Insights

Ransomware-Everything You Do Matters

Ransomware is bad enough by itself. But what you do before and after an attack can have a major impact on your ability to recover. And the likelihood of your company to survive.

 

Ransomware attacks can be made worse


Critical VMware Bug Exploits Continue, as Botnet Operators Jump In

VMware is a very popular environment for virtual machines. A recently discovered bug allows remote code execution on a penetrated system. Botnet operators are exploiting this vulnerability for their purposes. 

 

VMware bug attacks botnet operators


iPhones Open to Attack Even When Off, Researchers Say

Find My iPhone is a popular and helpful feature of the Apple environment. In order for it to work, the iPhone must be able to respond even when turned off. Cybercriminals have found a way to exploit this feature and install malware even when the phone is turned off.  

 

iPhone open to attack even when turned off


iPhones Open to Attack Even When Off, Researchers Say

Find My iPhone is a popular and helpful feature of the Apple environment. In order for it to work, the iPhone must be able to respond even when turned off. Cybercriminals have found a way to exploit this feature and install malware even when the phone is turned off.  

 

iPhone open to attack even when turned off


Cryptocurrency-Stealing 'Cryware' Malware Attacks Surge

Cryptocurrency is the method of choice for paying a ransom after a successful ransomware attack. But it is also becoming a popular investment vehicle that many see as a way to get rich. Cybercriminals haven’t ignored that fact and are attacking cryptocurrency wallets and stealing everything.

 

Cryptocurrency Attacks Surge


Phishing Attacks for Initial Access Surged 54% in Q1

Human error is one of the major ways cybercriminals infiltrate a company. Phishing attacks are the bait. Clicking on a link in a phishing attack will result in malware, and possibly ransomware, being installed on a system and then spreading across your company.

 

Phishing Attacks Surge 54%


One Brightly Cyber and DynaRisk Announce Global Partnership
 

One Brightly Cyber and DynaRisk announce a global parnership to provide a single turnkey cyber risk solution combining cyber services and tools to the insurance market.  

One Brightly Cyber and DynaRisk Announce Global Partnership


Unimplemented Patches Don’t Help

Too many companies fail to implement patches or install necessary upgrades to software leaving them vulnerable. Patches and upgrades are issued to close known vulnerabilities. Failing to install them leaves you vulnerable. Expect high fines if you fail to install patches, adding to your woes. 

 

Patches Must Be Installed to Help


Cybercrime: Ransomware Attacks Surging Once Again

Even cybercrime seems to have seasonal fluctuations. The end of the year is a downtime but since then ransomware attacks are coming back strong. 

 

Ransomware in Seasonal Surge


Tractor-Trailer Brake Controllers Vulnerable to Remote Hacker Attacks

While most of us don’t drive tractor-trailers, we are on the road with them, and this demonstrates the persistence of cybercriminals in looking for ways to attack. It is highly likely they are looking at ways of hacking passenger vehicles. 

 

Tractor-Trailer Brakes Under Attack


Organizations Warned of Attacks Exploiting WSO2 Vulnerability

WSO2, a widely used enterprise software development solutions provider reported being notified of a vulnerability affecting a number of their products, specifically, API Manager, Identity Server, Enterprise Integrator, and Open Banking products. Because WSO2 products are used so widely this vulnerability allowing remote code execution is deemed quite serious. 

 

WSO2 Products Carrying Serious Vulnerability


API Attacks Soar Amid the Growing Application Surface Area

The shift to cloud computing started a few years ago. But the pandemic accelerated the move. Many of the applications that moved to the cloud are accessed by APIs, Application Programming Interfaces. The cloud vendors are reporting a tripling of attacks.

 

API Attacks Growing Rapidly


A New Chapter In Business Unit-IT Stress

The relationship between the business units and the IT department has been stressful for a long time based upon different priorities. New technology is adding to the stress and potentially jeopardizing company cybersecurity and the future of the company.  

 

No code/Low code - not all is rosy


Amazon's Hotpatch for Log4j Flaw Found Vulnerable to Privilege Escalation Bug

The Log4j flaw received a lot of press recently because of the damage that could be done. The challenge was that Log4j was a feature designed in, not a bug that could be fixed. Now the patch Amazon offered itself has a bug that can be used to cause damage. 

Log4j fix introduces new bug


Microsoft Plans Windows Auto-Update Service for Enterprises

When to install updates has been an issue for years. Small companies often don’t have the time or staff. Large companies couldn’t use auto-update because the update had to be tested against all their applications. Now Microsoft is introducing an interesting alternative.   

 

Microsoft helps get updates installed in a timely manner