News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Google names 97 observed zero-day vulnerabilities
B2B Cyber ​​Security ShortNews

There are many zero-day vulnerabilities, but not all of them are widely exploited. Google and Mandiant observed 97 zero-day vulnerabilities that were heavily exploited - an increase of 50 percent compared to the previous year. Google and Mandiant released a new study that observed 2023 zero-day vulnerabilities exploited in the wild in 97. That's over 50 percent more than in 2022 (62 vulnerabilities), but less than the record-breaking 106 vulnerabilities exploited in 2021. TAG and Mandiant were responsible for the original discovery of 29 of these…

Read more

Test: Security software for endpoints and individual PCs
AV TEST News

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows at endpoints in companies. The laboratory also tested 16 products for non-networked individual PCs. The AV-TEST Institute tested a total of 2023 security solutions under Windows 32 in November and December 10. The detailed results show how well the products work in the areas of 'protection', 'system load' (performance) and 'usability'. 16 endpoint products in the test Each individual program had to fend off almost 12.000 real malware attacks, with all protective functions such as URL/web filters, behavior-based...

Read more

Linux systems targeted by ransomware attackers
B2B Cyber ​​Security ShortNews

Attacks on Linux systems have been increasing for several years. A provider of security solutions therefore conducted a study analyzing and comparing ransomware attacks on Linux and Windows. Ransomware attacks on Linux systems, particularly ESXi systems, have increased significantly in recent years. That's why Check Point Research (CPR) delves into the intricacies of these incidents and draws comparisons to their Windows counterparts. Historically, ransomware threats have primarily targeted Windows environments. The malware, which aims to encrypt the data of its victims, which the attackers then usually only exchange for large ransoms...

Read more

17 endpoint solutions for Windows 10 Pro tested
Testing 17 Endpoint Solutions for Windows 10 Pro - Image by Pete Linforth from Pixabay

After about a year at the latest, even laypeople know what a cyber war means and what collateral damage it can cause to completely uninvolved companies. The AV-TEST laboratory tested and evaluated the performance of 17 endpoint products. For the best protection of company and employee PCs with Windows, the AV-TEST specialists tested 17 protection products in the laboratory. The results show that the market offers very good security solutions for companies. However, individual products cannot quite keep up. War in Ukraine: Collateral damage to companies Last year there was always bad news about…

Read more

Google Chrome: Update closes 20 vulnerabilities
B2B Cyber ​​Security ShortNews

Many highly dangerous vulnerabilities have again been found via Chrome's bug bounty program. The current Chrome update to version 115.0.5790.98/99 closes 20 vulnerabilities - 4 of which are classified as "highly dangerous" The current Chrome update contains a total of 20 updates, including 4 updates for highly dangerous vulnerabilities. In companies, the admins ensure that Chrome remains up to date. Individual companies and SMEs should definitely click in the help area - the further update happens automatically. Work PCs often run through and as long as the browser is not closed and reopened, no update happens! Chrome version 115.0.5790.98/99 closes gaps…

Read more

Patchdays: Increasing exposure to CVEs
B2B Cyber ​​Security ShortNews

The April 2023 Patchday release contains fixes for 97 CVEs (Common Vulnerabilities and Exposures) - seven rated critical and 90 rated important. One of the 97 CVEs has already been misused as a zero day in the wild. “CVE-2023-28252 is an elevation of privilege vulnerability in the Windows Common Log File System (CLFS). It has been exploited by criminals and is the second zero-day use of CLFS privileges this year - and the fourth in the last two years. It is also the second CLFS zero-day vulnerability disclosed by researchers from Mandiant and DBAPPSecurity (CVE-2022-37969), although...

Read more

3CX: 3CX Desktop App Security Incident Results
B2B Cyber ​​Security ShortNews

3XC, the provider of the popular Phone System VOIP/PBX software, had an issue with a trojanized version of the 3CX desktop app. With 600.000 customers in 190 countries waiting for answers, 3CX employed specialist Mandiant as the investigation team for the forensic analysis. Now the first findings are available that it is probably a North Korean APT group. Based on Mandiant's previous investigation into the 3CX intrusion and supply chain attack, they assign the activity to a cluster called UNC4736. Mandiant believes with a high degree of certainty that UNC4736 has a North Korean connection. Windows-based malware client…

Read more

Windows: Malware samples exceeded 1 billion mark
Windows: Malware samples exceeded 1 billion mark

At the end of December 2022 and January 2023, the AV-TEST statistics tool AV-ATLAS registered more than 1 billion malware samples for Windows. However, the increase continues rapidly with 7 to 10 million new malware samples per month. The number of more than 1 billion malware samples for Windows is staggering. The monthly growth figures are also absolutely frightening. As of the date of the article, the tool counted exactly 1.014.313.024 samples - again an increase of over 14 million. Just for comparison: With this number of malware samples, there are now statistically about...

Read more

3 million insecure Windows computers in Germany
Eset_News

Support for Windows 10 ended on January 2023, 8.1, as did extended paid support for Windows 7. From this point on, no more security updates will be released. Microsoft also does not offer an Esu (Extended Security Update) program for Windows 8.1. The result: almost 3 million insecure Windows computers. In German private households, around one million computers are still running Windows 8.1 and almost twice as many are running Windows 7 (1,7 million). All in all, almost three million computers with an insecure operating system are still regularly online. It is high time for users to make the switch...

Read more

CryWiper: Ransomware actually destroys the data
Kaspersky_news

Kaspersky experts have discovered a new ransomware: CryWiper. It initially acts like encryption software. But the data is not encrypted, but overwritten with random data. Paying the ransom is useless. Kaspersky experts have discovered an attack by a new Trojan, which they have dubbed CryWiper. At first glance, this malware looks like ransomware: it modifies files, adds a .CRY extension (unique to CryWiper) to them, and saves a README.txt file with a ransom note containing the Bitcoin wallet address, the contact e-mail address of the malware creators and the infection ID. CryWiper: overwriting instead of encryption In fact...

Read more