Russian cybercriminal organization APT28 has been accused of multiple significant brute force attacks by the UK and US cybersecurity agencies in a joint statement, according to Security Affairs. Authorities discovered cybercriminal activities between the middle of 2019 and the beginning of 2021 that targeted many show more ...
government organizations and enterprises around the world, including energy firms, think tanks, and defense contractors. The hackers used a Kubernetes cluster to conduct anonymous brute force attacks, and they went much further to avoid detection by employing Tor and commercial VPN services such as NordVPN, Surfshack, CactusVPN, and... (read more)
LimeVPN was the victim of a data breach that affected 69,400 users and their private data. The company's public and private keys were also compromised. According to statements made by a hacker the stolen database includes billing information, passwords in text files, IP addresses, billing information, and show more ...
usernames among other things. As reported by Threatpost, a PrivacySharks representative acknowledged that there had been a data breach at LimeVPN and that the hacker who grabbed the database had also taken credit for the site's downtime. The company stated, “The hacker informed us that they have the private keys of every user, which is a serious security issue as it means they can easily decrypt every LimeVPN user’s traffic". Cybercriminals can decrypt internet traffic transmitted using LimeVPN and use it in their further operations. Stolen information is marketed... (read more)
Subscribed users on the New Skills Academy Online Learning Platform have been informed by the company of a data breach. In accordance with their notification of this incident, the exact number of users who were affected by the occurrence is still unknown, says Hack Read. The British corporation, situated in show more ...
Hertford, England, is one of the world's most popular online learning platforms. The organization offers 800 courses to 800,000 registered users. The courses include a wide range of topics, including personal development, health and safety, professional growth, technology, business, and a variety of other subjects. In an e-mail sent to its subscribers to notify them of the data breach, the company stated, “We are writing to inform you of an issue which may involve some of our New Skills Academy customers’ account information". “We have been notified that onlin... (read more)
Microsoft identified vulnerabilities in Netgear routers while investigating the device fingerprinting functionality in Microsoft Defender for Endpoint. The company said in a blog post that it worked closely with the Netgear security team to resolve these problems as quickly and effectively as possible. The bug was show more ...
revealed after the management port of the DGN-2200v1 router was trying to be accessed by a device that did not belong to an IT staff member. The researchers investigated whether the connection had any security flaws that may be exploited in a hypothetical attack scenario because the connection had been flagged as abnormal by the machine learning algorithms. Hackers can gain access to the router administration interface without any authentication
Volodymyr Kvashuk, a Microsoft Junior Engineer, devised an inventive plan to generate illicit money by selling Xbox Gift Cards. He was convicted and sentenced to 9 years in prison, as Bloomberg reports. The course also demanded $8.3 million in restitution and will very certainly be deported to its native country, show more ...
Ukraine. Soon after starting a full-time job at Microsoft, Kvashuk got fired. His team's main goal was to mimic Microsoft online purchases in order to uncover any payment problems. All these purchases had to be fake. In a nutshell, these mimicked accounts are nearly always identified as such by the system, and if you attempt to purchase something from their website, such as a new gamepad, you will not receive anything. On the other hand, if you attempt to purchase Xbox Gift Cards, you will obtain a 25-digit code that is completely valid. Even though he... (read more)
A data breach has been reported by QSure insurance company in South Africa. As a result of this incident, sensitive information such as bank account details was stolen by a third party, according to Money Web. Any QSure's client who made any payments via debit cards may be affected by the breach. QSure enlisted show more ...
the assistance of three of the leading cybersecurity firms to conduct an investigation into the security incident. The company stated that they alerted both business and the appropriate regulatory authorities. Moreover, they continue to provide assistance in this regard, while its IT platform has been reconfigured, and all relevant security measures have been implemented. Chief operating officer Ian du Toit stated, “The data relates only to policyholders who are clients of QSure’s customers (insurers and brokers) and includes banking det... (read more)
As new Apple products equipped with M1 CPUs gain popularity among both personal and business consumers, the likelihood of being targeted by new malware types targeting them increases, according to Dark Reading. Cybercriminals have already begun targeting the latest Apple devices and deploying a new generation of show more ...
