Full Drive Encryption Only a Half-Measure for Data Security
Pre-Boot Authentication Is the Missing Half By John Benkert, Cigent CEO and Co-founder In an era where data security breaches…
Russian indicted for selling access to US corporate networks
A 31-year-old Russian national named Evgeniy Doroshenko has been indicted for wire and computer fraud in the United States for…
Anatomy Of an Endpoint Attack: How A Cyberattack Can Compromise an Enterprise Network
By Guillermo Gomez, Vice President of Endpoint Product, WatchGuard Technologies For truly effective network security posture, it’s crucial to protect…
Novel EDR-Killing 'GhostEngine' Malware Is Built for Stealth
The previously unknown malware (aka Hidden Shovel) is a ghost in the machine: It silently attacks kernel drivers to shut…
Norway recommends replacing SSL VPN to prevent breaches
The Norwegian National Cyber Security Centre (NCSC) recommends replacing SSLVPN/WebVPN solutions with alternatives due to the repeated exploitation of related…
Flaw in Wi-Fi Standard Can Enable SSID Confusion Attacks
Attackers can exploit the issue to trick users into connecting to insecure networks, but it works only under specific conditions.
PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers
The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers…
Millions of IoT Devices at Risk from Flaws in Integrated Cellular Modem
Researchers discovered seven vulnerabilities — including an unauthenticated RCE issue — in widely deployed Telit Cinterion modems.
2 (or 5) Bugs in F5 Asset Manager Allow Full Takeover, Hidden Accounts
F5 customers should patch immediately, though even that won't protect them from every problem with their networked devices.
DPRK’s Kimsuky APT Abuses Weak DMARC Policies, Feds Warn
Organizations can go a long way toward preventing spoofing attacks by changing one basic parameter in their DNS settings.