Written by Paul Roberts
October: Cybersecurity Awareness Month and Its Discontents
Why haven't 17 annual Cyber Security Awareness months paid dividends? Probably because "awareness" itself isn't nearly enough to beat back a complex, global and societal ill like cybercrime.
CISA Report: Unpatched VPN, Credential Theft Fueled Agency Hack
A CISA analysis of a hack of an unnamed federal agency suggests it may have started with the exploitation of a known (and patched) flaw in the Pulse VPN server.
Zerologon is a Big Deal. Here’s Why.
The Microsoft vulnerability dubbed Zerologon is a 10-on-a-10-scale critical flaw in Windows Netlogon. We explain what you need to know about this serious, new vulnerability.
Privilege Escalation Features Pop Up In More Malware Variants
The new DarkSide ransomware variant and Lucifer’s Spawn, a DDoS and crypto-jacking tool, have one thing in common: privilege escalation features designed to fuel lateral movement.
Konica Minolta Latest Victim of Human Operated Ransomware
The new ransomware family RansomEXX is suspected in the hack of Konica Minolta, its second prominent victim in a month. Evidence suggests that human directed attacks are becoming more stealthy and effective.
Not Learning from NotPetya: The Truth Behind Recent Ransomware Attacks
Why do firms like Garmin find themselves in the grips of ransomware cybercriminal groups? A tell-all by a former Maersk employee offers some clues.
Webinar Today: Dun & Bradstreet joins QOMPLX to talk CMMC Certification
QOMPLX's Bill Solms and Paul Brooks of Dun & Bradstreet's Government Business Unit dig into the new DOD CMMC cyber security certification in a webinar June 3rd 2020 at 2:00 PM.
Zoom and Gloom: Your Security Risk is (much) Bigger than One App
Zoom is responding to a torrent of revelations about security and privacy issues in its platform. But enterprise concerns about application security holes and data privacy shouldn’t be limited to one platform.