Month: May 2022

0 Comments
The US Department of Justice (DoJ) has announced it will no longer prosecute “good faith” hackers under the Computer Fraud and Abuse Act (CFAA). The historic policy shift was announced in a statement yesterday, which declared that white hat hackers will not be prosecuted for accessing a computer when done to improve cybersecurity. The DoJ defined good-faith
0 Comments
The devices employees use as they work from home could be the ones that put their companies at risk. With businesses continuing to support remote and hybrid workplaces, more employees are connecting more of their personal devices to corporate networks, yet these devices aren’t always well protected from malware, breaches, and theft—which can affect them
0 Comments
There’s a digital counterpart for nearly everything we do, which means more of our personal information is online. And although this tends to make our lives easier, it opens the door for information to land in the wrong hands. Identity theft happens when someone uses your personal identifiable information (PII) for their own monetary or
0 Comments
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive to all federal agencies to mitigate two new VMware vulnerabilities. The directive relates to two new vulnerabilities – CVE-2022-22972 and CVE-2022-22973 – that CISA believes threat actors are likely to exploit across numerous VMware products. These are VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM),
0 Comments
by Paul Ducklin The 2022 edition of the famous (or infamous, depending on your viewpoint) Pwn2Own competition kicks off later today in Vancouver, British Columbia. (Actually, it’s a so-called “hybrid” event this year, so that entrants who can’t or don’t want to travel, whether for coronavirus or environmental reasons, can participate remotely.) Numerous vendors have
0 Comments
In the age of the perpetual news cycle and digital media, the risks that stem from the fake news problem are all too real Every day brings a deluge of news content that competes for our attention and spans everything from politics, health, sports, climate change to the war in Ukraine. The endless amount and
0 Comments
Ransomware is not a new attack vector. In fact, the first malware of its kind appeared more than 30 years ago and was distributed via 5.25-inch floppy disks. To pay the ransom, the victim had to mail money to a P.O. Box in Panama. Fast forward to today, affordable ransomware-as-a-service (RaaS) kits are available on
0 Comments
Multinational company Omnicell recently confirmed that it had experienced a data breach after following a reported ransomware attack, impacting internal systems. The company, headquartered in Mountain View, California, USA, learned of the ransomware attack, which it disclosed on May 9 2022 in a 10-Q filing with the Securities and Exchange Commission. More details are likely
0 Comments
US manufacturing company Parker-Hannifin Corporation has announced a data breach exposing employees’ personal identifiable information (PII) after Conti ransomware actors published reportedly stolen data last month. The firm, one of the largest companies in the world in motion control technologies, revealed in a press release that an unauthorized third party gained access to its IT
0 Comments
The decision to release a ransomware decryptor involves a delicate balancing act between helping victims recover their data and alerting criminals to errors in their code Ransomware – the security scourge of the modern, digital world – just keeps getting more dangerous. We’re educating users about what to do, but it’s hard to stay ahead
0 Comments
The U.S. Cybersecurity and Infrastructure Security Agency on Monday added two security flaws, including the recently disclosed remote code execution bug affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. Tracked as CVE-2022-30525, the vulnerability is rated 9.8 for severity and relates to a command injection flaw in select versions
0 Comments
How protected am I online?  Customers often ask us some version of this question. It’s a good question and in the past, there was no direct answer – only recommendations. For instance, we recommend online protection that goes beyond antivirus to include identity and privacy protection, as well as promoting safety best practices like using multi-factor authentication. We wondered if there was a simpler and easier way to advise
0 Comments
The European Parliament announced a “provisional agreement” aimed at improving cybersecurity and resilience of both public and private sector entities in the European Union. The revised directive, called “NIS2” (short for network and information systems), is expected to replace the existing legislation on cybersecurity that was established in July 2016. The revamp sets ground rules,