macOS malware. Security professionals and anti-malware solutions have begun detecting and neutralizing these emerging malware versions. The new Macs and the iPad Pro are now running on the new M1 architecture. The new technology is far faster and more efficient than the previous one, especially since it helps secure the computer from physical access protection and remote exploitation. In response, malware authors redesigned Windows malware to run on the macOS operating system. The growing amount of malware that targets the M1 pl... (read more)
Nord Locker's security analysts found that hackers grabbed 1.2T of sensitive information from over 3 million users between 2018 and 2020, using a trojanized malware that infected over 3 million PCs running Windows. The developers of the unnamed malware gathered information from over 3.25 million Windows PCs. The show more ...
data collected includes over 2 billion cookies and about 26 million credentials associated with 1.1 million email addresses. This virus was distributed by bad actors through cracked applications, including cracked games, a tool for breaking Windows OS license, and even Adobe Photoshop 2018. Another method of distributing the virus... (read more)
Some infosec specialists believe isolated networks do not need additional protection; if threats have no way to get in, why bother? But isolation is not a guarantee of invulnerability. Our experts share several scenarios based on real cases to demonstrate. Our hypothetical enterprise has a subnet isolated with an air show more ...
gap, meaning not only that there is no access to it from the Internet, but that even other segments of the same enterprise’s network can’t reach it. Moreover, in line with the company’s information security policy, the following rules apply: All machines in the segment must use antivirus protection and undergo manual updates once a week (that’s frequent enough for an isolated segment); Every machine’s device control system must prohibit the connection of flash drives except those in the list of trusted devices; Cell phone use on site is prohibited. Nothing out of the ordinary there. What could go wrong? Scenario one: DIY-style Internet connection When a facility loses Internet access, bored employees adopt workarounds. Some get themselves an extra phone, hand in one at the front desk, and connect the second as a modem to get a work computer online. The threat model for this segment does not anticipate network attacks, Internet malware, or other, similar security issues. In reality, not every administrator updates antivirus protection every week, and as a result, cybercriminals can infect one computer with a spyware Trojan, gain network access, and spread the malware over the entire subnet, leaking information until the next antivirus update shuts them out. Scenario two: An exception to every rule Even isolated networks allow for exceptions — trusted flash drives, for example. But with no restrictions on those flash drives’ use, who’s to say a drive won’t be used to copy files to and from the system or for other admin needs in nonisolated parts of the network? What’s more, technical-support staff sometimes connect their laptops to an isolated network, for example to configure network equipment within the segment. If a trusted flash drive or laptop becomes a delivery vector for zero-day malware, the malware’s presence in the target network should be short-lived — once updated, the organization’s nonisolated antivirus will neutralize the threat there. Looking beyond the damage it can do to the main, nonisolated network even in that short time, however, the malware will remain in the isolated segment until that segment’s next update, which in our scenario won’t happen for at least a week. The outcome depends on the malware variant. For example, it might write data to those trusted flash drives. After a short while, another zero-day threat in the nonisolated segment might start searching connected devices for the hidden data and sending it outside the company. Alternatively, the malware’s goal could be some form of sabotage such as altering software or industrial controller settings. Scenario three: Insiders A compromised employee with access to the premises where the isolated network segment is located can deliberately compromise the perimeter. For example, they might connect a miniature Raspberry-Pi-based malicious device to the network, having fitted it with a SIM card and mobile Internet access. The case of DarkVishnya is one such example. What to do In all three cases, a vital detail was missing: an up-to-date security solution. Had Kaspersky Private Security Network been installed in the isolated segment, it would have reacted to and closed down all threats in real time. The solution is essentially an on-premise version of our cloud-based Kaspersky Security Network, but capable of working in a data diode mode. In other words, although local, Kaspersky Privacy Security Network receives information about the latest threats from outside and shares it with endpoint solutions inside. At the same time, it keeps every single byte of data from beyond the isolated perimeter from getting into the global network. You can learn more about the solution on its official page.
