Tech Target

GitHub 2FA plan adds SMS, account lockout safeguards

GitHub has added SMS support and fresh account lockout prevention features to its phased rollout plans as it prepares to implement a 2FA requirement for accounts beginning Monday.

Threat vectors converging, increasing damage

The threat intelligence vendor Flashpoint warned that threat actors are increasingly combining known vulnerabilities, stolen credentials, and exposed data to wreak maximum damage.

Russia continues to set cyber sights on NATO nations

A new report, titled "Fog of War: How the Ukraine conflict transformed the cyber threat landscape," offers insights involving the Russian invasion from two of Google's groups -- TAG as well as Trust and Safety -- and subsidiary Mandiant.

Update: POC exploit released for VMware vRealize Log Insight vulnerabilities

Updates for the vulnerabilities are available for VMware vRealize Log Insight in the form of version 8.10.2. VMware also published workarounds as an alternative for affected customers.

Schools don't pay, but ransomware attacks still increasing

The COVID-19 pandemic incentivized the use of virtual platforms for students to attend school remotely, which broadened the attack surface and presented a goldmine of sensitive information belonging to educators and students.

Contractor error led to Baltimore schools ransomware attack

A 2020 ransomware attack against Baltimore County Public Schools began with a contractor error, according to a report released Monday by Maryland's Office of the Inspector General for Education.

Vulnerable software, low incident reporting raises risks

Beneath the buzz around tech innovations at CES were discussions about cybersecurity and how to prevent the next generation of tech from being just as vulnerable as the last.

What is Triple DES and why is it being disallowed?

Triple Data Encryption Algorithm is used widely across many industries and in many popular network protocols to encrypt data at rest and data in motion. NIST deprecated the algorithm in 2018, however, and Triple DES use will be disallowed after 2023.

December ransomware disclosures reveal high-profile victims

While the number of ransomware attacks disclosed and reported in December did not increase from the previous month, many victims were high-profile companies such as cloud service provider Rackspace.

Many Exchange servers still vulnerable to ProxyNotShell flaw

Approximately 60,000 IP addresses with internet-facing Exchange Server instances are still vulnerable to ProxyNotShell flaw CVE-2022-41082, according to cybersecurity nonprofit Shadowserver Foundation.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags