News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

NDR and machine learning against data exfiltration
NDR and machine learning against data exfiltration

Many companies are unable to effectively prevent data exfiltration and data theft. According to Exeon, the most common causes of such exposure of confidential and private data are cyberattacks and human error. NDR and machine learning are powerful tools against data exfiltration. Only timely detection of vulnerabilities and cyberattacks can prevent data from being exfiltrated and then published by malicious actors or used to obtain ransoms. The increasing complexity of networks and application environments is making it increasingly difficult for companies to reliably prevent exfiltration. Many gateways – mostly because of…

Read more

Industrial CyberSecurity with XDR functions
Industrial CyberSecurity with XDR functions - Image by Sarah Sever on Pixabay

Kaspersky has expanded its Kaspersky Industrial CyberSecurity solution to include automated, centralized compliance audit capabilities. In addition, the platform now has expanded Extended Detection and Response (XDR) and Network Traffic Analysis (NTA) capabilities, as well as a new user interface for easier management. According to Kaspersky ICS CERT, malicious objects were blocked on 2023 percent of computers with an Industrial Control System (ICS) in Germany in the first half of 16. To address the increase and complexity of cyber threats targeting industrial computers, Kaspersky Industrial Security now offers additional features...

Read more

Adversary Report exposes cybercriminals' tricks
Adversary Report exposes cybercriminals' tricks

The detailed analysis of actual attacks on companies uncovers a new scam used by cybercriminals to cover up their length of stay and thus thwart a rapid defensive response. The new Sophos Active Adversary Report reveals the tricks used by cybercriminals. Sophos has released its new Active Adversary Report. Particularly striking: in 42 percent of the attacks analyzed, the telemetric protocols were missing and in 82 percent of these cases, the criminals actively deactivated or deleted telemetry data to hide their attacks. In addition, the length of stay in the hijacked system continues to decrease, setting the trend...

Read more

Qakbot continues to actively defy smashed network
B2B Cyber ​​Security ShortNews

As new threat intelligence findings from Cisco Talos show, the threat actor (affiliates) behind the Qakbot malware remains active and has been running a campaign again since the beginning of August 2023. In the campaign, they spread the ransomware “Ransom Knight” and the backdoor “Remcos” via phishing emails. What's special: the Qakbot infrastructure was confiscated by the FBI at the end of August. Nevertheless, the campaign, which was launched at the beginning of August, continues. This suggests that the law enforcement action may not have impacted the Qakbot operators' spam sending infrastructure, but only their command and control (C2) servers. Qakbot uses other distribution channels…

Read more

IT problem solvers with AI: AI Assistant for Observability
IT problem solvers with AI: AI Assistant for Observability - Image by Faisal Mehmood on Pixabay

Elastic Announces Launch of AI Assistant for Observability and General Availability of Universal Profiling. Transforming the observability of complex cloud-native environments: centralized and limitless end-to-end visibility for site reliability engineers (SREs). Elastic, the company behind Elasticsearch®, announces the launch of the Elastic AI Assistant for Observability and the general availability of Universal Profiling™. This provides Site Reliability Engineers (SREs), regardless of their level of experience, with context-specific, relevant and actionable operational insights into their respective IT environment. Today's IT operations teams face ever-changing system challenges and issues specific to their particular IT environment...

Read more

Zero Trust: Endpoint agents as a VPN replacement
Endpoint agents as a virtual private network replacement - Image by Gerd Altmann on Pixabay

Organizations can now take full advantage of the benefits of a zero trust architecture while dramatically simplifying network design. New endpoint agents for macOS and Windows serve as a complete replacement for traditional virtual private networks. Lookout has announced new Windows and macOS endpoint agents for its Lookout Secure Private Access Zero Trust Network Access (ZTNA) solution, facilitating the complete replacement of overburdened virtual private networks (VPNs) with cloud-based security. Enterprises can now take full advantage of the benefits of a zero trust architecture while dramatically simplifying network design. According to analysts at Gartner, by…

Read more

Cloud defense system against DDoS tsunamis
Cloud mitigation system against DDoS tsunamis - Photo by Omar Flores on Unsplash

Radware presents a new cloud web DDoS protection solution against so-called tsunami attacks. The state-of-the-art solution is designed to bridge the growing gap between standard DDoS mitigation and a new breed of more aggressive Layer 7 (L7) HTTPS flood attacks – also known as web DDoS tsunami attacks. Radware's solution has the ability to combat encrypted, high-volume, and vectorial threats that bypass standard web application firewalls (WAF) and network-based DDoS tools, essentially rendering them ineffective. “The dramatic rise in web DDoS tsunami attacks poses an imminent cyber threat. Organizations around the world, regardless of industry,…

Read more

Hacker: Useful eBPF packet filter has many vulnerabilities
Hacker: Useful eBPF packet filter has many vulnerabilities

The extended Berkeley Packet Filter (eBPF) filters data packets from networks and embeds them in the operating system core. The technology supports users in the administration and protection of computers and networks. However, what administrators and security teams rarely take into account sufficiently: The packet filter has numerous vulnerabilities that can easily be misused by hackers for a cyber attack. The extended Berkeley Packet Filter is a special purpose virtual machine that allows sandboxed programs to run in a privileged context, such as the operating system kernel. It forms an interface to data link layers of data units. The technology supports both…

Read more

Response time after alarm: 4 days and more!  
Response time after alarm: 4 days and more!

The Cloud Threat Report Volume 7 reveals: After an alert for a security team, attackers have up to 40 days to carry out their attack in 4 percent of cases. Attackers are helped by the 60 percent unpatched high or critical vulnerabilities. The cloud attack surface is as dynamic as the cloud itself. As organizations around the world increasingly share, store, and manage data in the cloud, the attack surface for businesses is expanding exponentially. This expansion often happens in unknown, overlooked, or poorly secured ways. For attackers, every workload in…

Read more

Ransomware: Attack on Schweizer Medienverlag and NZZ
B2B Cyber ​​Security ShortNews

The Neue Züricher Zeitung – NZZ reported an attack on its network a few days ago and was therefore unable to publish it in full. Since various radio stations also use the IT network of NZZ through company participations, the latter could not broadcast their planned program. Apparently there was a ransomware attack after the first signs. It was quickly noticed how strongly some editorial offices of newspapers, radio and TV are linked to the NZZ network. According to initial information, there was a ransomware attack that partially shut down the network. While some issues of the NZZ do not appear complete...

Read more