The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: enterprise security

Solution Providers Can Now Add Incident Response to Their Services Portfolio For Free

Solution Providers Can Now Add Incident Response to Their Services Portfolio For Free

June 17, 2020The Hacker News
The Incident Response (IR) services market is in accelerated growth due to the rise in cyberattacks that result in breaches. More and more organizations, across all sizes and verticals, choose to outsource IR to 3rd party service providers over handling security incidents in-house. Cynet is now launching a first-of-its-kind offering, enabling any Managed Security Provider (MSP) or Security Integrator (SI) to add Incident Response to its services portfolio, without building an in-house team of incident responders, by using Cynet's IR team and technology at no cost. Managed Service providers interested to add Incident Response to their service portfolio with no investment in people or technology can apply here . As cyber threats grow in sophistication and volume, there is an increasing number of cases in which attackers succeed in compromising the environments they target. This, in turn, fuels a rapidly growing demand for IR technologies and services. Since in most cases
Warning: Citrix ShareFile Flaw Could Let Attackers Steal Corporate Secrets

Warning: Citrix ShareFile Flaw Could Let Attackers Steal Corporate Secrets

May 05, 2020Swati Khandelwal
Since the past few weeks, software giant Citrix has privately been rolling out a critical software update to its enterprise customers that patches multiple security vulnerabilities affecting Citrix ShareFile content collaboration platform. The security advisory—about which The Hacker News learned from Dimitri van de Giessen , an ethical hacker and system engineer—is scheduled to be available publicly later today on the Citrix website . Citrix ShareFile is an enterprise-level file sharing solution for businesses using which employees can securely exchange proprietary and sensitive business data with each other. The software offers an on-premises secure cloud environment for data storage with auditing capabilities and regulatory compliance controls. For example, a company can remotely lock or wipe data from potentially compromised mobile devices, or they're when lost or stolen. The newly identified security issues ( CTX-CVE-2020-7473 ) specifically affect customer-managed o
Researcher Discloses 4 Zero-Day Bugs in IBM's Enterprise Security Software

Researcher Discloses 4 Zero-Day Bugs in IBM's Enterprise Security Software

April 21, 2020Swati Khandelwal
A cybersecurity researcher today publicly disclosed technical details and PoC for 4 unpatched zero-day vulnerabilities affecting an enterprise security software offered by IBM after the company refused to acknowledge the responsibly submitted disclosure. The affected premium product in question is IBM Data Risk Manager (IDRM) that has been designed to analyze sensitive business information assets of an organization and determine associated risks. According to Pedro Ribeiro from Agile Information Security firm, IBM Data Risk Manager contains three critical severity vulnerabilities and a high impact bug, all listed below, which can be exploited by an unauthenticated attacker reachable over the network, and when chained together could also lead to remote code execution as root. Authentication Bypass Command Injection Insecure Default Password Arbitrary File Download Ribeiro successfully tested the flaws against IBM Data Risk Manager version 2.0.1 to 2.0.3, which is not the la
CISA Warns Patched Pulse Secure VPNs Could Still Expose Organizations to Hackers

CISA Warns Patched Pulse Secure VPNs Could Still Expose Organizations to Hackers

April 17, 2020Ravie Lakshmanan
The United States Cybersecurity and Infrastructure Security Agency (CISA) yesterday issued a fresh advisory alerting organizations to change all their Active Directory credentials as a defense against cyberattacks trying to leverage a known remote code execution (RCE) vulnerability in Pulse Secure VPN servers—even if they have already patched it. The warning comes three months after another CISA alert urging users and administrators to patch Pulse Secure VPN environments to thwart attacks exploiting the vulnerability. "Threat actors who successfully exploited CVE-2019-11510 and stole a victim organization's credentials will still be able to access — and move laterally through — that organization's network after the organization has patched this vulnerability if the organization did not change those stolen credentials," CISA said. CISA has also released a tool to help network administrators look for any indicators of compromise associated with the flaw.
Webinar: How MSSPs Can Overcome Coronavirus Quarantine Challenges

