Author: Admin

Microsoft discovered new custom malware, dubbed FoggyWeb, used by the Nobelium cyberespionage group to implant backdoor in Windows domains. Microsoft Threat Intelligence Center (MSTIC) researchers have discovered a new custom malware, dubbed FoggyWeb used by the Nobelium APT group to deploy additional payloads and steal sensitive info from Active Directory Federation Services (AD FS) servers. FoggyWeb is a post-exploitation backdoor used by the APT group to remotely exfiltrate the configuration database of compromised Active Directory Federation…

By T.J. Minichillo Did you know an organization is hit with a ransomware attack every 11 seconds? As the global attack surface grows every day, and with everyone’s security perimeter now everywhere and anywhere data travels, being resilient to ransomware attacks takes on far greater significance. The only way to create a truly resilient strategy against the growing onslaught of ransomware attacks is to go on the offensive by arming your data to protect itself….

Docker recently announced updates and extensions to our product subscriptions. Docker CEO Scott Johnston also posted a blog about the changes. Much of the discussion centered on what the licensing changes mean for users of Docker Desktop, which remains free for small businesses and several other user types, but now requires a paid subscription — starting at $5 per user per month — for professional use in medium to large businesses. Earlier this month Docker Captain,…

Canadian vaccine passport app PORTpass may have exposed personal information belonging to hundreds of thousands of users.  According to a report by CBC News, the app’s operators left data, including names, identification documents, and email addresses, on an unsecured website. The personal information was allegedly stored in plain text and could be accessed by the public.  Following a tipoff received on Monday, the news source investigated the security of the PORTpass website. CBC News said…

Legislation requiring critical infrastructure companies to report cyber-attacks to the federal government has been introduced in the United States Senate. Leaders of the Senate Homeland Security and Governmental Affairs Committee put forward the new cyber-incident reporting bill yesterday. If enacted, critical infrastructure owners and operators would have to report cyber-attacks to the government within 72 hours.  The proposed bill echoes the defense authorization bill passed by the House of Representatives that requires critical infrastructure owners and operators…

Not all organizations have a team or even staffers who can focus solely on vulnerability management, says Trustwave. Image: iStock/weerapatkiatdumrong One of the most common ways cybercriminals hit an organization is by exploiting a known security vulnerability. For that reason, regularly patching your software and other products is a vital way to protect yourself from cyberattack. But many organizations fail to keep up with the proper patching, thus exposing themselves to great risk. A report…

YouTube has announced it will block all anti-vaccine content on its platform, expanding beyond COVID-19. The video-sharing site outlined its updated medical misinformation policy in a blog post published earlier today. This includes content that alleges approved vaccines cause chronic health effects, such as autism, cancer or infertility, that they do not reduce transmission or contraction of disease or that substances in vaccines can track those who receive them. These rules will apply both to routine immunizations for…