Monero Aqua Security Stop Cryptomining Cryptojacking Attacks

Monero Cryptominer Attack Exploits Exchange Server Flaw

It didn’t take threat actors long to jump on a vulnerability affecting Microsoft Exchange mail server software. While exploits involving an array of malware from ransomware to webshells are well-documented, Sophos researchers report that other payloads have been aimed at Exchange servers. “It stood to reason that the Microsoft Exchange ... Read More
Security Boulevard
Clubhouse Siemplify survey security

Clubhouse Exclusivity Applies to Membership, Not Data

There’s a certain irony that an invitation-only social media platform would find a hacker posted data on 1.3 million of its users on an online forum. But that’s exactly where Clubhouse found itself over the weekend; proffering by way of explanation that user profile data is accessible by virtually anyone ... Read More
Security Boulevard
Swarmshop Security as Bad Guy Myth

Hackers Leak Hacker Data in Swarmshop Breach

There’s no honor among cyberthieves. It seems the prospect of accessing new hacking tools and other valuable assets is just too lucrative for some hackers to respect their counterparts-in-crime, since for the second time in a little more than a year, user data – that’s hacker user data – from ... Read More
Security Boulevard
EtterSilent ransomware dark web

Understanding EtterSilent and the Cybercrime Supply Chain

The buzz around a new maldoc builder that’s quickly becoming the favorite of cybercriminals mirrors the behavior around other popular products in a legitimate marketplace – that could be good news for defenders. Just like buyers who line up to buy the latest athlete-endorsed sneakers, threat actors hankering for EtterSilent ... Read More
Security Boulevard
cloud security race

Race to Cloud Continues Despite Security Concerns

After a year of shifting to the cloud at a dizzying pace, it seems that trend shows no sign of slowing down. Organizations continue the shift to complex cloud environments, though many find providers’ native security controls fall short of their needs. More than half of the organizations surveyed for ... Read More
Security Boulevard
CISA Cybersecurity Fraud Case Under Federal False Claims Act

CISA Orders Action Against Exchange Vulnerabilities

Underscoring the continued potential threat from the recently discovered exploitation of vulnerabilities in Microsoft Exchange Servers, the Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to take a number of actions to shore up security, including immediately scanning the servers for malware. “CISA has determined that this exploitation of ... Read More
Security Boulevard
supply chain Okta endpoint security

Leaky Apps Heighten Supply Chain Risk

Securing the apps that businesses and individuals have come to rely on, particularly during the pandemic, has become a multidimensional challenge. Recent research underscored the need to more tightly knit DevOps together with SecOps early in the development process. More than 40% of apps actively leaked information, increasing the risk ... Read More
Security Boulevard
Astoria Company hack

New Details on Astoria Company Hack Emerge

When the ShinyHunters hacking group started hawking the personal data of millions of people on the Dark0de market early last month, it was notable because of the sheer number of records in play – and because of who was hacked. In addition to information on 400 million Facebook and a database ... Read More
Security Boulevard
attacks remote work

Microsoft Office 365 Attacks on the Rise

It’s not surprising the COVID-19 pandemic that pushed workers home also accelerated cloud migration and digital transformation, but new research from Vectra.ai unearthed a troubling trend – 71% of Microsoft Office 365 deployments in medium to large companies suffered, on average, seven legitimate account takeovers at a time when remote ... Read More
Security Boulevard
privacy shield security remote work

Post-Privacy Shield Guidance From French Court

For U.S. companies scrambling to protect cross-border data transfer after the Court of Justice of the European Union invalidated the Privacy Shield, a recent ruling by a French court could provide some guidance on developing a legal framework and establishing some technical protocols that could protect them from the long ... Read More
Security Boulevard