By Chaim Mazal, Chief Security Officer, Gigamon Over the last few years, organizations have been hearing about a Zero Trust architecture (ZTA) as a means for IT leaders to take a […]

The post Operationalizing Zero Trust Architecture appeared first on Cyber Defense Magazine.

The Mallox ransomware group, also known as TargetCompany, Fargo, and Tohnichi, has become increasingly active, signaling a significant shift in its operations. According to recent findings, Mallox’s ransomware activities in 2023 have seen a staggering 174% increase compared to the previous year. Researchers` Findings Security researchers from Palo Alto Networks Unit 42, reported that Mallox, […]

The post Mallox Ransomware Witnessing Alarming Surge in Activity appeared first on Heimdal Security Blog.

Security Researchers warn about finding new vulnerabilities in the AMI MegaRAC Baseboard Management Controller (BMC) software. The flaws, rated from high to critical, open the way for threat actors to deploy malware and succeed in remote code execution (RCE). Lots of top-tier manufacturers rely on MegaRAC BMC to provide “lights-out” administration for servers worldwide. Researchers […]

The post New Severe Vulnerabilities Found in AMI MegaRAC BMC Software appeared first on Heimdal Security Blog.

Multiple DDoS botnets have actively exploited a critical vulnerability discovered in Zyxel firewall models, as revealed by cybersecurity researchers. Tracked as CVE-2023-28771, this flaw explicitly impacts Linux platforms and enables remote attackers to gain unauthorized control over vulnerable systems, effectively launching DDoS attacks. The Specifics The vulnerability stems from an error message handling bug, which enables […]

The post Critical Zyxel Firewall Vulnerability Exploited in DDOS Attacks appeared first on Heimdal Security Blog.

P2PInfect is a new cloud-targeting, peer-to-peer (P2P) worm recently discovered by cybersecurity researchers, that targets vulnerable Redis instances for follow-on exploitation. Researchers William Gamazo and Nathaniel Quist said that P2PInfect exploits Redis servers running on both Linux and Windows OS, making it more scalable and potent than other worms. Details on P2PInfect It is estimated […]

The post P2PInfect: A New Worm Targets Redis Servers on Linux and Windows appeared first on Heimdal Security Blog.

Robert Falzon is currently the Head of Engineering, Canada, within the office of the CTO for Check Point Software Technologies Inc., the world wide leader in securing the internet. His background includes over 30 years of experience in large scale network security architecture, design, and deployment projects for government and business organizations spanning the globe. […]

The post How we might be able to ruin art, save society and speak to whales appeared first on CyberTalk.

Tampa General Hospital announced on Wednesday evening that cybercriminals breached its network and stole files containing the personal health information (PHI) of about 1.2 million patients. Located on Davis Island in Tampa, Florida, Tampa General Hospital (TGH) is a not-for-profit, tertiary, research and academic medical institution serving western Florida and the broader Tampa Bay area […]

The post Tampa General Hospital Reports Cybercriminals Stole 1.2M Patient Data appeared first on Heimdal Security Blog.

Cosmetic conglomerate Estée Lauder has been listed on the data leak sites of two of the most active threat groups today, ALPHV/BlackCat and Clop. The BlackCat gang mocked the security of Estée Lauder in a message to the company, saying that they were still present on the network. The MOVEit Campaign Strikes Again The Estée […]

The post BlackCat and Clop Claim Cyberattack on Beauty Giant Estée Lauder appeared first on Heimdal Security Blog.

Adobe released an emergency ColdFusion security update meant to fix critical vulnerabilities, including a new zero-day vulnerability. Adobe fixed three vulnerabilities as part of their out-of-band update: CVE-2023-38204: a critical remote code execution (RCE) vulnerability (9.8 rating); CVE-2023-38205: a critical Improper Access Control flaw (7.8 rating); CVE-2023-38206: a moderate Improper Access Control flaw (5.3 rating). […]

The post Adobe Releases Patches to Fix Three New ColdFusion Vulnerabilities appeared first on Heimdal Security Blog.

The United Kingdom’s public sector is undergoing a digital transformation, relying increasingly on technology to enhance service delivery, streamline operations, and foster improved engagement with citizens. As government organizations continue to embrace technological advancements, they also face a growing array of cyber threats that pose significant risks to their operations and the security of sensitive […]

The post The Crucial Role of Cyber Essentials in the UK Public Sector appeared first on Heimdal Security Blog.