New IoT Botnet Uses Tor to Obfuscate C2 Communications, Researchers Find

New IoT Botnet Uses Tor to Obfuscate C2 Communications, Researchers Find

by Silviu STAHIE, from IoT Security Insights , on 08.03.2021

Security researchers discovered that a new variant of the Gafgyt malware is on the loose, attacking D-Link routers and a couple of other IoT devices. The most significant difference from its predecessors is its use of Tor to hide its communication with the command and control center. Malware targeting IoT devices is becoming more common ... The post New IoT Botnet Uses Tor to Obfuscate C2 Communications, Researchers Find appeared first on Bitdefender. read more

A Focused Approach to the Common Interview Process

A Focused Approach to the Common Interview Process

by Business Insights , on 08.03.2021

Filling positions in the information technology career field, particularly in cybersecurity, can present unique challenges. Companies and organizations have realized the vital role cybersecurity plays in daily operations, including protection of company assets from cybercrimes such as DDoS attacks, ransomware, and advanced phishing campaigns. Skilled cybersecurity professionals are being recruited to alleviate these risks and take measures to prevent breaches. Finding suitable candidates can prove difficult, as interviewers must account for the candidate’s analytical and technical skills and determine if the individual would be a good fit for the team and culture. This blog will explain how Bitdefender’s Security Operations Center (SOC) approaches this common challenge by focusing mainly on candidates’ analytical and problem-solving skills. We will also address our views on questions of technical and cultural fit. read more

CISA Offers IT Admins Guidelines to Mitigate Recent MS Exchange Vulnerabilities

CISA Offers IT Admins Guidelines to Mitigate Recent MS Exchange Vulnerabilities

by Filip TRUTA, from HotForSecurity , on 08.03.2021

The Cybersecurity and#38; Infrastructure Security Agency (CISA) has issued an emergency directive and alert addressing several critical vulnerabilities recently found in Microsoft Exchange products. Microsoft confirmed the existence of multiple flaws in Microsoft Exchange Server last week, when it rolled out several security updates following reports of targeted attacks. “Due to the critical nature of [and#8230;] read more

Cybercriminals Are Phishing For Login Credentials of AOL Users

Cybercriminals Are Phishing For Login Credentials of AOL Users

by Alina Bizga, from HotForSecurity , on 05.03.2021

Fraudsters aiming to steal login credentials from AOL users are sending phishing emails that threaten recipients with account closures unless they confirm their email addresses and passwords. The AOL phishing campaign was noticed on February 23, according to Bitdefender Antispam Lab. Like previous email-based phishing campaigns, cybercriminals use scare tactics and subject lines ranging from [and#8230;] read more

New ObliqueRAT Malware Campaign Now Integrates Steganography, Researchers Finds

New ObliqueRAT Malware Campaign Now Integrates Steganography, Researchers Finds

by Silviu STAHIE, from HotForSecurity , on 04.03.2021

Security researchers have identified a new malware campaign designed to infect host machines with ObliqueRAT, a remote access Trojan, with the help of malicious Microsoft Office documents. Infecting email attachments, usually Microsoft Office docs, is a favorite tactic of attackers. Itand#8217;s a simple method, and it works, but even these methods change from time to [and#8230;] read more

Remote Work and the Long-Term Impact on Risk

Remote Work and the Long-Term Impact on Risk

by Business Insights , on 04.03.2021

83% of employers now say the shift to remote work has been successful for their company, compared to 73% in a prior survey. Less than one in five executives say they want to return to the office as it was pre-pandemic. Enterprises are going to have to balance convenience and security over the long haul. read more

5G IoT Connections to Account for 40 Percent of all Connections by 2030, Research Shows

5G IoT Connections to Account for 40 Percent of all Connections by 2030, Research Shows

by Silviu STAHIE, from IoT Security Insights , on 03.03.2021

5G is slowly making its way onto the market, and researchers anticipate that it will account for 40 percent of all connections in 2030, according to a new study from Strategy Analytics. A driving force behind the IoT industry's meteoric rise is Internet availability and ease of use. But in many situations, that connectivity depends ... The post 5G IoT Connections to Account for 40 Percent of all Connections by 2030, Research Shows appeared first on Bitdefender. read more

Technology Providers: Would You Rather be Blockbuster or Netflix?

Technology Providers: Would You Rather be Blockbuster or Netflix?

by Business Insights , on 03.03.2021

Be the voice of authority by tracking market trends for your audience Connect content with action; help them see the why and how to act Failing to respond to mark shifts can have devastating consequences This blog post was authored byMichael Reeves, CISSP, Cloud and MSP Security Architect read more

Microsoft Issues Exchange Server Updates for Four 0-Day Vulnerabilities Used by Chinese Hafnium APT

Microsoft Issues Exchange Server Updates for Four 0-Day Vulnerabilities Used by Chinese Hafnium APT

by Silviu STAHIE, from HotForSecurity , on 03.03.2021

Microsoft has revealed a new state threat actor, named Hafnium, thatand#8217;s been exploiting previously unknown zero-day vulnerabilities in the on-premises Exchange Server software. A zero-day vulnerability is always a serious matter and usually a good-enough reason for companies to quickly address it with a patch. Microsoft found not one, but four such vulnerabilities in their [and#8230;] read more

Android Security Bulletin: Google Issues Fix for Critical Remote Code Execution Flaw in Android System

Android Security Bulletin: Google Issues Fix for Critical Remote Code Execution Flaw in Android System

by Alina Bizga, from HotForSecurity , on 03.03.2021

This Monday, Google revealed fixes for 37 Android vulnerabilities, including one critical security flaw found in the System component. The announcement is part of Googleand#8217;s 2021 Android Security Bulletin covering the operating system’s security patches. and#8220;Theand#160;severity assessmentand#160;is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform [and#8230;] read more

Next >>