Webinar: How MSSPs Can Overcome Coronavirus Quarantine Challenges

April 14, 2020The Hacker News
The Coronavirus quarantine introduces an extreme challenge for IT and Security teams to maintain secure environments during the mass transition of employees working remotely and the surge in cyberattacks targeting its inherent security weaknesses. In a webinar for security service providers taking place on April 22nd ( register here ), a leading MSSP will share how they conquer and overcome the coronavirus quarantine challenges to grow their customer base. The webinar sheds light on the opportunities and challenges this new reality introduces to MSSPs from the perspective of a leading Canadian MSSP. While it might sound strange to discuss the opportunities Coronavirus brings, especially with the changes it imposes on the IT environment, but it does bring a shift in priorities. It turns out that cyber threats that were normally considered a reasonable risk to contain, suddenly become regarded as a critical need to address. Thus, organizations that did not have advanced threat
How to Provide Remote Incident Response During the Coronavirus Times

How to Provide Remote Incident Response During the Coronavirus Times

March 24, 2020The Hacker News
While the Coronavirus pandemic continues to strike chaos across the global economies, threat actors keep on launching cyberattacks on organizations from all sizes and verticals. IR providers face a unique challenge when approached by these organizations since, due to the Coronavirus mass quarantine, conducting incident response engagements by arriving physically to the customers' offices is impossible. Cynet 360, a tool of choice for a number of IR providers (offered to IR providers for free), enables responders to compensate on the lack of physical access with the ability to conduct a full IR operation remotely ( learn more here ) by seamless and rapid remote deployment, complete visibility into the attacked organization's environment, automated threat detection, and integrated MDR services. Attackers always seek easy opportunities, and it's no wonder many threat actors take advantage of the current mayhem of the Coronavirus pandemic to increase their attacks'
U.S. Charges Huawei with Stealing Trade Secrets from 6 Companies

U.S. Charges Huawei with Stealing Trade Secrets from 6 Companies

February 14, 2020Ravie Lakshmanan
The US Department of Justice (DoJ) and the Federal Bureau of Investigation (FBI) charged Huawei with racketeering and conspiring to steal trade secrets from six US firms, in a significant escalation of a lawsuit against the Chinese telecom giant that began last year. Accusing Huawei and its affiliates of "using fraud and deception to misappropriate sophisticated technology from US counterparts," the new charges allege the company of offering bonuses to employees who obtained "confidential information" from its competitors. The indictment adds to a list of two other charges filed by the US government last year, including violating US sanctions on Iran and stealing technology from T-Mobile — called Tappy — that's used to test smartphone durability. The development is the latest salvo fired by the Trump administration in its year-long fight against the networking equipment maker, which it deems a threat to national security. "The misappropriated
Cynet Empowers IT Resellers and Service Providers to Become Fully Qualified MSSPs

Cynet Empowers IT Resellers and Service Providers to Become Fully Qualified MSSPs

January 29, 2020The Hacker News
As cyber incidents increase in scope and impact, more and more organizations come to realize that outsourcing their defenses is the best practice—significantly increasing the Managed Security Service Provider (MSSP) market opportunities. Until recently, IT integrators, VARs, and MSPs haven't participated in the growing and profitable MSSP market as it entailed massive investments in building an in-house skilled security team. However, this is beginning to change as a result of certain security vendors, like Cynet, that provide a purpose-built partner offering that enables IT integrators, VARs, and MSPs to provide managed security service with zero investment in hardware or personnel. Their offering includes a 24/7 SOC that trains and supports the partner's existing team and a security platform that consolidates and automates breach protection (including endpoint, user, and network security), making it simple to operate by any IT professional. To learn more about th
Broadening the Scope: A Comprehensive View of Pen Testing

