%term

The Rise of Phishing Attacks: How New Domain Extensions Are Fueling Cyber Crime

Dec 6, 2024 By Stu Sjouwerman In KnowBe4

In recent years, the world of cybersecurity has witnessed a concerning trend: a significant increase in phishing attacks. A new study reveals that these attacks have surged by nearly 40% in the year ending August, 2024. What's particularly alarming is the role played by new generic top-level domains (gTLDs) in this spike. While gTLDs like.shop, .top, and.xyz make up only 11% of new domain registrations, they account for a staggering 37% of reported cybercrime domains.

Read Post

KnowBe4

Read more about The Rise of Phishing Attacks: How New Domain Extensions Are Fueling Cyber Crime

Renewtech's Network Configurator: Secure, Custom, and Cost-Effective Networking

Dec 6, 2024 By SecuritySenses In SecuritySenses

Renewtech's network configurator empowers businesses to build secure, tailored and cost-effective network solutions using refurbished equipment from trusted brands like Cisco and HPE. Combining high quality, seamless compatibility and eco-friendly practices, it's the ideal tool for modern IT infrastructure.

Read Post

SecuritySenses

Read more about Renewtech's Network Configurator: Secure, Custom, and Cost-Effective Networking

Crypto trading journals: What are they, and how can they help you?

Dec 6, 2024 By SecuritySenses In SecuritySenses

The trading journal is a very underrated tool in the crypto trading landscape, but the truth is that it can come in handy when navigating such a complex market. Relying on instinct is never enough when investing in cryptocurrencies, and every smart trader knows the importance of having a system in place that allows them to take opportunities when they arise and make proper decisions. A trading journal is an essential part of this system, allowing traders to keep a record of their performance and refine their strategies accordingly, as it captures everything from the trading patterns to the wins and the setbacks.

Read Post

SecuritySenses

Read more about Crypto trading journals: What are they, and how can they help you?

Cybersecurity Content Creation Guide

Dec 6, 2024 By SecuritySenses In SecuritySenses

Every cybersecurity vendor today depends, to some extent, on content marketing to get leads across various channels. "Content" refers to blog posts, ebooks, whitepapers, case studies, explainer videos, LinkedIn posts, etc. Basically, any marketing asset that carries a brand's product message to buyers in a way that they (should) find engaging. Almost every B2B company uses content marketing, but cybersecurity companies spend considerable effort on content because.

Read Post

SecuritySenses

Read more about Cybersecurity Content Creation Guide

What is OAuth configuration, and how can it be implemented on mail servers using DDI Central?

Dec 5, 2024 By DDI Central In ManageEngine

ManageEngine DDI Central now facilitates Open Authorization (OAuth), which can be configured with your organization’s SMTP servers for implementing secure, reliable mail authentication for clients. OAuth provides credential-less authentication for accessing SMTP servers to send emails efficiently. It benefits users in a safe, secure approach to permitting third-party applications to access users’ SMTP servers without using their credentials.

Read Post

ManageEngine

Read more about What is OAuth configuration, and how can it be implemented on mail servers using DDI Central?

One Identity Named Winner of the Coveted Top InfoSec Innovator Awards for 2024

Dec 5, 2024 By One Identity In One Identity

One Identity named Hot Company: Privileged Access Management (PAM) in 12th Cyber Defense Magazine's Annual InfoSec Awards during CyberDefenseCon 2024.

Read Post

One Identity

Read more about One Identity Named Winner of the Coveted Top InfoSec Innovator Awards for 2024

Top tips: 4 ways to secure your operational technology infrastructure against security threats

Dec 5, 2024 By General In ManageEngine

Top tips is a weekly column where we highlight what’s trending in the tech world and list ways to explore these trends. This week, we explore four ways organizations can secure their OT environment. Operational technology (OT) has evolved from largely manual processes to digital, automated, and data-driven processes in recent years. As more industrial processes go digital, organizations in this sector now face a vastly expanded attack surface.

Read Post

ManageEngine

Read more about Top tips: 4 ways to secure your operational technology infrastructure against security threats

Weekly Cyber Security News 05/12/2024

Dec 5, 2024 By Kevin In ionCube24

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Say that again, $7K per month!? OK…

Read Post

ionCube24

Read more about Weekly Cyber Security News 05/12/2024

The @Solana/web3.js Incident: Another Wake-Up Call for Supply Chain Security

Dec 5, 2024 By Tom Abai In Mend

On December 2, 2024, the Solana community faced a significant security incident involving the @solana/web3.js npm package, a critical library for developers building on the Solana blockchain with over 450K weekly downloads. This blog post aims to break down the attack flow, explore how it happened, and discuss the importance of supply chain security.

Read Post

Mend

Read more about The @Solana/web3.js Incident: Another Wake-Up Call for Supply Chain Security

Exploited! NuPoint Unified Messaging (NPM) Component of Mitel MiCollab

Dec 5, 2024 By Nethanel Gelernter In IONIX

The NuPoint Unified Messaging (NPM) module in Mitel MiCollab versions up to 9.8 SP1 FP2 (9.8.1.201) is vulnerable to a path traversal attack caused by insufficient input validation. This vulnerability could be exploited by an unauthenticated attacker to gain unauthorized access to sensitive files, potentially allowing them to read, alter, or delete user data and critical system settings. The Mitel MiCollab Arbitrary File Read Vulnerability combines CVE-2024-41713 with another yet-to-be-assigned issue.

Read Post