Articles about Security

Yesterday we wrote about a zero-day vulnerability called Follina which allows for remote code execution on a victim's computer. While the flow -- tracked as CVE-2022-30190 -- has been described as an Office vulnerability, it is really the result of a security issue with a component of Windows.

A problem exists in the Microsoft Windows Support Diagnostic Tool (MSDT) which is found in all supported versions of Windows, including Windows 11. The vulnerability has been billed as an Office vulnerability as using a malicious Word file is one of the easiest attack vectors to exploit the flaw. But what is worrying about the vulnerability, apart from the fact that Microsoft has not fixed it yet, is that the company was made aware of the fact that it was being actively exploited way back on April 12.

Continue reading →

A new study reveals a major disconnect in the way senior management teams collaborate and determine the risks and impact on their operations when hit by a cyberattack.

The research carried out by Sapio Research for Deep Instinct shows only 12 percent of chief financial officers are actively involved in the process, even though 56 percent say their organization has paid a ransom to recover data.

Continue reading →

While Microsoft may be quick to point out security vulnerabilities in other companies' products, its own software is far from infallible. A good example of this is the recently discovered 'Follina' security hole that affects Microsoft Office.

The vulnerability can be exploited to launch PowerShell and execute a variety of malicious commands; all that a victim needs to do is open a specially crafted Word file. Tracked as CVE-2022-30190, Microsoft has released details of a workaround that helps to mitigate the issue.

Continue reading →

The Microsoft 365 Defender Research Team has shared details of several high-severity vulnerabilities found in a mobile framework used in popular apps associated with a number of big names.

The framework is owned by mce Systems, and is used in apps from numerous mobile providers. The apps -- from the likes of AT&T, Rogers Communications and Bell Canada -- are often pre-installed on Android handsets, but they have also been downloaded millions of times. If exploited, the vulnerabilities allow for local or remote attacks, including command injection and privilege escalation attacks.

Continue reading →

Everyone is striving to make their systems more secure and in many cases that means adopting encryption in order to protect data.

But the use of encrypted traffic over networks presents a headache for security teams as malicious content can be harder to detect. We spoke to Thomas Pore, director of security products at Live Action, to find out more about the problem and how it can be addressed.

Continue reading →

The Facebook Messenger 'Is That You?' video phishing scam has been around since 2017, but a recent investigation into it by researchers at Cybernews has led to the discovery of what they're calling a 'cybercriminal stronghold'.

Threat actors are using this to infect the social network with thousands of malicious links each day. The research has also identified at least five suspects, thought to be residing in the Dominican Republic.

Continue reading →

Business email compromise attacks are up 53 percent over the last year and are increasingly trying to look more like legitimate emails in their use of language.

A new report from Armorblox shows 74 percent of BEC attacks are using language as the main attack vector.

Continue reading →

According to a new poll 40 percent of enterprises don't include business-critical systems such as SAP in their cybersecurity monitoring. In addition, a further 27 percent are unsure if systems are included in their cybersecurity monitoring at all.

The survey from Logpoint also shows only 23 percent say the process of reviewing SAP logs for cybersecurity events or cyberthreat activity is automated through SIEM, with almost 19 percent still doing so manually.

Continue reading →

Ransomware, software supply chain attacks, data breaches, and more have become an almost daily occurrence in an increasingly challenging threat landscape.

Automated threat detection company Blumira has released a new report based on its security detections which reveals that identity-based attacks and living off the land behaviors were the top threats organizations faced in 2021.

Continue reading →

A new report from web application protection specialist Source Defense highlights the risk presented by the use of third and fourth party code on corporate websites.

The digital supply chain means that highly dynamic and unpredictable scripts and code from third parties and beyond, permeate every aspect of a business's web presence. This shadow code has led to some high profile breaches including the British Airways hack in 2018.

Continue reading →

New analysis of data breaches in the UK legal sector reveals that 68 percent were caused by insiders.

Analysis by secure cloud platform NetDocuments of data from the Information Commissioner's Office (ICO) reveals evidence of a 'Great Exfiltration' where employees are leaving their jobs and taking their company's data with them.

Continue reading →

Supply chains are fast becoming one of the top targets for cyber criminals, so when it comes to supply chain risk management, organizations in every industry need to start paying more attention.

While the vast majority of business leaders recognize that cybersecurity is now a key priority, the UK’s Department for Digital, Culture, Media and Sport (DCMS) recently noted that in too many instances, actions aren’t keeping up with intentions. In fact, nearly a third of UK companies admitted they aren’t currently taking any preventative action at all.  

Continue reading →

We're familiar with threats to data and data networks, but there's another part of corporate communication that's often overlooked yet represents an equally valid attack vector and equally high risks.

We spoke to Mutare CTO Roger Northrop to find out more about the risks voice networks present and why organizations need to take them seriously.

Continue reading →

In the past year, research indicates that nearly a third of organizations have accelerated their plans to automate key security and IR processes, whilst another 85 percent plan on automating them in the next 12 months.

Despite the positivity of these statistics, many organizations struggle to change to a more automated process. This was highlighted at a recent webinar we held with a panel of senior cybersecurity experts from a multitude of sectors. The discussion revealed that, while most organizations are exploring automation, few have made significant progress and they attributed this to a combination of factors including needing an improved understanding of automation, increased help from vendors and a lack of good IT foundations.

Continue reading →

In recent years cyberattacks have evolved from being the preserve of individual hackers to something much more serious, carried out by organized criminals and even nation states with the aim of espionage and financial gain.

This makes the process of investigating and defending against attacks more important than ever, but the sophistication of the methods used doesn't make the process any easier. This new book from security strategist Jon DiMaggio offers an investigator's guide to understanding the latest generation of threats.

Continue reading →