SMB | Breaking Cybersecurity News | The Hacker News

Regulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses (SMBs) are increasingly subject to strict data protection and security regulations, such as HIPAA, PCI-DSS, CMMC, GDPR, and the FTC Safeguards Rule. However, many SMBs struggle to maintain compliance due to limited IT resources, evolving regulatory requirements, and complex security challenges. Recent data shows there are approximately 33.3 million SMBs in the U.S., and 60% or more are not fully compliant with at least one regulatory standard. That means nearly 20 million SMBs could be at risk of fines, security breaches, and reputational damage. For Managed Service Providers (MSPs), this presents a huge opportunity to expand your service offerings by providing continuous compliance monitoring—helping your clients stay compliant while strengthening their own business. The Role of Continuous Compliance Monitoring Traditional compliance audits have been conducted periodically—ofte...

Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via Lightweight Directory Access Protocol ( LDAP ) and SMB/FTP services. "This pass-back style attack leverages a vulnerability that allows a malicious actor to alter the MFP's configuration and cause the MFP device to send authentication credentials back to the malicious actor," Rapid7 security researcher Deral Heiland said . "If a malicious actor can successfully leverage these issues, it would allow them to capture credentials for Windows Active Directory. This means they could then move laterally within an organization's environment and compromise other critical Windows servers and file systems." The identified vulnerabilities, which affect firmware versions 57.69.91 and earlier, are listed below - CVE-2024-12510 (CVSS score: 6.7) - Pass-back attack via LDAP CVE-202...

Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat (aka ALPHV) operation. "It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses (SMBs), likely through opportunistic attacks that exploit vulnerabilities as the initial access vector," cybersecurity company Morphisec said in a technical report shared with The Hacker News. Written in Rust and capable of targeting both Windows and Linux/ESXi hosts, Cicada3301 first emerged in June 2024, inviting potential affiliates to join their ransomware-as-a-service (RaaS) platform via an advertisement on the RAMP underground forum. A notable aspect of the ransomware is that the executable embeds the compromised user's credentials, which are then used to run PsExec , a legitimate tool that makes it possible to run programs remotely. Cicada3301's similarities with BlackCat also extend t...