mobile-logo
 

Newsroom (Archive)

A hand-picked curation of industry news and information, to keep you well informed on all things cybersecurity
28 Nov

Microsoft Office Bug Remains Top Malware Delivery Vector

in Cyber Security, Cybersecurity
Comments

CVE-2017-11882 has been attackers' favorite malware delivery mechanism throughout the second and third quarters of 2019. The third quarter of 2019 brought the rise of keylogger Agent Tesla, the decline of phishing-delivered ransomware-as-a-service (RaaS), and attackers' continued preference for exploiting the CVE-2017-11882 Microsoft Office vulnerability to deliver phishing campaigns. Emotet began to surge toward the end of last quarter, according to Cofense's Q3 2019 Malware Trends Report,...

Read More
27 Nov

Widespread exploitation of vulnerable systems via Emotet malware

in Cyber Security, Cybersecurity
Comments

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is investigating a widespread malware campaign known as Emotet.Emotet is a Trojan virus delivered via emails sent with malicious attachments.Cyber criminals use malware for different reasons, most commonly to steal personal or valuable information from which they can profit, hold recipients to ransom or install damaging programs onto devices without your knowledge.Email users should always exercise...

Read More
cybersecurity
23 Oct

Compliance mandates, cybersecurity best practices dominate 2019 security priorities

in Cyber Security, Cybersecurity
Comments

The security landscape is never static. Smarter cybercriminals, evolving malware, more regulations and higher financial and national security stakes force organizations and their security teams to constantly adjust priorities. The IDG 2019 Security Priorities Study, released at the end of July 2019, helps to define how those priorities are changing for the next 12 months. The study is based on a survey of 528 security professionals...

Read More
23 Oct

New Cache Poisoning Attack Lets Attackers Target CDN Protected Sites

in Cyber Security, Cybersecurity
Comments

A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate content or resources. The issue affects reverse proxy cache systems like Varnish and some widely-used Content Distribution Networks (CDNs) services, including Amazon CloudFront, Cloudflare, Fastly,...

Read More
23 Oct

About 50% of Apps Are Accruing Unaddressed Vulnerabilities

in Cyber Security, Cybersecurity
Comments

In rush to fix newly discovered security issues, developers are neglecting to address older ones, Veracode study finds. The latest edition of Veracode's annual "State of Software Security" study released this week shows that many enterprise organizations are at increased breach risk because of aging, unaddressed application security flaws. Veracode recently analyzed data from application security tests on more than 85,000 applications and found that, on average,...

Read More