Among the Windows 10 vulnerabilities Microsoft announced yesterday, the "Bad Neighbor" vulnerability stands out, posing a potential nightmare scenario for enterprises. With a severity score of 9.8 out of 10, the remote code execution (RCE) vulnerability would allow an attacker to run malware or launch a denial of service (DoS) attack.

A new Incident Response (IR) threat report by Secureworks reveals that cybercriminals are targeting vulnerabilities created by the pandemic-driven worldwide transition to remote work.  The report is based on hundreds of incidents the company’s IR team has responded to since the start of the pandemic.

Vectra released its 2020 Spotlight Report on Microsoft Office 365, which highlights the use of Office 365 in enterprise cyberattacks. The report explains how cybercriminals use built-in Office 365 services in their attacks.

Vectra released its 2020 Spotlight Report on Microsoft Office 365, which highlights the use of Office 365 in enterprise cyberattacks. The report explains how cybercriminals use built-in Office 365 services in their attacks.

BlackBerry released new research highlighting the true reach and sophistication of one of the most elusive, patient, and effective publicly known threat actors – BAHAMUT. In the report, BlackBerry researchers link the cyberespionage threat group to a staggering number of ongoing attacks against government officials and industry titans, while also unveiling the group’s vast network of disinformation assets aimed at furthering particular political causes and hampering NGOs. 

As the 2020 U.S. presidential election nears, there has been a rise in mercenary hacking groups and cyber espionage. Some say this a direct result of the current administrations’ increasingly isolationist global foreign policy, and that the U.S.’ status in the global cyber domain should be a major discussion point before November.

Two men will appear in federal court to face charges that they were involved in the unauthorized takeover of social media and other personal online accounts belonging to professional and semi-professional athletes, U.S. Attorney Craig Carpenito announced.

Digital Shadows explored four main themes via which threat actors’ personalities or real-life identities are expressed on cybercriminal forums, providing examples they've observed over the years. This first blog looked at gender and nationality, while the second in the series examined morality and forum dynamics. 

Universal Health Services (UHS), one of the largest healthcare services provider, has reportedly shut down systems at healthcare facilities around the U.S. after a cyberattack hit its networks. 

To help you and your organization plan and implement an improved cyber hygiene program, we now present a framework for full IoT device defensibility in real world deployments at scale. This framework represents current state-of-the-art best practices for protecting IoT devices, and can form the backbone of your assessment, evaluation, and improvement plans. Follow the steps below to strengthen your network defenses.

Keren Elazari, CISSP, Security Analyst, Researcher, and Public Speaker, kicked off GSX+’s fourth day with a keynote address on the future of cybersecurity. Elazari, a former hacker turned cybersecurity expert, is an internationally celebrated speaker, researcher, and author on all matters of cybersecurity. Her 2014 TED talk, viewed by millions, helped shape the global conversation about the role of hackers and the evolution of cybersecurity in the information age.