With data breaches on the rise, it’s important to limit access to your organization’s sensitive data. A user access review software can help you do so. This article provides you with a comprehensive overview of the 10 best User Access…
Category: Heimdal Security Blog
CISA and FBI Reveal Known Androxgh0st Malware IoCs and TTPs
CISA and FBI released an advisory on Androxgh0st malware IoCs (Indicators of Compromise) and warned about hackers using this threat to steal credentials. The advisory contains: a list of specific Androxgh0st IoCs examples of malicious activities linked to it details…
Akira Ransomware Attacks Surge. Finnish Companies Among Targets
The National Cyber Security Centre Finland announced a surge in Akira ransomware attacks. Threat actors used Akira malware in six out of the seven ransomware attacks reported in December 2023. The attackers used VPNs that lacked multi-factor authentication. They exploited…
White House Revamps Cybersecurity Hiring Strategy
During his initial statements since becoming the National Cyber Director in December, Harry Coker stated that the White House plans to “reduce unnecessary barriers” that federal contractors have while trying to fill cybersecurity positions, such as the need for a…
Comprehensive Guide to Patch Management Templates
We all know that maintaining up-to-date systems is crucial. Patch management plays a vital role in this process. This article serves as a hub for various patch management templates, each designed to streamline and enhance the efficiency of your patch…
How to Create an End-to-End Privileged Access Management Lifecycle
Key takeaways: Why privileged access management requires a continuous approach; The common pitfalls of poor privileged access management; How to create an effective, end-to-end privileged access management lifecycle. Privileged access management (PAM) is an essential tool of any modern cybersecurity…
A Heimdal MXDR Expert on Incident Response Best Practices and Myth Busting
I got to talk to Dragoș Roșioru, a seasoned MXDR expert, about incident response best practices and challenges. Get an in-depth understanding of the do’s and don’ts in incident response as Dragoș explains how to avoid the most common mistakes…
Widespread Vulnerability in SSH Servers: The Terrapin Attack Threat
The Terrapin attack, a newly identified security threat, jeopardizes nearly 11 million SSH servers that are accessible online. Originating from academic research at Ruhr University Bochum in Germany, this attack specifically targets the SSH protocol, affecting both clients and servers.…
Major Data Breach at HealthEC Affects Millions
HealthEC LLC, a leading provider in health management solutions, experienced a significant data breach, impacting approximately 4.5 million individuals. This incident affected patients who received care through one of HealthEC’s client organizations. The company’s population health management platform, used by…
Black Basta Buster Utilizes Ransomware Flaw to Recover Files
Security research and consulting firm SRLabs exploited a vulnerability in the encryption algorithm of a specific strain of Black Basta ransomware to develop and release a decryptor tool named Black Basta Buster. This tool, released in response to the activities…