In today's hybrid workforce reality, security teams are fighting a daily battle against data loss. Threat actors are doubling down on attacks targeting remote workers, as increases in SaaS applications, cloud data, and traffic going to public cloud services make it harder to identify users and devices, apply policy-based security, and ensure secure access to applications and data.
Full Article
Russia-linked cybercriminal gang REvil has exploited Kaseya’s cloud-based IT management and remote monitoring software to hit managed service providers (MSPs) and their customers in the biggest ransomware attack on record.
Full Article
SAP and Onapsis security researchers have released a threat intelligence report detailing the active exploitation of critical SAP application vulnerabilities. Multiple “advanced threat actors” are carrying out a range of attacks with techniques that could lead to full control of unsecured applications.
Full Article
Microsoft has announced multiple zero-day Microsoft Exchange vulnerabilities are being exploited by Chinese hacking group Hafnium.
Full Article
Another major hospital network, experienced a significant ransomware attack that led to the shutdown of several US computing systems.
Full Article
The 'SigRed' vulnerability allows remote attackers to gain domain administrator privileges by sending malicious queries to Windows DNS servers, opening the door for attackers to execute remote code, intercept traffic and steal credentials.
Full Article
In this CBI Security Alert, Senior Penetration Tester Aaron Pohl goes in-depth about Ripple20, a set of critical software vulnerabilities that could potentially affect hundreds of millions of devices in the coming years.
Full Article
In this CBI Security Alert, VP of Systems Engineering Dan Gregory provides his perspective on the EKANS ransomware threat that has been targeting industrial control system environments.
Full Article
Microsoft Internet Explorer has a Zero Day exploit that is already being taken advantage of – CBI's Troy Jessee provides details and remediation info in this CBI Security Alert.
Full Article
The latest CBI Insights article give you everything you need to know about the Capital One data breach, what it means to you and next steps to protect your organization.
Full Article
CBI provides an overview of BEC scams, a threat where employees receive realistic but falsified email requests.
Full Article
Today’s Security Alert highlights the new Microsoft patch that protects older versions of Windows from “wormable” malware attacks.
Full Article
Unidentified group of hackers breached the City of Baltimore’s IT infrastructure in a cyberattack using ransomware known as, “RobbinHood.”
Full Article
In this CBI Insights blog post, we review evolving data threats like RAMBleeds and how to get ahead of them.
Full Article
