post Biden to invest in cyber workforce, but without plan to overcome lingering staffing hurdles appeared first on SC Media.

Continue reading

Posted in Government, Security News | Comments Off on Biden to invest in cyber workforce, but without plan to overcome lingering staffing hurdles

NSA urges use of enterprise resolvers to protect DNS traffic on corporate networks

NSA advises security pros to use designated enterprise DNS resolvers to lock down DoH on corporate networks.

The post NSA urges use of enterprise resolvers to protect DNS traffic on corporate networks appeared first on SC Media.

Continue reading

Posted in Exploit prevention, Network Security, Security News | Comments Off on NSA urges use of enterprise resolvers to protect DNS traffic on corporate networks

Surge in remotely hosted phish images? Some say it’s business as usual

In Nov. 2020 alone, company blocked 262 million emails containing malicious, remotely hosted images.

The post Surge in remotely hosted phish images? Some say it’s business as usual appeared first on SC Media.

Continue reading

Posted in Email Security, Phishing, Security News | Comments Off on Surge in remotely hosted phish images? Some say it’s business as usual

Intel unveils ransomware-fighting CPUs

The capability is an easy win for CISOs, which can benefit with limited tweaks to machines.

The post Intel unveils ransomware-fighting CPUs appeared first on SC Media.

Continue reading

Posted in Featured, Ransomware, Security News, Software and solutions | Comments Off on Intel unveils ransomware-fighting CPUs

Cybersecurity Collaborative creates task force to mitigate third-party risk

Recent supply chain attacks prompted cybersecurity professionals, under the auspices of Cybersecurity Collaborative, to stand up a task force focused on minimizing third-party risk. The need for the Third-Party Risk Task Force, which kicked off this week, has been amplified by recent advanced persistent threat attacks that infiltrated corporate and government networks, due to security…

The post Cybersecurity Collaborative creates task force to mitigate third-party risk appeared first on SC Media.

Continue reading

Posted in APT, From the Collaborative, Security News, Third-party risk | Comments Off on Cybersecurity Collaborative creates task force to mitigate third-party risk

With insured losses estimated at $90 billion, did cyber insurance firms dodge financial calamity?

The number of SolarWinds victims will likely grow in the upcoming months, but direct insured costs should remain close to the current estimate since many of the organizations hit – particularly federal agencies – do not carry insurance against cyber risks.

The post With insured losses estimated at $90 billion, did cyber insurance firms dodge financial calamity? appeared first on SC Media.

Continue reading

Posted in Data Breach, Government, Risk Management, Security News, SolarWinds hack, Third-party risk | Comments Off on With insured losses estimated at $90 billion, did cyber insurance firms dodge financial calamity?