Broadening the Scope: A Comprehensive View of Pen Testing

January 16, 2020The Hacker News
Penetration tests have long been known as a critical security tool that exposes security weaknesses through simulated attacks on an organization's IT environments. These test results can help prioritize weaknesses, providing a road-map towards remediation. However, the results are also capable of doing even more. They identify and quantify security risk, and can be used as a keystone in cybersecurity policies. The same can be said about broader penetration testing practices. Organizations gain real value from learning about others' penetration testing experiences, trends, and the role they play in today's threat landscape. The world of pen testing can be an interesting balance of open collaboration and closely guarded privacy. While pen testers may engage in teaming exercises, or happily talk technique when they attend Black Hat, most organizations are extremely reluctant when it comes to discussing their pen testing practices and results. Of course, confidentia
Download Ultimate 'Security for Management' Presentation Template

Download Ultimate 'Security for Management' Presentation Template

January 14, 2020The Hacker News
There is a person in every organization that is the direct owner of breach protection. His or her task is to oversee and govern the process of design, build, maintain, and continuously enhance the security level of the organization. Title-wise, this person is most often either the CIO, CISO, or Directory of IT. For convenience, we'll refer to this individual as the CISO. This person is the subject-matter expert in understanding the standard set of active cyber risks, benchmarking to what degree the organization's exposure influences potential impact. They then take appropriate steps to ensure the major risks are addressed. On top of being engaged 24/7 in the organization's actual breach protection activity, the CISO has another critical task: to articulate the risks, potential impacts and appropriate steps to take to the company's management – or in other words, they must effectively translate security issues for non-security-savvy executives in a clear and busi
Top 5 Cybersecurity and Cybercrime Predictions for 2020

Top 5 Cybersecurity and Cybercrime Predictions for 2020

December 03, 2019The Hacker News
We distilled 30 independent reports dedicated to cybersecurity and cybercrime predictions for 2020 and compiled the top 5 most interesting findings and projections in this post. Compliance fatigue will spread among security professionals Being a source of ongoing controversy and debate, the California Consumer Privacy Act (CCPA) was finalized on 11th January 1, 2019. Driven by laudable objectives to protect Californians' personal data, prevent its misuse or unconsented usage by unscrupulous entities, the law imposes formidable monetary penalties of up to $7,500 per intentional violation and $2,500 per unintentional violation. The Act is enforceable against organizations that process or handle personal data of California residents, regardless of the geographical location of the former. Akin to the EU GDPR, data subjects are empowered with a bundle of rights to control their personal data and its eventual usage. The pitfall is that if every US state introduces its own s
The Comprehensive Compliance Guide (Get Assessment Templates)

The Comprehensive Compliance Guide (Get Assessment Templates)

November 13, 2019The Hacker News
Complying with cyber regulations forms a significant portion of the CISO's responsibility. Compliance is, in fact, one of the major drivers in the purchase and implementation of new security products. But regulations come in multiple different colors and shapes – some are tailored to a specific vertical, while others are industry-agnostic. Some bare explicit consequences for failing to comply, while others have a more guidance-like nature. The Comprehensive Security Guide (download here) , for the first time, provides security executives with a single document that gathers standardized and easy to use templates of all main compliance frameworks: PCI-DSS, HIPAA, NIST Cyber Security Framework and GDPR. Employing an independent auditor is the common practice to ensure one complies with the desired regulation. However, before having an external auditor excavating through the organizations' security stack internals, it makes sense for the security stakeholders to independ
PPT Template: Build Your 2020 Security Plan

PPT Template: Build Your 2020 Security Plan

November 05, 2019The Hacker News
The end of the year is coming, and it's time for security decision-makers to make plans for 2020 and get management approval. Typically, this entails making a solid case regarding why current resources, while yielding significant value, need to be reallocated and enhanced. The Definitive2020 Security Plan PPT Template is built to simplify this task, providing security decision-makers with an off-the-shelf tool to clearly and easily present their plans and insights to management. While many security decision-makers have the tools and expertise to build their case technologically, effectively communicating their conclusions to the organization's management is a different challenge. Management doesn't think in terms of malware, identity compromise, or zero-day exploits, but in terms of monetary loss and gain: Would investment A in a security product reduce the likelihood of cyberattack derived downtime? Would outsourcing a certain security functionality to a service
Cynet 360: The Next Generation of EDR

