Jeff Burt Avatar
  • VBA macro security

    Microsoft Blocks VBA Macros by Default, Temporarily Shuts Down MSIX Protocol

    Microsoft is shutting a couple of security holes, including one that has been a favored target of attackers for years and another that the enterprise software giant recently learned could be exploited to install a malicious package. At the same time, the federal government is now adding another Microsoft flaw to its list of known […]

  • DCIM system

    Thousands of Data Center Management Apps Exposed to Internet

    Tens of thousands of applications that are critical to the operations of data centers around the globe are exposed to the internet, with many secured with default factory passwords, posing a significant cyber risk to enterprises worldwide. Researchers with cybersecurity firm Cyble this week said that along with the public-facing data center infrastructure management (DCIM) […]

  • spoofed zoom email

    Zoom Security Issues Are a Wakeup Call for Enterprises

    Video conferencing vendor Zoom has seen its fortunes soar amid the remote work boom of the last two years, and other cloud collaboration platforms like Microsoft Teams and Cisco Webex have seen demand skyrocket too. The sharp increase in demand put a focus on security shortcomings in Zoom’s architecture – “Zoombombing” became a thing – […]

  • DDoS attacks

    Microsoft Fights Off Another Record DDoS Attack as Incidents Soar

    Microsoft in November fended off a massive distributed denial-of-service (DDoS) attack in its Azure cloud that officials said was the largest ever recorded, the latest in a wave of record attacks that washed over the IT industry in the second half of 2021. The enterprise software and cloud giant said in a blog post this […]

  • white house cybersecurity

    White House Boosts Zero Trust with New Cybersecurity Strategy

    The Biden Administration is pushing federal agencies to adopt a zero-trust security architecture to protect themselves and their data from “increasingly sophisticated and persistent threat campaigns,” according to a new strategy issued this week by the Office of Management and Budget (OMB). According to the White House order, agencies have until the end of the […]

  • cybersecurity asset management

    Easily Exploitable Linux Flaw Exposes All Distributions: Qualys

    An easily exploited flaw in a program found in every major Linux distribution is the latest serious security issue that has arisen in the open-source space in recent weeks. Researchers at cybersecurity vendor Qualys this week disclosed the memory corruption vulnerability in polkit’s pkexec, which if exploited by a bad actor can enable an unprivileged […]

  • wiper malware

    CISA, Microsoft Warn of Wiper Malware Amid Russia-Ukraine Tensions

    The U.S. government agency overseeing cybersecurity is urging the country’s businesses and other organizations to take the necessary steps to protect their networks from any spillover that might occur from the ongoing cyberattacks aimed at Ukraine government agencies and private companies. In an alert issued this week, the Cybersecurity and Infrastructure Security Agency (CISA) cited […]

  • CrowdStrike XorDDOS detection

    Attacks Escalating Against Linux-Based IoT Devices

    Incidents of malware targeting Linux-based Internet of Things (IoT) devices jumped by more than a third in 2021, with three malware families the primary drivers behind the increase. According to a report by CrowdStrike, there was a 35 percent year-over year growth in 2021 of malware targeting these devices, and the XorDDoS, Mirai and Mozi […]

  • APT35 attack diagram

    Iran-Based APT35 Group Exploits Log4J Flaw

    Security researchers are continuing to see state-supported hacking groups developing tools to leverage the high-profile Log4j vulnerability that exploded onto the scene last month even as the White House and other parts of the federal government look for ways to get ahead of the threat. Check Point Software’s researchers said this week that the Iran-backed […]

  • U.S. Security Agencies Warn About Russian Threat Gangs Amid Ukraine Tensions

    U.S. federal security agencies are putting companies on alert to potential threats from Russian state-sponsored cybercriminal groups, warning in particular about dangers to critical infrastructure and urging organizations to learn how to detect and protect against attacks. The joint cybersecurity advisory issued Jan. 11 by the FBI, National Security Agency (NSA) and Cybersecurity and Infrastructure […]

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis