Ransomware has been a mainstay of hackers’ malware arsenals over the last several years, but these attacks have actually changed quite significantly in terms of their complexity, targeting and victim selection. Like any big business, ransomware has evolved to follow the money. WatchGuard CTO Corey Nachreiner believes than ransomware’s next shift will be to target cloud assets, … [Read more...]
Search Results for: mfa
Unpatched Flaws Could Leave ConnectWise MSPs at Risk
ConnectWise provides a management platform that helps Managed Service Providers (MSPs), resellers, and other IT solutions providers remotely monitor, manage, and automate the IT technologies they deploy at their customers’ sites. Recently, ConnectWise patched multiple vulnerabilities in their ConnectWise Control products. Unfortunately, the patch failed to resolve some of these … [Read more...]
Researchers Find Unauthorized SIM Swaps Way too Easy to Perform
Recently, vulnerabilities in SMS-based multi-factor authentication (MFA) have been highlighted in the news. While stories like these highlight individual instances showing the threat possibilities, a recent study on SIM swaps sheds light on how easy an adversary could take over your phone number. Using no previous knowledge of the user besides the name and phone number of the … [Read more...]
Securing Industry 4.0: Four Danger Zones and How to Protect Them
Implementing reliable security across increasingly complex company networks has become a daunting task for IT teams in the manufacturing sector. Malicious hackers are constantly coming up with newer and nastier ways to infiltrate even the smartest industrial technologies. According to recent research from IBM, destructive cyberattacks capable of rendering victim systems … [Read more...]
Vulnerabilities in Multiple Vendors’ VPN Solutions
On October 2, 2019, the UK’s National Cyber Security Centre (NCSC) released a notice stating that Pulse Secure, Palo Alto, and Fortinet’s SSL VPN solutions are vulnerable. These vulnerabilities consist of retrieving arbitrary files, some including authentication credentials, as well as post-auth command injection. Unauthorized access into any network is a huge alarm and could … [Read more...]