Cynet 360: The Next Generation of EDR

September 24, 2019The Hacker News
Many organizations regard Endpoint Detection and Response (EDR) as their main protection against breaches. EDR, as a category, emerged in 2012 and was rapidly acknowledged as the best answer to the numerous threats that legacy AV unsuccessfully struggled to overcome – exploits, zero-day malware and fileless attacks are prominent examples. While there is no dispute on EDR's efficiency against a significant portion of today's advanced threats, a new breed of "next-generation EDR" solutions are now available ( learn more here ) which on top of featuring all EDR capabilities, go beyond this to protect against prominent attack vectors that EDR does not cover such as those involving users and networks. "Many people unknowingly mix two different things – endpoint protection and breach protection," explained Eyal Gruner, co-Founder of Cynet (a next-generation EDR solution). "It's perfectly true that many attacks start at the endpoint and involve mali
How Cloud-Based Automation Can Keep Business Operations Secure

How Cloud-Based Automation Can Keep Business Operations Secure

September 16, 2019The Hacker News
The massive data breach at Capital One – America's seventh-largest bank, according to revenue – has challenged many common assumptions about cloud computing for the first time. Ironically, the incident, which exposed some 106 million Capital One customers' accounts , has only reinforced the belief that the cloud remains the safest way to store sensitive data. "You have to compare [the cloud] not against 'perfect' but against 'on-premises.'" Ed Amoroso, a former chief security officer at AT&T, told Fortune magazine this week. He wasn't the only voice defending cloud computing in the wake of a hack attack. In an article titled "Don't Doubt the Cloud," Fortune columnist Robert Hackett , wrote: "The cloud is undeniably convenient and, more importantly, better in terms of security than what the majority of companies can achieve alone." The problem, experts said, was not cloud computing but rather the tendency for
CISO Kit — Breach Protection in the Palm of Your Hand

CISO Kit — Breach Protection in the Palm of Your Hand

September 11, 2019The Hacker News
CISOs and CIOs need to know better than anyone the security pulse of their organizations. On the other hand, they cannot be flooded with every changing detail. Finding the right balance that enables them to clearly grasp the big picture required in making sound decisions is a task many security executives find challenging. Threat actors do not acknowledge off-hours or weekends, introducing the need for constant vigilance. Moreover, CIOs and CISOs are heavily dependent on their team for knowledge and often lack the immediate interaction with the events in real-time. This situation is also far from favorable – after all, who if not the security executive should have the ability to be in-the-know and initiate action at the heart of things? Cynet rises to this challenge with the recently launched Cynet Dashboard application, which provides 24/7 insight into the overall security posture, real-time visibility into newly detected threats, and the ability to take rapid action if the nee
Engage Your Management with the Definitive 'Security for Management' Presentation Template

Engage Your Management with the Definitive 'Security for Management' Presentation Template

July 16, 2019The Hacker News
In every organization, there is a person who's directly accountable for cybersecurity. The name of the role varies per the organization's size and maturity – CISO, CIO, and Director of IT are just a few common examples – but the responsibility is similar in all places. They're the person who understands the risk and exposure, knows how prepared the team and most important – what the gaps are and how they can be best addressed. Apart from actually securing the organization – and losing some sleep over it – this individual has another equally important task: to communicate the security risk, needs, and status to the company's management. After all, the level of security rises in direct proportion to the amount of invested resources, and management people are the ones who decide and allocate them. Since management people are not typically cybersecurity savvy, engaging them can be challenging – one must find the balance between high-level explanations, a direct c
Exclusive Offers

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.