The Signal messaging app leapt in popularity in January 2021, when WhatsApp changed its privacy policy. Following Elon Musk’s laconic call to use Signal, millions of users downloaded the app, resulting in temporary technical issues with the service. However, cybersecurity experts have known about Signal for a show more ...
long time, and that’s no wonder; developers have spent years polishing the app’s privacy and security. Here’s what they have achieved and how to make Signal even more secure. Signal features Features available to all Signal users include end-to-end encryption, secure data storage, and the ability to view Signal’s code. End-to-end encryption — a pillar of privacy One of Signal’s indisputable advantages is its default use of end-to-end encryption. That means only the parties chatting with one another can read their texts, and nobody — not even the app’s developers — can listen in on individual or group calls. Using end-to-end encryption is an important way to improve messaging security. In many ways, it was thanks to Signal that end-to-end encryption became so widely used in messaging apps. Even the competing WhatsApp, Facebook Messenger, and Skype use the Signal Protocol for secure communication. But by comparison, Signal encrypts much more data. Unlike Telegram, whose end-to-end encryption works only in so-called secret chats for two users, Signal also encrypts group chats and calls end to end. Moreover, the service does not store group information such as participants, title, and avatar. The developers of Signal also protect chat metadata — extra info about who wrote to whom — which can be no less sensitive than the contents of the chat and is a frequent source of confidential information leaks. Finally, Signal also encrypts user profile info. Only the users you approve (contacts, people you have written to, and those you expressly permit to view your account data) can see your name, avatar, and status. Privacy of contacts and secure enclaves Signal employs so-called secure enclaves, isolated storage on its servers to which even the server owners have no access. It is because of that isolation that you can learn which of your contacts use Signal without disclosing your address book to the developers. The app sends an encrypted request to the enclave; the latter checks your contacts against registered users’ numbers and returns an encrypted response. No other living soul will see the content of your request. Transparency policy As an open-source project, Signal makes its code freely available, so a tech-savvy user can read or build code for Signal’s server software, Android and iOS apps, and desktop versions for Windows, macOS, and Linux, to make sure they contain no backdoors that would provide access to users’ sensitive data. Setting up Signal Beyond the app’s inherent security, Signal lets users opt for greater privacy and security with a variety of settings. Signal PIN You can use a Signal PIN to recover your profile as well as the settings and contacts that you save in the app (i.e., contacts not present in your address book), and the list of your blocked contacts, should you lose your device or reinstall the app. Does that mean your data is actually stored on Signal servers and accessible to developers or hackers ? Yes and no. Yes, the information is really stored on the servers. But no, it can’t be stolen because it is encrypted and kept in the abovementioned secure enclaves — and the only key to it is that PIN, which only you know. The app prompts users to set up a PIN at registration, and you can change yours in the settings. In case you don’t trust the PIN and the enclaves enough, you can deactivate the feature, either during registration or through the settings. If you do so, however, then if you delete the app you will also be deleting all of the data it’s stored on your device, including contacts not in your address book. Also, if you have no PIN, someone else can potentially register in Signal using your phone number, for example using SIM swapping. The same can happen if you haven’t used the number long enough for it to be disconnected and issued to another person. Privacy settings To protect your chats from anyone who happens to handle your smartphone, we recommend activating the screen lock feature in the app settings. Once it’s active, you’ll need to use the same code, fingerprint, or Face ID to access the app as you use to unlock the phone. By default, the app doesn’t lock when you collapse it, so make sure to change that setting. Both Android and iOS users can set a screen lock timeout duration in the privacy settings or choose Instant. Once locked, Signal will require your code, fingerprint, or Face ID each time you switch back to the app. Android users, in addition to relying on an inactivity timeout, can alternatively lock the app manually from the notification bar. The Android version of Signal has another useful privacy feature in the settings: the incognito keyboard. If you turn it on, your smartphone will no longer learn your new and most frequently used words and phrases and prompt you for them on the go — meaning the keyboard app will not process and keep the text you type. The incognito keyboard may not work with some devices, in which