๐ Cyber Security Roundup for April 2021
๐ก Newskategorie: IT Security Nachrichten
๐ Quelle: blog.itsecurityexpert.co.uk
- IT teams to implement email filtering
- conduct employee phishing tests
- conduct penetration testing
- review Active Directory password policy
- invest in better endpoint detection and response (EDR) technology, apparently recommending Cylance or VMware Carbon Black
- better protect the internal network and isolate critical systems
- implement offline storage and tape-based backup
- Microsoft Exchange Server breaches more widespread than originally thoughtย data suggests that the breaches may not be limited or targeted at all
- 10 groups now targeting Hafnium Microsoft Exchange vulnerabilitiesย Security company ESET is now tracking 10 different threat groups or otherwise unique clusters of breaches that have used a chain of vulnerabilities Microsoft patched in Exchange Server
- Ransomware may be targeting Microsoftโs Hafnium Exchange Server vulnerabilitiesย The Ransomware, called DoejoCrypt or DearCry, appears to be the latest threat associated with not patching the Hafnium Exchange Server vulnerabilities
- The Microsoft Exchange hack: Microsoft Probes Whether Leak Played Role in Suspected Chinese Hack - The risks and rewards of sharing bug intel
- Microsoft Exchange exploit a possible factor in $50M ransomware attack on Acer
- Reducing Human Error Security Threats with Remote Workforce
- Cybercrime to cost over $10 Trillion by 2025
- The Ransomware Group Tactics which Maximise their Profitability
- HR Strategies to Drive Cybersecurity Culture in the New Normal
- Reasons Why the Security Industry is Protecting the Wrong Thing
- Cyber Security Roundup for March 2021
- FatFace Faces Customer Anger After Controversial Breach Response
- Covid Fraud: ยฃ34.5m Stolen in Pandemic Scams
- Boris Johnson to set up Taskforce in North of England to bolster UKโs Cyber Capacity
- UK School Cyber-Attack affects 40,000 Pupilsโ Email
- Birmingham College falls victim to 'Major Ransomware Attack'
- Banks and Insurers to Face Tough Cyber Stress Tests under Bank of England Plan
- UK Cyber Security Law forcing Energy Companies to Report Hacks not Followed
- Russian Pleads Guilty to Tesla Ransomware Plot
- Australia Cyber Attacks hit Television Channel and Parliament
- FBI Internet Crime Report 2020: Cybercrime Skyrocketed, with Email Compromise Accounting for 43% of Losses
- 2021 Palo Alto Networksย Unit 42 Ransomware Threat Report: 2020 was a Golden Year for Ransomware Gangs
- 2020 Vulnerability Intelligence Report:ย Threat Actors bypassing Shoddy Patching, Targeting Gateways
- Critical Zero-Day Vulnerability in Microsoft Exchange Server (On-Prem)
- Microsoft Patches 88 Vulnerabilities, 14 Rated as Critical
- Microsoft Antivirus Now Automatically Mitigates Exchange Server Vulnerability
- Google Fixes Five Chrome bugs, including One Zero-Day Exploited in the Wild
- Vulnerabilities Could Allow for Bypass of Spectre Mitigations in Linux, Patched
- For the 2nd Time in less than a Year, F5 Announces Critical Vulnerabilities in its Networking Devices
- New, Critical Vulnerability discovered that could let Attackers gain entry to SolarWinds systems