Software Contract Solutions

Menu
Free Introductory Call

cyber security

CISA releases advisory on five Apache HTTP server vulnerabilities affecting Cisco products

by

The government agency urged administrators to review Cisco’s advisory and apply the necessary updates. CISA has released a second advisory about several Apache HTTP server vulnerabilities. Cisco sent out a notice about the vulnerabilities in November, explaining that the Apache Software Foundation disclosed five vulnerabilities affecting the Apache HTTP Server (httpd) 2.4.48 and earlier releases on September 16. The IDs are … Read more

Hackers are targeting this Microsoft Windows Installer flaw, say security researchers

by

The flaw can be exploited to give an attacker administrator rights on a compromised system, despite efforts to fix the problem. Hackers have already created malware in a bid to exploit an elevation of privilege vulnerability in Microsoft’s Windows Installer. Microsoft released a patch for CVE-2021-41379, an elevation of privilege flaw in the Windows Installer component for enterprise … Read more

Why email is still the most significant vector that attackers exploit

by

The impact of the pandemic is spoken about every day. Never before have we had to react to a danger such as COVID. However, we’re now seeing more repercussions develop because of our enforced actions. With the majority of the UK forced to work remotely from home instead of offices, there was a steep rise … Read more

Ransomware demands and payments hit new records

by

Ransomware groups continue to intensify their operations as ransom demands and payments increase alongside use of “quadruple extortion” tactics during first half of 2021. The average ransom paid by victim organisations has increased by 82% since 2020 to a record  $570,000, as cyber criminals intensify their ransomware efforts with increasingly aggressive tactics, according to data … Read more

Feds’ demand for software standards could boost enterprise security

by

An executive order issued in May by the Biden Administration has elevated the status of the software bill of materials, by mandating their use in federal government contracting. Enterprises can look for more transparency from software vendors after the Biden Administration’s recent mandate that software bills of materials be provided by companies attempting to do … Read more

Ransomware recovery: Plan for it now

by

Make a disaster-recovery plan to address ransomware attacks, and start with stopping its spread, IDing the variant and getting ready to get restore your files. If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must … Read more

The threat of single vendor security is too high to ignore

by

Jaws dropped last year when the SolarWinds attack was revealed. The extent of the sophisticated intrusion was breathtaking: the hackers leveraged SolarWinds’ commercial software to infiltrate major firms and top government agencies, exposing sensitive data. Cyber criminals were able to jump from a single compromised laptop to the company’s Active Directory to the Azure Active Directory and … Read more

Avast identifies cryptocurrency scam rises in regions of high adoption

by

Research from Avast Threat Labs has revealed a growth in crypto-based scams in regions where cryptocurrency is growing in popularity, in the first half of 2021. Avast’s threat labs researchers have intercepted and protected users against a rise in phishing sites focused on cryptocurrency scams since the start of the year, with the majority posing … Read more

The hidden costs of ransomware

by

The catalogue of high-profile ransomware attack examples is growing larger and becoming more alarming every day, affecting everything from gas pipelines to transport and technology firms. And as the range of targets for ransomware attacks grows, the average value of ransom payments being demanded by cyber criminals is also skyrocketing. In fact, the average ransom payment was … Read more

DDoS attacks dropped by a third in Q4 2020, compared to Q3 — Kaspersky

by

The number of DDoS attacks detected by Kaspersky was found to have dropped by 31% in Q4 2020, compared to Q3, with the decline believed to be connected to a rise in cryptomining. As online activity increased over the course of 2020, with users staying at home during the Covid-19 pandemic, DDoS attacks surged, with … Read more