Google Buys Siemplify to Get Ahead in Cloud Security
Google has acquired security services provider Siemplify in an effort to add security orchestration, automation, and response (SOAR) capabilities to its Google Cloud security portfolio, augment its Chronicle security...
Industry 4.0 Points Up Need for Improved Security for Manufacturers
Digital transformation within the manufacturing industry, often referred to as Industry 4.0, is bringing a new world of connectivity and efficiency to modern-day factories. Smart factories incorporate new technology — such...
Researchers Explore Active Directory Attack Vectors
Incident responders who investigate attacks targeting Active Directory discuss methods used to gain entry, elevate privileges, and control target systems.Active Directory is a massive and complex attack surface that...
Original Fix for Log4j Flaw Fails to Fully Protect Against DoS Attacks, Data Theft
Security experts are now urging organizations to quickly update to a new version of the Log4j logging framework that the Apache Foundation released Tuesday because its original fix for...
China-Linked ToddyCat APT Pioneers Novel Spyware
A threat group that may have been among the first to exploit the ProxyLogon zero-day vulnerability in Exchange Servers last year is using a pair of dangerous and previously...
One Year After Log4Shell, Most Firms Are Still Exposed to Attack
The Log4j vulnerability continues to present a major threat to enterprise organizations one year after the Apache Software Foundation disclosed it last November — even though the number of...
Rackspace Incident Highlights How Disruptive Attacks on Cloud Providers Can Be
A Dec. 2 ransomware attack at Rackspace Technology — which the managed cloud hosting company took several days to confirm — is quickly becoming a case study on the...
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Automation allowed a REvil affiliate to move from exploitation of vulnerable servers to installing ransomware on downstream companies faster than most defenders could react.Sometime after 14:30 UTC on Friday,...
Sneaky New Stealer Woos Corporate Workers Through Fake Zoom Downloads
A sneaky new info stealer is sliding onto user machines via website redirects from Google Ads that pose as download sites for popular remote-workforce software, such as Zoom and...
How Threat Actors Are a Click Away From Becoming Quasi-APTs
The first shots fired in the current conflict between Russia and Ukraine were not by firearms, but keystrokes. In this new-age war, the cybersphere is a primary battleground, and...