(ISC)² has launched its Professional Development Institute (PDI) to combat the global shortage of skilled and trained cybersecurity professionals. PDI is provided as a free portfolio of course offerings to (ISC)2 members and associates. It will help enhance their skills and abilities by providing access to rich continuing professional education (CPE) opportunities that augment the knowledge they’ve gained throughout their careers. The multi-year strategy ...
Read More »Author Archives: firewalltraining
Ransomware attackers exploit old plug-in flaw to infect MSPs and their clients
Researchers are warning that hackers are exploiting a plug-in vulnerability to infect MSPs and their customers with GandCrab ransomware. The bug, CVE-2017-18362, dates back to 2017, and is found in unpatched versions of the ConnectWise ManagedITSync integration plug-in tool, explains a Feb. 8 blog post by Chris Bisnett, security researcher at Huntress Labs. This plug-in is designed to sync data between the ConnectWise Manage ...
Read More »About 21% Indian computers and phones are infected with malware: Study
The study conducted by Comparitech judged countries on the basis of malware attacks, cyber-attack preparedness and most up to date cybersecurity-related legislation. India ranked 15th among 60 countries for the worst cybersecurity with over 25% of its phones and 21% of its computers infected with malware. The study conducted by Comparitech judged countries on the basis of malware attacks, cyber-attack preparedness ...
Read More »Critical security flaw found in control systems of several hospitals and supermarket chains
Research study exposed a security flaw existing in temperature control systems manufactured by Resource Data Management. Many popular names that incorporate these control systems include Marks & Spencer, Ocado & Way-on. Resource Data Management (RDM), a Scottish firm engaged in providing remote monitoring solutions, was found to have security loopholes in its temperature control systems (TCS). According to security researchers ...
Read More »The tale of the prolific Cobalt threat group’s massive phishing campaigns against financial institutions
The cybercriminal group ‘Cobalt’ has been named after its penetration testing tool ‘Cobalt Strike’. The threat group has targeted several banks and financial institutions across countries such as Armenia, Bulgaria, Belarus, Estonia, Georgia, Kyrgyzstan Moldova, the Netherlands, Poland, Romania, Russia, Spain, Britain, Malaysia, and more. Cobalt group was first spotted in 2016. The cybercriminal group has been named after the ...
Read More »Remote Code Execution Vulnerability: What is it and how to stay protected from it?
Remote Code Execution (RCE) Vulnerability could allow an attacker to gain full control of a victim’s infected machine. An attacker gaining access to a victim’s machine exploiting the RCE vulnerability can execute system commands, write, modify, delete or read files, and can connect to databases. Remote code execution vulnerability allows an attacker to gain access to a victim’s machine and ...
Read More »CYBERSECURITY WORKERS SCRAMBLE TO FIX A POST-SHUTDOWN MESS
TWO WEEKS OUT from the longest government shutdown in United States history—and with the possibility of another still looming—government employees are still scrambling to mitigate impacts on federal cybersecurity defenses. And the stakes are high. Furloughed cybersecurity employees returned to expired software licenses and web encryption certificates, colleagues burned out from working on skeleton crews, and weeks-worth of unanalyzed network activity logs. The ...
Read More »Australia parliament hit by cyber-hack attempt
Authorities in Australia say they are investigating an attempt to hack into its parliament’s computer network. Lawmakers said there was “no evidence” that information had been accessed or stolen, but politicians’ passwords have been reset as a precaution. Local cyber-security experts have suggested the hack likely came from a foreign state. Australian PM Scott Morrison said he didn’t intend to ...
Read More »Longest DDoS attack since 2015 lasts 329 hours
While the number of DDoS attacks have declined, they have become much more sophisticated, according to a Kaspersky Lab report. The last quarter of 2018 saw the longest DDoS attack since 2015, lasting 329 hours—almost 2 weeks—according to a Kaspersky Lab report released on Thursday. But the top three countries with the most DDoS attacks are still the same: China in first place ...
Read More »Australian government falls prey to a hacking attempt, incident under investigation
Officials are investigating the security incident that occurred on the government’s computer network. Following the hack attempt, the Department of Parliamentary Services announced that it reset all user passwords in the network. The Australian Parliament became a victim to a hacking attempt yesterday, allegedly perpetrated by a foreign entity. Reportedly, ‘no evidence’ was available to show whether any confidential information ...
Read More »