All you need to know about preventing adversaries from exploiting the recently disclosed vulnerabilities in the Thunderbolt interface. In May 2020, Björn Ruytenberg, a computer security researcher at the Eindhoven University of Technology in the Netherlands, announced the discovery of Thunderspy, a series of vulnerabilities in the Thunderbolt technology and interrelated scenarios for changing – including disabling – … More Thunderspy attacks: What they are, who’s at greatest risk and how to stay safe
A hack-and-extort campaign takes aim at poorly secured databases replete with customer information that can be exploited for further attacks. A number of e-commerce websites from multiple continents have had their customer databases stolen, with an unknown seller offering at least 1.62 million rows of personal records for sale on a public website. The online … More Crooks threaten to leak customer data stolen from e‑commerce sites
What are exploit kits? Unwary internet users may not realize that in the course of normal browsing they can be exposed to malicious exploit kits that lurk on some websites. Exploit kits consist of malicious code to exploit one or more potential vulnerabilities in common web browsing and document viewing software. More sophisticated exploit kits … More Exploit kits: What are they and what is an exploit blocker?
The infamous vulnerability has been exploited for a cryptocurrency mining campaign, but more damaging attacks may still be in store. Ever since it was discovered six months ago, the BlueKeep vulnerability has had (not only) the cybersecurity community concerned about impending WannaCryptor-style attacks. Earlier in November, Microsoft together with security researchers Kevin Beaumont and Marcus Hutchins shed light on … More First BlueKeep attacks prompt fresh warnings
Attention-grabbing cyberattacks that use fiendish exploits are probably not the kind of threat that should be your main concern – here’s what your organization should focus on instead. When we hear about breaches, we assume that attackers used some never-before-seen, zero-day exploit to breach our defenses. This situation is normally far from the truth. While … More What you may be getting wrong about cybersecurity