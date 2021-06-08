Cancel
Three-quarters of IT leaders think organizations are more vulnerable to mobile attacks

By Ian Barker
Beta News
 11 days ago

Cover picture for the articleA survey of over 600 IT decision makers across the US, UK and Australia finds that 76 percent believe end users are more at risk from attacks on mobile devices than they were a year ago. The study from Menlo Security also shows 50 percent admit that it's not possible...

betanews.com
Public Safetynationalcybersecuritynews.today

Public Sector, Another Vulnerable Target to Attackers | #microsoft | #hacking | #cybersecurity

Cybercriminals are continually scheming ways to get their hands on your sensitive data. Learn how to protect your data & stakeholders before it’s too late. Private and public sector organizations alike were surprised by the SolarWinds cyber attack that was announced by FireEye in December 2020. As one of the largest cyber attacks in history, it affected 18,000 of its customers globally. By injecting code into SolarWinds’ Orion platform, hackers carried out a supply chain attack that allowed them to infiltrate the IT systems of many private and public sector organizations globally, including:
Cell Phoneshelpnetsecurity.com

Most mobile finance apps vulnerable to data breaches

77% of financial apps have at least one serious vulnerability that could lead to a data breach, an Intertrust report reveals. This report comes at a time where finance mobile app usage has rapidly accelerated, with the number of user sessions in finance apps increasing by up to 49% over the first half of 2020. Over the same period, cyberattacks against financial institutions rose by 118%, according to VMware.
Softwareurgentcomm.com

Microsoft patches 6 zero-day vulnerabilities under active attack

Microsoft on June 8 deployed patches for 50 vulnerabilities, including six zero-days under active attack, the company reports. Fifty is a relatively small number for Microsoft’s monthly security releases – most of its 2020 rollouts exceeded 100 – but this Patch Tuesday packs a punch. The CVEs that were addressed affect Microsoft Windows, Office, Edge browser, SharePoint Server, .NET Core and Visual Studio, Hyper-V, Visual Studio Code – Kubernetes Tools, Windows HTML Platform, and Windows Remote Desktop.
EconomyPosted by
CBS News

Hybrid work models make companies more vulnerable to cyberattacks

While working from home was the norm during the first year of the pandemic, many companies are now adopting permanent hybrid work models that experts say make companies more vulnerable to cyberattacks versus when their staffs are on-site. For employers, securing their data and servers could be one of the...
TechnologyItproportal

No organization is safe from DNS attacks

If you think your organization is too small or too well-protected to suffer a DNS attack, think again. New figures from network security company EfficientIP suggests almost nine in ten (87 percent) organizations suffered a DNS attack last year. The average cost of one of these attacks hovered around the $950,000 mark.
TechnologyBeta News

42 percent feel more vulnerable to cyberattacks when working at home

A new report from hardware authentication company Yubico finds 42 percent of UK employees say they feel more vulnerable to cyber threats while working from home, with 39 percent feeling unsupported by IT. The study of over 3,000 people in the UK, France and Germany also reveals that 54 percent...
Public Safetycybernews.com

The UK’s cybersecurity centre is warning companies vulnerable to attacks

The NCSC’s Early Warning system is one attempt to halt hacks. The cat and mouse game between cybercriminals and their victims just got a little more interesting. An initiative, quietly launched by the UK’s National Cyber Security Centre (NCSC) last month, aims to act as a caution to companies who could fall foul of cyberattacks.
Public Safetydataversity.net

Three Best Practices to Neutralize Ransomware Attacks

Click to learn more about author Ken Steinhardt. The question about whether your organization will be hit with a ransomware attack is not “if” but “when.” As the world has seen recently, ransomware attacks are on the rise, and they can hit anything ranging from critical infrastructure to smaller enterprises that try to stay under the radar of cybercriminals. What is important to keep in mind is that it’s not just a technology issue; it’s a matter of preparedness, including expanding internal awareness and improving communication to prevent unnecessary steps.
InternetLight Reading

Need for mobile convergence forced cable to 'think differently,' CableLabs CEO says

