ESET joins ranks as a CVE Numbering Authority (CNA)

Working in concert with the Common Vulnerabilities and Exposures (CVE®) Program, ESET, the leading Europe-based endpoint protection platform vendor, is authorized by the CVE Program as a CVE Numbering Authority (CNA). Organizations designated as CNAs are responsible for the assignment of CVE IDs to vulnerabilities, and for creating and publishing information about the vulnerability in … More ESET joins ranks as a CVE Numbering Authority (CNA)

Authorities remove web shells from compromised Exchange servers

Law enforcement steps in to thwart attacks leveraging the recently-disclosed Microsoft Exchange Server vulnerabilities. The United States’ Federal Bureau of Investigation (FBI) has carried out a court-approved operation to “copy and remove” malicious web shells from hundreds of systems across the US that were compromised through the mass exploitation of zero-day flaws in Microsoft Exchange … More Authorities remove web shells from compromised Exchange servers

Vengeful IT worker gets jail time for deleting company’s Microsoft user accounts

The company was left to deal with three months’ worth of IT problems. An IT contractor has been sentenced to two years in prison and ordered to pay $567,000 in restitution to cover the damage he caused by deleting the majority of a company’s Microsoft Office 365 user accounts in an act of revenge, according … More Vengeful IT worker gets jail time for deleting company’s Microsoft user accounts

Attacks targeting IT firms stir concern, controversy

The Exaramel backdoor, discovered by ESET in 2018, resurfaces in a campaign hitting companies that use an outdated version of a popular IT monitoring tool. France’s national cybersecurity agency ANSSI has disclosed details about an intrusion campaign targeting IT services firms that run the Centreon IT resource monitoring tool. The attacks are thought to have stayed under … More Attacks targeting IT firms stir concern, controversy

Positioning your cybersecurity investment for a remote workforce: Tier 3 – Tailor-fit protection for specific business use cases

With a managed network in place in tier two, a lot has been done to secure your endpoints from attack. However, some businesses will need to assess whether the protection that has been achieved thus far is adequate to safeguard business data that has critical value, or is highly sensitive or highly regulated. In the third … More Positioning your cybersecurity investment for a remote workforce: Tier 3 – Tailor-fit protection for specific business use cases