The StormCloud Chinese threat group used a compromised Internet Service Provider (ISP) to distribute malware that spoofed software updates. The attackers exploited a vulnerable HTTP software system that failed to authenticate digital signatures. The DNS spoofing campaign impacted Windows and…
Tag: Heimdal Security Blog
EDR Implementation: Essential Features, Considerations, And Best Practices
Today’s organizations rely on a more diverse array of devices than ever before. From laptops to desktops, smartphones to smart devices, IoT and more… the list goes on. This leaves a huge cybersecurity risk for those organizations that can’t inventory,…
10 Best Fortinet Competitors and Alternatives
While Fortinet offers strong endpoint protection and good integration, it has a few drawbacks including management complexities and also lacks OS compatibility checks. This article reviews the top 10 competitors and alternatives to Fortinet, showcasing options that might provide better…
MSSP vs. SOC – Key Considerations When Deciding Your Strategy
For many cybersecurity professionals, there comes a time when you need to weigh up outsourcing security to a Managed Security Service Provider (MSSP), versus keeping those tasks in-house by building your own Security Operations Center (SOC). So, we will be…
Sitting Ducks DNS Attacks Used to Hijack Over 35,000 Domains
More than 35,000 registered domains have been hijacked by threat actors in so-called Sitting Ducks attacks that allow claiming a domain without having access to the owner’s account at the DNS provider or registrar. Cybercriminals utilize inadequate ownership verification at…
8 EDR Best Practices You Need to Pay Attention to in 2024
Endpoint detection and response (EDR) is one of the most important and fundamental cybersecurity products on the market. Effectively, it acts as a modern-day, cloud-based defense against viruses, malware, and a whole range of other real-time cyber threats. And of…
Hackers Exploit Vmware ESXi Vulnerability in Ransomware Attacks
Microsoft researchers revealed that ransomware threat groups exploit the VMware ESXi vulnerability CVE-2024-37085 for mass encryption. The researchers discovered the VMware ESXi authentication bypass vulnerability on June 25. After that, VMware released a fix in the ESXi 8.0 U3 version.…
DigiCert Revokes 83,267 TLS Certificates Due to DNS Check Problem
DigiCert announced they’ll revoke 83,267 SSL/TLS certificates impacting 6,807 subscribers due to an issue of DNS-based validation. The Certificate Authority organization required the affected customers to reissue their certificates within 24 hours. Then set the deadline for August 3rd, to…
The Most Common DNS Security Risks in 2024 (And How to Mitigate Them)
DNS security risks are everywhere, and the stats show it too. A 2021 IDC survey of over 1,100 organizations across North America, Europe, and the Asia Pacific revealed that 87% had encountered DNS attacks. The average cost per attack was…
8 Benefits of Endpoint Detection & Response (EDR) You Should Know [2024]
Did you know, the average employee today uses 2.5 devices to carry out their work? Across businesses, this can add up to hundreds or even thousands of bits of kit. One 2021 study in the UK found two-thirds of large…