case the app will warn you when you try to activate the function. Finally, you may choose whether you want your contacts to see whether you have read an incoming message or are typing text. Similar to other messaging apps, once you deactivate the option, you will no longer receive the same info about other users. Linking devices You can chat in Signal on your smartphone, tablet, and computer at the same time; you just have to link the additional devices to your account. To do that, go to Linked devices and press + to activate the camera and receive a QR code to scan. Next, run Signal on the second device (for example, your PC) and follow the instructions. You’ll see a list of all of your linked devices in the app’s settings. We recommend checking that list from time to time for any unknown devices — that is, unauthorized users. Also don’t forget to unlink any devices you no longer need. Chat backups By default, Signal does not create chat backups, but you can activate the feature so that you can recover your chats if need be. Follow the instructions in the settings, and be sure to save the 30-character password phrase the app creates for you. Lose that and your backup copy becomes useless. Signal stores backup copies on your device, so if you need to recover your data on a new phone, you will still need access to your old device. That means if you lose your smartphone or it breaks, you won’t be able to restore your chats. Advanced settings (for the most cautious) These options will completely conceal your messenger activities from prying eyes. Under Chats, deactivate the retrieval of link previews for your messages. This will prevent Signal from sending an extra Web query to the referenced website, which would otherwise be available to your Internet service provider. In the advanced privacy settings, set voice calls to connect through Signal servers instead of connecting directly to your contact. Doing so hides your IP address, which can prove useful under certain circumstances, although the developers warn it may reduce call quality. Activate a proxy to avoid potential surveillance even more effectively. Here, a proxy is a protective element between your device and the app’s servers (the service website contains detailed instructions). With a proxy, even Signal will know nothing about your IP address. This option will also be of use in countries that block Signal. Final recommendations Now that you’ve guaranteed the privacy of your personal data in Signal, including chats, metadata, and profile information, make sure you’ve also taken steps to prevent unauthorized physical or remote access to your device. Always lock your smartphone, update all of your apps and the operating system in a timely manner, and install a reliable security solution. And for users of other messaging apps, don’t forget to set up Discord and Telegram for maximum security and privacy.
Some of Western Digital’s MyCloud-based data storage devices. Image: WD. Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015, as well as a previously unknown zero-day flaw. But show more ...
there is a similarly serious zero-day flaw present in a much broader range of newer Western Digital MyCloud network storage devices that will remain unfixed for many customers who can’t or won’t upgrade to the latest operating system. At issue is a remote code execution flaw residing in all Western Digital network attached storage (NAS) devices running MyCloud OS 3, an operating system the company only recently stopped supporting. Researchers Radek Domanski and Pedro Ribeiro originally planned to present their findings at the Pwn2Own hacking competition in Tokyo last year. But just days before the event Western Digital released MyCloud OS 5, which eliminated the bug they found. That update effectively nullified their chances at competing in Pwn2Own, which requires exploits to work against the latest firmware or software supported by the targeted device. Nevertheless, in February 2021, the duo published this detailed YouTube video, which documents how they discovered a chain of weaknesses that allows an attacker to remotely update a vulnerable device’s firmware with a malicious backdoor — using a low-privileged user account that has a blank password. The researchers said Western Digital never responded to their reports. In a statement provided to KrebsOnSecurity, Western Digital said it received their report after Pwn2Own Tokyo 2020, but that at the time the vulnerability they reported had already been fixed by the release of My Cloud OS 5. “The communication that came our way confirmed the research team involved planned to release details of the vulnerability and asked us to contact them with any questions,” Western Digital said. “We didn’t have any questions so we didn’t respond. Since then, we have updated our process and respond to every report in order to avoid any miscommunication like this again. We take reports from the security research community very seriously and conduct investigations as soon as we receive them.” Western Digital ignored questions about whether the flaw found by Domanski and Ribeiro was ever addressed in OS 3. A statement published on its support site March 12, 2021 says the company will no longer provide further