Google Play announced it will continue its crackdown on malicious apps into 2019 by focusing more on user privacy, developer integrity and harmful app contents and behavior. Google said it plans to introduce additional policies for device permissions and user data throughout the year, according to a Feb. 13 blog post. “In addition to identifying and stopping bad apps from entering ...
Read More »Blog
8 Cybersecurity Risks That May Impact Organizations in 2019
Aon’s 2019 Cyber Security Risk Report features eight risks that may impact organizations in the next 12 months, no matter where they are on their digital journey. “In 2018 we witnessed that a proactive approach to cyber preparation and planning paid off for the companies that invested in it, and in 2019, we anticipate the need for advanced planning will only further ...
Read More »(ISC)2 Announces New Professional Development Institute to Train Cyber Professionals
(ISC)² has launched its Professional Development Institute (PDI) to combat the global shortage of skilled and trained cybersecurity professionals. PDI is provided as a free portfolio of course offerings to (ISC)2 members and associates. It will help enhance their skills and abilities by providing access to rich continuing professional education (CPE) opportunities that augment the knowledge they’ve gained throughout their careers. The multi-year strategy ...
Read More »Ransomware attackers exploit old plug-in flaw to infect MSPs and their clients
Researchers are warning that hackers are exploiting a plug-in vulnerability to infect MSPs and their customers with GandCrab ransomware. The bug, CVE-2017-18362, dates back to 2017, and is found in unpatched versions of the ConnectWise ManagedITSync integration plug-in tool, explains a Feb. 8 blog post by Chris Bisnett, security researcher at Huntress Labs. This plug-in is designed to sync data between the ConnectWise Manage ...
Read More »About 21% Indian computers and phones are infected with malware: Study
The study conducted by Comparitech judged countries on the basis of malware attacks, cyber-attack preparedness and most up to date cybersecurity-related legislation. India ranked 15th among 60 countries for the worst cybersecurity with over 25% of its phones and 21% of its computers infected with malware. The study conducted by Comparitech judged countries on the basis of malware attacks, cyber-attack preparedness ...
Read More »Critical security flaw found in control systems of several hospitals and supermarket chains
Research study exposed a security flaw existing in temperature control systems manufactured by Resource Data Management. Many popular names that incorporate these control systems include Marks & Spencer, Ocado & Way-on. Resource Data Management (RDM), a Scottish firm engaged in providing remote monitoring solutions, was found to have security loopholes in its temperature control systems (TCS). According to security researchers ...
Read More »The tale of the prolific Cobalt threat group’s massive phishing campaigns against financial institutions
The cybercriminal group ‘Cobalt’ has been named after its penetration testing tool ‘Cobalt Strike’. The threat group has targeted several banks and financial institutions across countries such as Armenia, Bulgaria, Belarus, Estonia, Georgia, Kyrgyzstan Moldova, the Netherlands, Poland, Romania, Russia, Spain, Britain, Malaysia, and more. Cobalt group was first spotted in 2016. The cybercriminal group has been named after the ...
Read More »Remote Code Execution Vulnerability: What is it and how to stay protected from it?
Remote Code Execution (RCE) Vulnerability could allow an attacker to gain full control of a victim’s infected machine. An attacker gaining access to a victim’s machine exploiting the RCE vulnerability can execute system commands, write, modify, delete or read files, and can connect to databases. Remote code execution vulnerability allows an attacker to gain access to a victim’s machine and ...
Read More »CYBERSECURITY WORKERS SCRAMBLE TO FIX A POST-SHUTDOWN MESS
TWO WEEKS OUT from the longest government shutdown in United States history—and with the possibility of another still looming—government employees are still scrambling to mitigate impacts on federal cybersecurity defenses. And the stakes are high. Furloughed cybersecurity employees returned to expired software licenses and web encryption certificates, colleagues burned out from working on skeleton crews, and weeks-worth of unanalyzed network activity logs. The ...
Read More »Australia parliament hit by cyber-hack attempt
Authorities in Australia say they are investigating an attempt to hack into its parliament’s computer network. Lawmakers said there was “no evidence” that information had been accessed or stolen, but politicians’ passwords have been reset as a precaution. Local cyber-security experts have suggested the hack likely came from a foreign state. Australian PM Scott Morrison said he didn’t intend to ...
Read More »