But just because they are not being used does not mean that they cannot be compromised.Īs we head into 2022, work will no longer be distinguished by where an employee (or student) is working or learning from.
Unused identities: A growing security threatĪccording to our internal research, 6% of user accounts within an organization are inactive.
To honor the milestone, Dashlane announced its 2021 Worst Password Offenders list. In 2021, we’re celebrating the 60th anniversary of the computer password’s invention, but it also marks the year of some of the worst password mishaps this century. Password offenders: Who’s the naughtiest of them all? In this interview with Help Net Security, Terry Traina, CTO at Masergy, talks about the benefits of leveraging AIOps and how it can help thwart growing security threats. Leveraging AIOps for a holistic view of network performance and security It can also be a fantastic customer service tool and – crucially – it allows organizations to comply with a perpetually changing landscape of industry- and region-specific data protection regulations.Įmployees think they’re safe from cyberthreats on company devicesĪ research launched by Menlo Security reveals increased cybersecurity risks posed to employees and organizations during the 2021 holiday shopping season. Secure communication enables more efficient communication and the secure exchange of digital documents. This data underscores the need for clearer and more frequent communications between cybersecurity teams and executives and offers best practices security leaders should implement to improve those interactions.Įnterprise email encryption without friction? Yes, it’s possible How C-suite executives perceive their organizations’ readiness for ransomware attacksĪ new (ISC)² study provides insights for cybersecurity professionals into the minds of C-suite executives and how they perceive their organisations’ readiness for ransomware attacks.
In this interview with Help Net Security, Laura Hoffner, Chief of Staff at Concentric, talks about modern car vulnerabilities, the techniques hackers are using to compromise connected vehicles and how to protect users. Modern cars: A growing bundle of security vulnerabilities
Hackers have reported over 66,000 valid vulnerabilities this year – over 20% more than 2020 – with hacker-powered pentests seeing a 264% increase in reported vulnerabilities, HackerOne has announced. On the surface, it is not clear why this should be. Operational Technology (OT) networks are at risk from the recently-announced Apache Log4j (CVE-2021-44228) vulnerability. The impact of the Log4j vulnerability on OT networks Microsoft has delivered fixes for 67 vulnerabilities, including a spoofing vulnerability (CVE-2021-43890) actively exploited to deliver Emotet/Trickbot/Bazaloader malware family. Microsoft patches spoofing vulnerability exploited by Emotet (CVE-2021-43890) The end of the year chaos caused by the revelation of the Log4Shell vulnerability has, for some organizations, been augmented by a ransomware attack on Ultimate Kronos Group (UKG), one of the biggest HR and workforce management solutions providers in the US. Ransomware hits HR solutions provider Kronos, locking customers out of vital services The disclosure of the critical Log4Shell (CVE-2021-44228) vulnerability and the release of first one and than additional PoC exploits has been an unwelcome surprise for the entire information security community, but most of all those who are tasked with keeping enterprise systems and network secure. The Log4j JNDI attack and how to prevent it Log4Shell: A new fix, details of active attacks, and risk mitigation recommendationsĭue to the extraordinary widespread use of the open-source Apache Log4j library, the saga of the Log4Shell ( CVE-2021-44228) vulnerability is nowhere near finished. Here’s an overview of some of last week’s most interesting news, articles and interviews: