Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986)

SolarWinds has fixed a critical vulnerability (CVE-2024-28986) in its Web Help Desk (WHD) solution that may allow attackers to run commands on the host machine. “While it was reported as an unauthenticated vulnerability, SolarWinds has been unabl… Continue reading Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986)

How UK SMBs Can Prepare for the 5G Rollout

The UK government wants to extend 5G coverage to all populated areas of the country by 2030. Learn how your businesses can take full advantage. Continue reading How UK SMBs Can Prepare for the 5G Rollout

Cyber Insurance Premiums Are Declining Worldwide as Businesses Improve Security, Howden Insurance Broker Report Finds

Rates have declined by 15% since the market peak in 2022, according to Howden Insurance Brokers. Continue reading Cyber Insurance Premiums Are Declining Worldwide as Businesses Improve Security, Howden Insurance Broker Report Finds

78% of SMBs fear cyberattacks could shut down their business

94% of SMBs have experienced at least one cyberattack, a dramatic rise from 64% in 2019, according to ConnectWise. This increase in cyberattacks is exacerbated by the fact that 76% of SMBs lack the in-house skills to properly address security issues, i… Continue reading 78% of SMBs fear cyberattacks could shut down their business

Why SMBs are facing significant security, business risks

In this Help Net Security video, Alex Cox, Director of Threat Intelligence at LastPass, discusses how human factors are getting in the way while SMB leaders report investing more time, attention, and budget in cybersecurity. According to LastPass, thes… Continue reading Why SMBs are facing significant security, business risks

New SOHO router malware aims for cloud accounts, internal company resources

Cuttlefish, a new malware family that targets enterprise-grade small office/home office (SOHO) routers, is used by criminals to steal account credentials / secrets for AWS, CloudFlare, Docker, BitBucket, Alibaba Cloud and other cloud-based services. &#… Continue reading New SOHO router malware aims for cloud accounts, internal company resources

Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!

More organizations hit by ransomware gangs are starting to realize that it doesn’t pay to pay up: “In Q1 2024, the proportion of victims that chose to pay touched a new record low of 28%,” ransomware incident response firm Coveware ha… Continue reading Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!

Ransomware group maturity should influence ransom payment decision

Your organization has been hit by ransomware and a decision has to be made on whether or not to make the ransom payment to get your data decrypted, deleted from attackers’ servers, and/or not leaked online. The decision will depend on a variety o… Continue reading Ransomware group maturity should influence ransom payment decision

PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)

Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files to the underlying Windows system. Tenable researchers have published a PoC e… Continue reading PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)

BSAM: Open-source methodology for Bluetooth security assessment

Many wireless headsets using Bluetooth technology have vulnerabilities that may allow malicious individuals to covertly listen in on private conversations, Tarlogic Security researchers have demonstrated last week at RootedCON in Madrid. “Many of… Continue reading BSAM: Open-source methodology for Bluetooth security assessment