Intl. Law Enforcement Operation Takes Down DoubleVPN
The VPN service allegedly provided a means for cybercriminals to target their victims, Europol officials report.A coordinated international law enforcement operation has seized the Web domains and server infrastructure...
Stop Playing Catchup: Move From Reactive to Proactive to Defeat Cyber Threats
One-time reactive measures can't keep up. It's time to be proactive and pick our swords and not just our shields.Breaches are now happening with such frequency that a reactive...
WhiteHat Security Rebrands as NTT Application Security
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database
CVE-2020-23207PUBLISHED: 2021-07-01A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
Ransomware Losses Drive Up Cyber-Insurance Costs
Premiums have gone up by 7% on average for small firms and between 10% and 40% for medium and large businesses.Ransomware payouts are putting the squeeze on cyber-insurance companies...
3 Things Every CISO Wishes You Understood
Ensuring the CISO's voice is heard by the board will make security top of mind for the business, its employees, and their customers.CISOs in the security industry hold a...
Microsoft Refining Third-Party Driver Vetting Processes After Signing Malicious Rootkit
Rogue driver was distributed within gaming community in China, company says.Microsoft is refining its policies and processes for certifying drivers through its Windows Hardware Compatibility Program (WHCP) after a...
CISA Publishes Catalog of Poor Security Practices
Organizations often focus on promoting best practices, CISA says, but stopping poor security practices is equally important.The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) is creating a...
Microsoft Tracks Attack Campaign Against Customer Support Agents
The company attributes the attack to Nobelium, the same group it linked to the SolarWinds campaign earlier this year.The Microsoft Security Response Center is tracking a new attack campaign...
Attacks Erase Western Digital Network-Attached Storage Drives
The company suspects a remote code execution vulnerability affecting My Book Live and My Book Live Duo devices and recommends that business and individual users turn off the drives...
Tulsa Officials Warn Ransomware Attackers Leaked City Files
The group behind the May 2021 attack has shared more than 18,000 files via the Dark Web, mostly internal department files and police citations.The attackers behind a May 2021...
