News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Intruders in your email inbox
Email as a primary attack vector

Automated email inbox rules are a useful and familiar feature of most email programs. They help manage your inbox and the daily flood of wanted and unwanted messages by allowing you to move emails to specific folders, forward them to colleagues when you're away, or delete them automatically. However, once an account has been compromised, attackers can abuse inbox rules to disguise further attacks, for example by secretly exfiltrating information from the network via forwarding, ensuring that the victim does not see security warnings, and deleting certain messages. E-mail…

Read more

DDoS: Protection against cyberattacks with automated real-time analysis
DDoS: Protection against cyberattacks with automated real-time analysis

NETSCOUT has introduced its Adaptive DDoS Protection for its Arbor® Threat Mitigation System (TMS). The system improves the detection of distributed attacks that dynamically change vectors and target numerous IP addresses simultaneously, including carpet bombing. NETSCOUT ASERT, the company's expert security research and DDoS attack defense team, has documented a significant increase in dynamic distributed denial of service (DDoS) attacks that utilize multiple vectors and techniques to attack botnet-based, direct-to-consumer attacks. To launch path, state exhaustion and application layer attacks. These are designed to bypass traditional static network and cloud-based DDoS defenses. Carpet bombing attacks have increased by more than 110%...

Read more

iOS 16: Simulated flight mode as a hidden hack
iOS 16: Simulated flight mode as a hidden hack - Photo by Sten Ritterfeld on Unsplash

Jamf Threat Labs has developed a technique on iOS16 that can simulate airplane mode. In concrete terms, this means that hackers could exploit this opportunity to trick the victim into thinking that the device's flight mode is turned on. However, malware is working in the background. The attacker actually installed an artificial flight mode (after successfully using an exploit on the device). This changes the user interface so that the airplane mode symbol is displayed and the Internet connection to all apps is interrupted - except the application that the hacker wants to use. The technology has probably not yet been used by malicious...

Read more

Email blackmail on the rise

In extortion emails, cybercriminals threaten to publish compromising information about their victims, such as an embarrassing photo, and demand payment in cryptocurrency. Attackers often purchase victims' login credentials or obtain them through data breaches to "prove" that their threat is legitimate. To gain a better understanding of the financial infrastructure attackers use in extortion emails, Barracuda partnered with researchers at Columbia University to analyze over 300.000 emails captured by Barracuda Networks' AI-based detectors over a period of one year year when extortion attacks were detected. Below are the…

Read more

Zero Trust: Endpoint agents as a VPN replacement
Endpoint agents as a virtual private network replacement - Image by Gerd Altmann on Pixabay

Organizations can now take full advantage of the benefits of a zero trust architecture while dramatically simplifying network design. New endpoint agents for macOS and Windows serve as a complete replacement for traditional virtual private networks. Lookout has announced new Windows and macOS endpoint agents for its Lookout Secure Private Access Zero Trust Network Access (ZTNA) solution, facilitating the complete replacement of overburdened virtual private networks (VPNs) with cloud-based security. Enterprises can now take full advantage of the benefits of a zero trust architecture while dramatically simplifying network design. According to analysts at Gartner, by…

Read more

First mobile solution for Secure Service Edge (SSE)
First mobile solution for Secure Service Edge (SSE) - Image by Mohamed Hassan from Pixabay

With the help of the Absolute Secure Web Gateway Service, an add-on module that fits tightly into Absolute Secure Access's extensive policies, employees are protected while browsing at mobile, remote and hybrid work. The solution inspects, cleans, and effectively inoculates web content in a cloud container before securely forwarding it to the end user's web browser. Organizations of all sizes struggle with today's dynamic threat landscape. Cyber ​​attackers are now using all manner of Tactics, Techniques, and Procedures (TTPs), from brute force phishing methods to sophisticated, automated attacks that use artificial…

Read more

Native protection for VMs in Azure
Native protection for VMs in Azure - Image by Gerd Altmann from Pixabay

The new version Zerto 10 for Microsoft Azure is ideal for native protection for VMs in Azure. It brings an improved solution for disaster recovery and mobility, also supports multi-volume VMs and offers improved scale-out efficiency for more infrastructure flexibility. Zerto, a Hewlett Packard Enterprise company, introduces Zerto 10 for Microsoft Azure. The solution provides enhanced disaster recovery (DR) and data mobility capabilities to help organizations protect their Azure workloads from increasingly sophisticated threats. Core of the improvements in Zerto 10 for Microsoft…

Read more

Accomplice AI: Theft of identity data 
Accomplice AI: Theft of identity data - Image by Eric Blanton from Pixabay

Identity data has always been one of cybercriminals' favorite loot. With their help, account compromises can be initiated and identity fraud committed. Now ChatGPT & Co are also helping with perfect phishing emails. A statement from Dirk Decker, Regional Sales Director DACH & EMEA South at Ping Identity. The attackers usually use social engineering and phishing. The success rate of such attacks, mostly based on sheer mass, is limited. Individualized emails and messages tailored to a victim offer significantly higher success rates, but also require significantly more work...

Read more

Anti-ransomware: real-time detection against data encryption
Anti-ransomware: real-time detection against data encryption - photo by rishi on Unsplash

New detection, alerting, and air-gapped resiliency capabilities give users better protection against ransomware attacks in hybrid clouds. Zerto Announces Real-Time Detection Against Data Encryption and Launches New Cyber ​​Resilience Vault. Zerto, a Hewlett Packard Enterprise company, introduces a new method for real-time detection of encrypted data and an air gapped recovery vault. With real-time detection, organizations can identify early signs of data encryption, enabling early detection and mitigation of a potential ransomware attack. At the same time, Zerto is introducing the physical appliance "Zerto Cyber ​​Resilience Vault" for the first time, which further improves the protection of data...

Read more

Cloud-based GravityZone Security for Mobile
Cloud-based GravityZone Security for Mobile - Photo by Maxim Ilyahov on Unsplash

Bitdefender has introduced its GravityZone Security for Mobile, an extension of the well-known security platform GravityZone that works completely cloud-based. This means that Unified Security is now also available on Android, iOS and Chromebooks. Businesses can now identify and respond to cyber threats to Android, iOS-based devices and Chromebooks as quickly as possible. End customers as well as Managed Service Providers (MSPs) also benefit from full visibility of their mobile IT infrastructure. 6,8 billion smartphones in use More than 6,8 billion smartphones are in use worldwide, many of which are also used in a business context, sometimes as "Bring Your Own...

Read more