Sunnyvale, CA

Proofpoint’s Annual Human Factor Report Reveals How 2020 Transformed Today’s Threat Landscape

By CyberSecDN
cybersecdn.com
 3 days ago

More than 48 million observed messages containing malware capable of downloading ransomware foreshadowed the risk of recent high-profile cyber attacks. SUNNYVALE, Calif., August 4, 2021 – Proofpoint, Inc. (NASDAQ: PFPT), a leading cybersecurity and compliance company, today unveiled its annual Human Factor report, which provides a comprehensive examination of the three main facets of user risk—vulnerability, attacks, and privilege—and how the extraordinary events of 2020 transformed the current threat landscape. Human Factor 2021 draws on data and insight from a year’s worth of research, covering threats detected, mitigated, and resolved across one of the largest datasets in cybersecurity.

Computerscybersecdn.com

Actively exploited bug bypasses authentication on millions of routers

Threat actors actively exploit a critical authentication bypass vulnerability impacting home routers with Arcadyan firmware to take them over and deploy Mirai botnet malicious payloads. The vulnerability tracked as CVE-2021-20090 is a critical path traversal vulnerability (rated 9.9/10) in the web interfaces of routers with Arcadyan firmware that could allow...
Technologycybersecdn.com

Checkmarx acquires Dustico to help customers secure their software supply chains

Checkmarx announced that it has acquired Dustico, a SaaS-based solution that detects malicious attacks and backdoors in open source software supply chains. Through this acquisition, Checkmarx will combine its AST capabilities with Dustico’s behavioral analysis technology to give customers a unified view into the risk, reputation, and behavior of open source packages, resulting in a more comprehensive approach to preventing supply chain attacks.
Technologysnntv.com

Streamline Threat Detection and Incident Response Through Packet Data

Originally Posted On: https://blog.axellio.com/streamlining-threat-detection-and-incident-response-through-packet-data. Threat actors are continually improving the complexity of their cyber attacks, and many security teams are often not equipped to detect, analyze, and prevent those threats. Companies who adopt a castle mentality, where securing the ingress and egress of your network and end-devices is the primary approach to threat prevention, are left vulnerable to internal attacks and unprepared or under-informed about exactly how a threat actor entered the network and what actions were taken while there. Hackers are taking advantage of these cybersecurity weaknesses. Effective security teams need to be advancing with the complexity of threat attacks and improving threat detection, prevention, and pre- and post-event analysis to better inform your company’s cyber security decisions.
Businesscybersecdn.com

ACI Worldwide expands alliance with Microsoft to deliver payments solutions in the cloud

ACI Worldwide announced an expanded multi-year strategic alliance with Microsoft to deliver payments solutions in the cloud. The alliance will accelerate and expand ACI’s cloud payments offerings in Microsoft Azure as more financial institutions (FIs) embrace digital transformation. With global demand for SaaS-based payment offerings increasing, ACI and Microsoft will...
Technologychannele2e.com

Threat Analysis for Channel Partners, MSPs: CompTIA ISAO Taps Sophos

The CompTIA ISAO (Information Sharing and Analysis Organization) now offers threat analysis and intelligence capabilities for channel partners. The technology involves a partnership with Sophos. Indeed, CompTIA ISAO members can directly submit suspicious URLs and files through the ISAO’s Cyber Forum to SophosLabs Intelix for rapid analysis to determine if...
Softwarecybersecdn.com

Threat Detection Provider ReversingLabs Raises $56 Million

Threat detection startup ReversingLabs has raised $56 million in a Series B funding round. To date, the company has raised $81 million. The new funding round was led by private equity firm Crosspoint Capital Partners. Existing investor ForgePoint Capital also participated. ReversingLabs plans to use the new funds to scale...
Softwarecybersecdn.com

VMware Patches Severe Vulnerability in Workspace ONE Access, Identity Manager

VMware on Thursday released security updates for multiple products to address a pair of security bugs, one serious enough to give attackers access to sensitive information. In an advisory, VMWare warns that a malicious actor with network access to port 443 could tamper with host headers to facilitate access to the /cfg web app, in addition a malicious actor could access /cfg diagnostic endpoints without authentication.
Technologycybersecdn.com

