Authorities have executed a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable on-premises versions of Microsoft Exchange Server software in the United States. Through January and February 2021, certain hacking groups exploited zero-day vulnerabilities in Microsoft Exchange Server software to access email accounts and place web shells for continued access. Web shells are pieces of code or scripts that enable remote administration. Other hacking groups followed suit starting in early … More
The post FBI removes web shells from hacked Microsoft Exchange servers appeared first on Help Net Security.
Passwords are problematic. They can be costly and burdensome for businesses to manage, can cause poor user experience, and they are easily compromised. It’s no wonder, then, that many enterprises are expected to shift to passwordless authentication for users as part of an overall digital transformation. A passwordless solution The introduction of passwordless authentication throws out any reliance on passwords and delivers a better user experience, less headaches for the IT guys and better levels … More
The post Get your firm to say goodbye to password headaches appeared first on Help Net Security.
Netscout announced findings from its bi-annual Threat Intelligence Report, punctuated by a record-setting 10,089,687 DDoS attacks observed during 2020. Cybercriminals exploited vulnerabilities exposed by massive internet usage shifts since many users were no longer protected by enterprise-grade security. Attackers paid particular attention to vital pandemic industries such as e-commerce, streaming services, online learning, and healthcare generating a 20% year-over-year increase in attack frequency over 2019 plus a 22% increase in the last six months of … More
The post DDoS attack activity: 10 million-plus attacks and 22% increase in attack frequency appeared first on Help Net Security.
A FireEye report outlines critical details on trending attacker techniques and malware, the proliferation of multifaceted extortion and ransomware, preparing for expected UNC2452 / SUNBURST copycat threat actors, growing insider threats, plus pandemic and industry targeting trends. Global median dwell time drops below one month for first time Over the past decade, Mandiant has observed a trending reduction in global median dwell time (defined as the duration between the start of a cyber intrusion and … More
The post Detection capabilities improve, but ransomware surges on appeared first on Help Net Security.
Over the past year, 65% of people around the world report spending more time online than ever before, likely a result of the COVID-19 pandemic. As we connected to the internet for everything from work and school to entertainment, social connection and even groceries, cybercriminals took advantage and launched coordinated attacks and convincing scams. NortonLifeLock revealed that in the past year nearly 330 million people across 10 countries were victims of cybercrime and more than … More
The post 330 million people across 10 countries were victims of cybercrime in 2020 appeared first on Help Net Security.
A majority of risk managers are optimistic about the profession’s outlook, with COVID-19 and economic uncertainty amplifying the need for strong organizational risk management, a report from the Global Association of Risk Professionals (GARP) reveals. Sixty-nine percent of all survey respondents — comprised of 2,100 GARP Members across 101 countries — said they expect their risk career opportunities to increase over the next 18 months, while nearly one-third said they anticipate a significant increase in … More
The post Despite higher workloads, risk managers have high levels of job satisfaction appeared first on Help Net Security.