The Annoying MacOS Threat That Won’t Go Away

In two years, the adware-dropping Shlayer Trojan has spread to infect one in 10 MacOS systems, Kaspersky says.

DHS Warns of Increasing Emotet Risk

Emotet is considered one of the most damaging banking Trojans, primarily through its ability to carry other malware into an organization.

NSA Offers Guidance on Mitigating Cloud Flaws

A new document separates cloud vulnerabilities into four classes and offers mitigations to help businesses protect cloud resources.

Deconstructing Web Cache Deception Attacks: They’re Bad; Now What?

Expect cache attacks to get worse before they get better. The problem is that we don't yet have a good solution.

Severe Vulnerabilities Discovered in GE Medical Devices

CISA has released an advisory for six high-severity CVEs for GE Carescape patient monitors, Apex Pro, and Clinical Information Center systems.

Microsoft Patch Alert: January 2020 patches look relatively benign

The big patching problems this month fell at the feet of admins who had to deal with an unholy mess of pressing exposures: Fixing the holes in Microsoft’s RD Gateway (CVE-2020-0610; see Susan Bradley’s Patch Watch, paywalled); dealing with Server 2008 R2 systems that booted to Recovery mode after installing the January patches; scrambling to pick up after breaches in Citrix networking products; or the 334 Oracle security patches. They all took a toll.

To read this article in full, please click here

Ryuk Ransomware Hit Multiple Oil & Gas Facilities, ICS Security Expert Says

Attackers 'weaponized' Active Directory to spread the ransomware.

Weathering the Privacy Storm from GDPR to CCPA & PDPA

A general approach to privacy, no matter the regulation, is the only way companies can avoid a data protection disaster in 2020 and beyond.

To Avoid Disruption, Ransomware Victims Continue to Pay Up

For all the cautions against doing so, one-third of organizations in a Proofpoint survey said they paid their attackers after getting infected with ransomware.

For Mismanaged SOCs, The Price Is Not Right

New research finds security operations centers suffer high turnover and yield mediocre results for the investment they require.