How should SMBs navigate the phishing minefield?

In this Help Net Security interview, Pete Hoff, CISO at Wursta, offers advice to SMB security leaders and professionals on how to minimize the threat phishing presents to their organization’s operations and long-term success. What makes phishing … Continue reading How should SMBs navigate the phishing minefield?

Cisco VPNs with no MFA enabled hit by ransomware groups

Since March 2023 (and possibly even earlier), affiliates of the Akira and LockBit ransomware operators have been breaching organizations via Cisco ASA SSL VPN appliances. “In some cases, adversaries have conducted credential stuffing attacks that… Continue reading Cisco VPNs with no MFA enabled hit by ransomware groups

Google Workspace: New account security, DLP capabilities announced

New capabilities in Google Workspace will help enterprises improve account and data security, by making unauthorized takeover of admin and user accounts and exfiltration of sensitive data more difficult. Some of these options are already available in p… Continue reading Google Workspace: New account security, DLP capabilities announced

Zimbra users in Europe, Latin America face phishing threat

ESET researchers have uncovered a mass-spreading phishing campaign aimed at collecting Zimbra account users’ credentials. Zimbra Collaboration is an open-core collaborative software platform, a popular alternative to enterprise email solutions. About t… Continue reading Zimbra users in Europe, Latin America face phishing threat

Cryptojacking soars as cyberattacks increase, diversify

Digital threat actors are adopting evolving tactical behaviors, opting for different types of malicious attacks compared to previous years, according to SonicWall. Overall intrusion attempts were up, led by the highest year on record for global cryptoj… Continue reading Cryptojacking soars as cyberattacks increase, diversify

Cybersecurity measures SMBs should implement

Small and medium-sized businesses (SMBs) are targeted by cyberattackers as much as large companies, the 2023 Verizon Data Breach Investigations Report (DBIR) has revealed; here are some cybersecurity controls they should prioritize. Company size does n… Continue reading Cybersecurity measures SMBs should implement

Malware delivery to Microsoft Teams users made easy

A tool that automates the delivery of malware from external attackers to target employees’ Microsoft Teams inbox has been released. TeamsPhisher (Source: Alex Reid) About the exploited vulnerability As noted by Jumpsec researchers Max Corbridge and Tom… Continue reading Malware delivery to Microsoft Teams users made easy

Kaspersky’s New Report Reveals the Top Cyber Threats for SMBs in 2023

A new report from Kaspersky reveals the top cyber threats for SMBs in 2023. Read more about it and how to protect organizations from it.
The post Kaspersky’s New Report Reveals the Top Cyber Threats for SMBs in 2023 appeared first on TechRepublic.
Continue reading Kaspersky’s New Report Reveals the Top Cyber Threats for SMBs in 2023

8Base ransomware group leaks data of 67 victim organizations

Lockbit 3.0 is currently the most active ransomware group, NCC Group says in its most recent Threat Pulse report, but new ransomware groups like 8Base and Akira are rising in prominence. Collectively, the various ransomware groups revealed 436 victim o… Continue reading 8Base ransomware group leaks data of 67 victim organizations

Microsoft Teams vulnerability allows attackers to deliver malware to employees

Security researchers have uncovered a bug that could allow attackers to deliver malware directly into employees’ Microsoft Teams inbox. “Organisations that use Microsoft Teams inherit Microsoft’s default configuration which allows users fro… Continue reading Microsoft Teams vulnerability allows attackers to deliver malware to employees