Apple is not the only entity that has dared to think different. CableLabs believes it has also been forced to alter its approach as cable operators around the globe wrestle with the complexities of fixed mobile convergence and the need to stitch together services and the overall customer experience across their expanding blend of hybrid fiber/coax (HFC), fiber-to-the-premises and wireless networks.
SoftwareZDNet

PuzzleMaker attacks exploit Windows zero-day, Chrome vulnerabilities

Researchers say zero-day vulnerabilities fixed in Microsoft's recent Patch Tuesday round have been used in targeted attacks against the enterprise. According to Kaspersky, a wave of "highly targeted attacks" on several organizations was traced that utilized a chain of zero-day exploits in the Google Chrome browser and Microsoft Windows systems over April 14 and 15, 2021.
TechnologyDark Reading

VPN Attacks Surged in First Quarter

But volume of malware, botnet, and other exploit activity declined because of the Emotet botnet takedown. Attacks against virtual private network (VPN) products from Fortinet and Pulse Secure surged dramatically in the first quarter of 2021 as threats actors tried to take advantage of previously disclosed vulnerabilities that organizations had not patched.
Healtharxiv.org

Machine Learning with Electronic Health Records is vulnerable to Backdoor Trigger Attacks

Electronic Health Records (EHRs) provide a wealth of information for machine learning algorithms to predict the patient outcome from the data including diagnostic information, vital signals, lab tests, drug administration, and demographic information. Machine learning models can be built, for example, to evaluate patients based on their predicted mortality or morbidity and to predict required resources for efficient resource management in hospitals. In this paper, we demonstrate that an attacker can manipulate the machine learning predictions with EHRs easily and selectively at test time by backdoor attacks with the poisoned training data. Furthermore, the poison we create has statistically similar features to the original data making it hard to detect, and can also attack multiple machine learning models without any knowledge of the models. With less than 5% of the raw EHR data poisoned, we achieve average attack success rates of 97% on mortality prediction tasks with MIMIC-III database against Logistic Regression, Multilayer Perceptron, and Long Short-term Memory models simultaneously.
Softwarelatesthackingnews.com

XSS Vulnerability In SIP Protocol Risks RCE Attacks On VoIP Software

A serious cross-site scripting (XSS) vulnerability existed in the Session Initiation Protocol (SIP) managing VoIP calls. Exploiting the bug could allow an attacker to execute code on the target system without authentication. SIP Protocol XSS Vulnerability. A security researcher from Enable Security, Juxhin Dyrmishi Brigjaj, found a cross-site scripting (XSS)...
Cell Phoneshelpnetsecurity.com

Organizations ill-equipped to deal with growing BYOD security threats

Bitglass and Cybersecurity Insiders announced several findings from a report that show the rapid adoption of unmanaged personal devices connecting to work-related resources (aka BYOD) and why organizations are ill-equipped to deal with growing security threats such as malware and data theft. The study surveyed hundreds of cybersecurity professionals across...
Economyinforisktoday.com

How Overconfidence And Complacency Leave Companies Vulnerable To Attack

Mainframes are often considered one of the most secure data environments, but organizations are mistaken to believe that mainframes are inherently secure. In reality, secure means “securable.”. Download this Forrester research report, which includes data on:. Current perceptions of mainframe security. Readiness of companies to prepare and secure the mainframe...
Public Safetycybersecdn.com

Breaches and Incidents: Top 5 Cyber-attacks in Quarter 1

The second wave of the pandemic has hit India hard from a cybersecurity perspective. There has been a rise in recent cyber-attacks in India in 2021, with cybercriminals taking advantage of the situation and finding new ways to breach data. If we analyze the news of cyber-attacks in 2021, we will observe increased COVID-19 cyber threats and supply chain attacks. Here is a roundup of five cyber-attacks that had the most severe consequences:
Public Safetywhatreallyhappened.com

Russian hackers attacking organizations through system used by USAID, says Microsoft

Russia-linked hackers behind the SolarWinds attack have been targeting government agencies, think tanks and non-governmental organizations through the email system of the U.S. Agency for International Development, Microsoft said late Thursday. The wide-scale attack was uncovered this week by the Microsoft Threat Intelligence Center who on Thursday identified the group...