How Ransomware Sneaks In | Webroot

Ransomware has officially made the mainstream. Dramatic headlines announce the latest attacks and news outlets highlight the staggeringly high ransoms businesses pay to retrieve their stolen data. And it’s no wonder why – ransomware attacks are on the rise and the average ransom payment has ballooned to over $200,000. But...
Cell Phonescybersecdn.com

Phishing continues to target big businesses and exploit COVID-19 fears in Q2 2021

Spam as a share of global mail traffic rose, and attackers have started to adapt their scams to other languages to reach wider audiences. Despite a rise in global spam numbers, adoption of new languages by phishing attackers, new scam types and a shift in the most commonly impersonated business type to phish people, Kaspersky's Q2 2021 quarterly spam report is described by its authors as "not delivering any surprises."
Technologycybersecdn.com

15 Considerations for Cybersecurity Risk Management

Each year brings new cybersecurity threats, data breaches, attack vectors, and previously unknown vulnerabilities. Even with zero-day vulnerabilities like EternalBlue, the approach to dealing with cyber threats is the same: sound risk management framework with a systematic approach to risk assessment and response. Cybersecurity risk management takes the idea of...
Computerscybersecdn.com

What is Cybersecurity Performance Management?

Cybersecurity performance management is the process of evaluating your cybersecurity program’s maturity based on top-level risks and the associated level of investment (people, processes and technology) needed to improve your security security to meet regulatory requirements and business outcomes. Security metrics improve decision making by helping risk management and security...
Softwarecybersecdn.com

Anatomy of native IIS malware

ESET researchers publish a white paper putting IIS web server threats under the microscope. ESET researchers have discovered a set of previously undocumented malware families, implemented as malicious extensions for Internet Information Services (IIS) web server software. Targeting both government mailboxes and e-commerce transactions, as well as aiding in malware distribution, this diverse class of threats operates by eavesdropping on and tampering with the server’s communications.
Computerscybersecdn.com

Computer hardware giant GIGABYTE hit by RansomEXX ransomware

Taiwanese motherboard maker has been hit by the RansomEXX ransomware gang, who threaten to publish 112GB of stolen data unless a ransom is paid. Gigabyte is best known for its motherboards but also manufactures other computer components and hardware, such as graphics cards, data center servers, laptops, and monitors. The...
Technologysecuritymagazine.com

People continue to be the most critical factor in today’s cyberattacks

Proofpoint, Inc. unveiled its annual Human Factor report, which provides a comprehensive examination of the three main facets of user risk—vulnerability, attacks, and privilege—and how the extraordinary events of 2020 transformed the current threat landscape. Human Factor 2021 draws on data and insight from a year’s worth of research, covering threats detected, mitigated, and resolved across one of the largest datasets in cybersecurity.
Computerscybersecdn.com

The destructive power of supply chain attacks and how to secure your code

In this Help Net Security podcast, Tomislav Peričin, Chief Software Architect at ReversingLabs, explains the latest and most destructive supply chain attacks, their techniques and how to build more secure apps. Here’s a transcript of the podcast for your convenience. Jasmine: I’m here today with Tomislav Peričin, Chief Software Architect...
Technologycybersecdn.com

Tech Titans Join US Cyber Team to Fight Ransomware

US cybersecurity officials on Thursday said Amazon, Google and Microsoft have enlisted to help them fight ransomware and defend cloud computing systems from hackers. The tech giants are among firms signed on to be part of a Joint Cyber Defense Collaborative intended to combine government and private skills and resources to fight hackers, according to the Cybersecurity and Infrastructure Security Agency (CISA).
Technologyaithority.com

CompTIA ISAO Adds Real-Time Cybersecurity Threat Analysis and Intelligence Resources From Sophos

ISAO Members Gain Access to Sophoslabs Intelix for Rapid Analysis of Known and Zero-Day Cybersecurity Threats. Advanced cybersecurity threat analysis and intelligence capabilities are now available from the CompTIA Information Sharing and Analysis Organization (ISAO) through an expanded collaboration with global next-generation cybersecurity leader Sophos and it industry-leading and highly acclaimed threat research lab, SophosLabs.

