Anomali Cyber Watch: ProxyShell Being Exploited to Install Webshells and Ransomware, Neurevt Trojan Targeting Mexican Users, Secret Terrorist Watchlist Exposed, and More

Anomali Cyber Watch: ProxyShell Being Exploited to Install Webshells and Ransomware, Neurevt Trojan Targeting Mexican Users, Secret Terrorist Watchlist Exposed, and More

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT37 (InkySquid), BlueLight, Ransomware, T-Mobile Data Breach, Critical Vulnerabilities, IoT, Kalay, Neurevt, and ProxyShell. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of…

Read More

Palo Alto Networks Positioned as a Leader in Inaugural Zero Trust Network Access Report by Leading Independent Research Firm

Palo Alto Networks Positioned as a Leader in Inaugural Zero Trust Network Access Report by Leading Independent Research Firm

Analyst report states “[Palo Alto Networks] is a good fit for organizations seeking a hybrid of SaaS and on-premises software.” SANTA CLARA, Calif., Aug. 24, 2021  /PRNewswire/ — Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, announced today it has been positioned as a leader in The Forrester New Wave™: Zero Trust Network Access (ZTNA), Q3 2021 report. Palo Alto Networks was among the 15 select vendors that Forrester evaluated for the report. Forrester…

Read More

Back-to-Basics: Properly Configured Firewalls

Back-to-Basics: Properly Configured Firewalls

  As small and medium businesses begin to re-open following the pandemic, it’s important to do so securely in order to protect customer’s payment card data. Too often, data breaches happen as a result of vulnerabilities that are entirely preventable. The PCI Security Standards Council (PCI SSC) has developed a set of payment protection resources for small businesses. In this 8-part back-to-basics series, we highlight payment security basics for protecting against payment data theft. Today’s…

Read More

Risk officers and board members don’t agree on use of tech and data in business

Risk officers and board members don’t agree on use of tech and data in business

Survey by EY finds that board members are interested in spending more money on technology and data analytics for risk management. TechRepublic’s Karen Roby spoke with Tonny Dekker, global enterprise risk consulting leader at EY, about how boards feel about investing in technology for risk management. The following is an edited transcript of their conversation. SEE: Security incident response policy (TechRepublic Premium) Karen Roby: EY released the findings of a new survey, in which it…

Read More

Microsoft Power Apps misconfiguration exposes data from 38 million records

Microsoft Power Apps misconfiguration exposes data from 38 million records

The leaked data included personal information for COVID-19 contact tracing and vaccination appointments, social security numbers for job applicants, employee IDs, names and email addresses. Image: Microsoft A lack of proper security configuration with Microsoft’s Power Apps has led to the exposure of data from some 38 million records, according to security firm UpGuard. In a report published Monday, UpGuard said that the misconfiguration of the low-code development platform exposed such information as COVID-19 contact…

Read More

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

Overview As part of our continued goal to provide safer products for enterprises and consumers, we at McAfee Advanced Threat Research (ATR) recently investigated the B. Braun Infusomat Space Large Volume Pump along with the B. Braun SpaceStation, which are designed for use in both adult and pediatric medical facilities. This research was done with support from Culinda – a trusted leader in the medical cyber-security space. Though this partnership, our research led us to…

Read More

Overmedicated: Breaking the Security Barrier of a Globally Deployed Infusion Pump

Overmedicated: Breaking the Security Barrier of a Globally Deployed Infusion Pump

Cyberattacks on medical centers are one of the most despicable forms of cyber threat there is. For instance, on October 28th, 2020, a cyberattack at the University of Vermont Medical Center in Burlington VT led to 75% of the scheduled chemotherapy patients being turned away. Many of us have friends and loved ones who have had to undergo intensive treatments, and the last thing we want in this situation is for their critical care to…

Read More
1 2,193 2,194 2,195 2,196 2,197 2,656