Cyberattacks

Annual SolarWinds Study Reveals Opportunities for Business and IT Collaboration in Managing Enterprise Risk Driven by Internal and External Security Threats

SolarWinds IT Trends Report 2021: Building a Secure Future examines how technology professionals perceive the evolving state of risk in today's business environment following internal impact of COVID-19 IT policies and exposure to external breaches. SolarWinds introduces Secure by Design program as a guide for industry-wide approach to help prevent future cyberattacks.
manageengine

Malware alert: The RedXOR and Mamba attacks and how to defend against them

Picture this: It’s a normal day of working from home as usual since the COVID-19 outbreak. After that satisfying cup of coffee, you log in. But something is wrong. No matter how many times you click, your files don’t open. Your screen is frozen and refuses to budge. And then, you see one of the worst nightmares any IT admin can imagine: “Oops, your files have been encrypted. But don’t worry, we haven’t deleted them yet.

pandora fms

Hard reflection on the cyberattack on Kaseya

Imagine being offered an electronic lock for your front door. One that allows you to open the door through a mobile application in the cloud, would you accept it? They promised that they would never lose the key, that with the app your would be able to open the door remotely and even through a webcam in the peephole, the device will be able to recognize your face and welcome you.

N-able

Kaseya VSA Cyberattack: A Statement on Solidarity from N-able CSO Dave MacKinnon

The recent Kaseya VSA cyberattack is an important reminder of how security works best when we approach it as a community. The adversarial pivot to supply chain-based attacks for delivering ransomware underscore the role we all must play in helping to keep each other protected.

splunk

Kaseya, Sera. What REvil Shall Encrypt, Shall Encrypt

When Splunk told me we would have a “breach holiday” theme for the summer, I didn’t think it would be quite so on the nose… For those of you who have been working on this Kaseya REvil Ransomware incident over the weekend, I salute you. We’ve been doing the same. As usual, my team here at Splunk likes to make sure that we have some actionable material before posting a blog, and this time is no different.

Secure Software Development: How to Check Your Code

In May of 2021, a cybercrime organization called DarkSide successfully locked operators of the Colonial Pipeline, which supplies the east coast with 45% of its petroleum fuel, out of their own software system with a type of malware called "ransomware." True to its name, ransomware returns access to your software (in theory) if you pay a ransom. The result-fuel supplies collapsed across the eastern United States, with gas lines, price spikes, and panic. People began hoarding gasoline in states not even served by the Colonial Pipeline. The US government passed emergency legislation. Even DarkSide seemed shocked at the impact of their cyberattack.
dreamfactory

How DreamFactory Prevents SQL Injection Attacks

A SQL injection attack is an attempt to modify the syntax of a SQL query executed in conjunction with a user-initiated action within a software application. Some examples of user-initiated actions include searching for a product within an e-commerce catalog, adding a comment to a blog post, and creating a new user account. In each of these scenarios, the user uses a form to submit input (e.g.

Secure By Design | The CISO Perspective

CDW Technology Vice President & Chief Information Security Officer Ruben Chacon, SolarWinds® CISO and VP, Security Tim Brown, and SolarWinds Head Geek Thomas LaRock talk about what the CISO needs to know to face today’s escalating cybersecurity threats – and what it’s like to be in the “hot seat” when challenges inevitably arise.
bugfender

Web Security Attacks You Must Know - Part 1

As developers, we know the pitfalls of the internet – the gateways that malicious actors can exploit to steal private data, siphon money and generally wreak havoc. But if we’re going to build watertight applications, it’s essential that we keep updating our knowledge base and prepare for every possible assault. In this post, we’re going to discuss five particularly common forms of attack.

splunk

Secure Factory: Time to Step Up for the Manufacturing Industry

The ongoing news of massive cyberattacks on manufacturing and energy companies has been a wake-up call. Operational Technology (OT) Security had not been on the radar of many CISOs and plant managers until they got hit. After reacting in a defensive mode last year it is time to step up with a proactive security strategy including OT. Secure Factory by Splunk helps manufacturing companies better understand and address their unique security challenges.