A new report out of the UK shows that 60% of data breaches were caused by human error according to research firm Gallagher as reported by Infosecurity.
Linear eMerge E3 devices that are part of access control systems for Smart buildings have been found to contain serious vulnerabilities that can be used by cybercriminals to launch DDoS attacks according to security researchers at Applied Risk.
Two vulnerabilities found in Microsoft Azure services could have allowed cybercriminals to take over cloud services according to a new report from Checkpoint.
For too long, the sole emphasis of security vendors in the cybersecurity industry has been on detection. Once the attack has been reported to the end user, it seems the job is done. The next steps—the complex task of investigating and actually solving the problem—then lie with the security operations center (SOC).
As 2020 is now in full swing, we can look back on the previous year and see how its developments will impact the future. In 2019, we saw several vendors introduce advanced capabilities and expand their business beyond simple network monitoring. There were also some key acquisitions and buyouts that (we expect) will give small-scale network monitoring providers the resources to build themselves up into powerhouses in the industry. When thinking of what 2020 will bring for network monitoring vendors and solutions, it helps to watch the companies who are expected to deliver many innovations throughout the year.
DNS, rogue employees and phishing/social engineering should be top of the list of threat areas for organizations to address.
The National Security Agency (NSA) published an advisory that addresses the risks behind Transport Layer Security Inspection (TLSI) and provides mitigation measures for weakened security in organizations that use TLSI products. TLSI (aka TLS break and inspect) is the process through which enterprises can inspect encrypted traffic with the help of a dedicated product such as a proxy device, a firewall, intrusion detection or prevention systems (IDS/IPS) that can decrypt and re-encrypt traffic encrypted with TLS.
At a time when cyber risks are proliferating at a faster rate than at any time in history, organizations around the globe are struggling to find talented professionals who can help them defend against these risks. In fact, according to the latest Cybersecurity Workforce Study from (ISC)2, the world’s largest nonprofit association dedicated to IT security, there is currently a massive cybersecurity workforce shortage on a global basis.
QNAP Systems says there is no known way to remove the Qsnatch malware infecting its NAS devices besides a full factory reset.
Trafficon, the Finnish Transport and Communciation agency & National Cybersecurity Center is reporting that new malware known as QSnatch is infecting Network Attached Storage devices.