Risikomanagement gehört zu den Kernkompetenzen jedes CISOs. Doch auch hier passieren immer wieder Fehler. Freedomz/Shutterstock.com CISOs wissen, dass Risikomanagement unerlässlich ist, um eine stabile Unternehmenssicherheit aufzubauen und aufrecht zu erhalten. Dennoch stolpern viele, trotz bester Absichten, immer wieder über hartnäckige Fallstricke, die ihre Bemühungen untergraben. Unabhängig von der Größe des Unternehmens ist Risikomanagement grundlegend für […]
Author Archives: Onsite Computing, Inc.
Now a zero-day, the vulnerability enables NTLM hash theft, an issue that Microsoft has already fixed twice before. Go to Source Author: Jai Vijayan, Contributing Writer
A professional-grade tool set, appropriately dubbed “CloudScout,” is infiltrating cloud apps like Microsoft Outlook and Google Drive, targeting sensitive info for exfiltration. Go to Source Author: Tara Seals, Managing Editor, News, Dark Reading
Free unofficial patches are now available for a new Windows Themes zero-day vulnerability that allows attackers to steal a target’s NTLM credentials remotely. […] Go to Source Author: Sergiu Gatlan
Over 22,000 CyberPanel instances exposed online to a critical remote code execution (RCE) vulnerability were mass-targeted in a PSAUX ransomware attack that took almost all instances offline. […] Go to Source Author: Lawrence Abrams
The notorious Black Basta ransomware group is targeting organizations around the world. The gang was previously known for first bombarding its victims with spam emails. The hackers then pretended to be IT support to gain access to systems. This method has now apparently been further developed. Security researchers at ReliaQuest recently discovered that Black Basta is now […]
QNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. […] Go to Source Author: Sergiu Gatlan
In the latest attack against ISPs, second-largest French provider Free fell victim to unknown cyberattackers who attempted to sell the compromised data it stole from the company on an underground cybercrime forum. Go to Source Author: Dark Reading Staff
Die Ransomware-Gruppe PlayBoy ist bisher noch relativ unbekannt in der Security-Szene. Hat die Bande tatsächlich Daten bei der DIHK gestohlen? DC Studio – Shutterstock.com Die Ransomware-Szene hat offenbar Zuwachs bekommen. Eine bisher unbekannte Gruppe namens PlayBoy hat kürzlich einen Darknet-Post veröffentlicht, indem es um angeblich gestohlene Daten von der Deutschen Industrie- und Handelskammer (DIHK) geht. […]
A collaboration with the FBI and law-enforcement agencies in Europe, the UK, and Australia, Operation Magnus has seized servers and source code related to the two malware families, which have stolen data from millions of victims worldwide. Go to Source Author: Elizabeth Montalbano, Contributing Writer