server monitoring software | Breaking Cybersecurity News | The Hacker News

Cyber criminals are becoming more adept, innovative, and stealthy with each passing day. They are now adopting more clandestine techniques that come with limitless attack vectors and are harder to detect. Recently, cyber crooks managed to infiltrate the update mechanism for a popular server management software package and altered it to include an advanced backdoor, which lasts for at least 17 days until researchers discovered it. Dubbed ShadowPad , the secret backdoor gave attackers complete control over networks hidden behind legit cryptographically signed software sold by NetSarang —used by hundreds of banks, media firms, energy companies, and pharmaceutical firms, telecommunication providers, transportation and logistics and other industries—for 17 days starting last month. Important Note — If you are using any of the affected product (listed below), we highly recommend you stop using it until you update them. Hacker Injected Backdoor Through Software Update Mechanism

Are you aware of everything that your users are accessing from your environment? While most of the time, non-work-related Internet browsing is harmless (looking at pictures of cats, online shopping, social media, etc.) there are some instances where you could be an unknowing and unwilling participant in criminal activity. That is, when users hide that activity via the Tor network , or the Dark Net . The Onion Router , better known as " Tor ", an open source project, launched in 2002, is designed to allow a user to browse the Internet anonymously via a volunteer network of more than 5000 relays. It doesn't share your identifying information like your IP address and physical location with websites or service providers. A user that navigate Internet using Tor , it's quite difficult to trace its activities ensuring his online privacy. There are arguably legitimate uses for this technology, such as providing Internet access in repressively regulated countri

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.

Russian Internet traffic, including the domestic one, has continuously been re-routed outside the country due to routing errors by China Telecom , which could result in compromising the security of Russian communications. Internet monitoring service Dyn reported Thursday in a blog post that the apparent networking fault is due to the weakness in the Border gateway protocol (BGP) , which forms the underpinning of the Internet's global routing system. The problem started after the BGP peering agreement signed between the China Telecom and top Russian mobile provider Vimpelcom in order to save money on transit operators, so that some of the domestic traffic may carried over the other's network rather than through a more expensive transit operator. Under this deal, Russian domestic traffic was repeatedly being routed to routers operated by China Telecom. Routing Traffic allows law enforcement agencies and hackers with the ability to monitor. " Unlike other routin