If your business has servers running versions 8.x, 7.x, or 6.x of the Drupal content management system, you may want to double-check that you’ve installed the most recent patch. Researchers with Netlab 360, a China-based cybersecurity company, have discovered that the Drupalgeddon2 (CVE-2018-7600) vulnerability is actively exploiting unpatched Web servers.
Cybersecurity has taken the forefront on the global stage, and it’s more important than ever for companies to protect their sensitive data. Challenges such as bring your own device (BYOD), shadow IT, and social engineering further complicate the everyday cyberthreat. Look here for the latest news and best practices that can help you reduce your organization’s risk.
A case brought against Microsoft in 2013 by the U.S. government has reached its conclusion today, as the Supreme Court declared the case moot. The preliminary opinion, published on April 17, 2018, follows the passage of the omnibus spending bill, which the president signed on March 23. Buried within the 2,232-page spending package was The […]
This has not been a great year for social media giant Facebook: the Cambridge Analytica scandal, congressional hearings over privacy practices, and the lead-up to the European Union’s General Data Protection Regulation rollout have thrust the company’s data collection practices into the spotlight. Not an enviable position for a company whose revenue model is based […]
As if you needed another reason to keep your kids away from your work-issued or small business machines. Cybersecurity firm Avast has discovered some basic, yet insidious, malware for the incredibly popular game Minecraft. According to its report, almost 50,000 accounts are infected.
On April 17, 2018, a group of 34 tech companies signed onto the Cybersecurity Tech Accord. A press release posted to the landing page of their website calls the pledge “a watershed agreement” among the companies, including Microsoft, Facebook, HP, and Nokia, to name a few. The accord is an attempt for these companies, whose […]
It appears that malware-infested Android apps are no longer relegated to third-party marketplaces. As reported by Dan Goodin with Ars Technica, Lookout Mobile Security discovered mobile advanced persistent threats (mAPTs) in three apps that were available from the Google Play marketplace. The malware found in these apps, which Goodin refers to as “nation-state style surveillance […]
On April 10, 2018 AMD’s Senior Vice President and Chief Technology Officer Mark Papermaster announced that the company has released patches for the Spectre (Variant 2) vulnerability. This patch requires both “microcode updates from original equipment manufacturers (OEM) and motherboard partners” and a fully updated version of Windows. These fixes cover AMD processors dating “to […]
If you live in New York City, it’s time for you to start feeling safer online. Mayor de Blasio recently launched a new cybersecurity initiative called NYC Secure. The program, led by the New York City Cyber Command (NYC3), is aimed at protecting New Yorkers online. It’s the first program of its kind launched by […]
The data-stealing malware FormBook made a large impact on the U.S. and South Korean aerospace, defense, and manufacturing sectors last summer. Now, researchers at Menlo Security are reporting another wave of FormBook attacks directed at the financial and information services sectors in the United States and Middle East. These new attacks have the same outcome, […]
It’s becoming increasingly difficult not to focus on the next big data breach when there seems to be a new one every day. Especially now, with the deadline for General Data Protection Regulation (GDPR) compliance less than 2 months away, companies that handle sensitive data as a matter of business are opening themselves to serious […]