security updates to the MyCloud OS 3 firmware. “We strongly encourage moving to the My Cloud OS5 firmware,” the statement reads. “If your device is not eligible for upgrade to My Cloud OS 5, we recommend that you upgrade to one of our other My Cloud offerings that support My Cloud OS 5. More information can be found here.” A list of MyCloud devices that can support OS 5 is here. But according to Domanski, OS 5 is a complete rewrite of Western Digital’s core operating system, and as a result some of the more popular features and functionality built into OS3 are missing. “It broke a lot of functionality,” Domanski said of OS 5. “So some users might not decide to migrate to OS 5.” In recognition of this, the researchers have developed and released their own patch that fixes the vulnerabilities they found in OS 3 (the patch needs to be reapplied each time the device is rebooted). Western Digital said it is aware of third parties offering security patches for My Cloud OS 3. “We have not evaluated any such patches and we are unable to provide any support for such patches,” the company stated. A snippet from the video showing the researchers uploading their malicious firmware via a remote zero-day flaw in MyCloud OS 3. Domanski said MyCloud users on OS 3 can virtually eliminate the threat from this attack by simply ensuring that the devices are not set up to be reachable remotely over the Internet. MyCloud devices make it super easy for customers to access their data remotely, but doing so also exposes them to attacks like last month’s that led to the mass-wipe of MyBook Live devices. “Luckily for many users they don’t expose the interface to the Internet,” he said. “But looking at the number of posts on Western Digital’s support page related to OS3, I can assume the userbase is still considerable. It almost feels like Western Digital without any notice jumped to OS5, leaving all the users without support.” Dan Goodin at Ars Technica has a fascinating deep dive on the other zero-day flaw that led to the mass attack last month on MyBook Live devices that Western Digital stopped supporting in 2015. In response to Goodin’s report, Western Digital acknowledged that the flaw was enabled by a Western Digital developer who removed code that required a valid user password before allowing factory resets to proceed. Facing a backlash of angry customers, Western Digital also pledged to provide data recovery services to affected customers starting this month. “MyBook Live customers will also be eligible for a trade-in program so they can upgrade to MyCloud devices,” Goodin wrote. “A spokeswoman said the data recovery service will be free of charge.” If attackers get around to exploiting this OS 3 bug, Western Digital might soon be paying for data recovery services and trade-ins for a whole lot more customers.
Most macOS malware traditionally has been repurposed from Windows malware variants. But the pandemic's pivot to WFH has more provided more lucrative targets for attackers going after businesses.
Due to a different attack vector, Microsoft has broken out a second CVE. The suggested workaround is to disable the print spooler service or disable inbound remote printing through group policy.
Governments worldwide are often playing catch-up against private cyberspace operators in what is poised to become a key arena for defending national interests, the IISS said Tuesday.
Sevco Security today formally launched with $15M in Series A funding led by SYN Ventures, with participation from .406 Ventures, Accomplice, Bill Wood Ventures, and fama Ventures.
In a recent study, a team of researchers from India and Yemen described a novel, two-step cryptography technique – the first to combine genetic technology with mathematical technique.
American intelligence and law enforcement agencies have pointed the finger at a Kremlin-backed hacking crew for a two-year campaign to break into Microsoft Office 365 accounts.
Proofpoint researchers found a new threat enticing users to download malware by masquerading as a “Privacy Tools” service offering a tool that “encrypts” user data using a zip-like utility.
The Babuk ransomware gang’s source code has been uploaded to VirusTotal, making it available to all security vendors and competitors. It’s unclear however just how that happened.
Industrial Control Systems (ICS) are a crucial element of utility plants, factories and other facilities—where they’re used to monitor and control industrial processes across IT-OT networks.
As part of a rather unique encryption procedure, the Diavol ransomware operates using user-mode Asynchronous Procedure Calls (APCs) without a symmetric encryption algorithm.
“The hacker informed us that they have the private keys of every user, which is a serious security issue as it means they can easily decrypt every LimeVPN user’s traffic,” the firm said in a posting.
On its official blog accessible via Tor browser, as seen by Hackread.com, the ransomware operator claims to have “downloaded databases and other important data” belonging to the telecom giant.
CEO Kelly Ahuja says that the proceeds — which bring Versa’s total raised to $196 million — will be put toward scaling the company’s platform and expanding its marketing and global sales teams.
A data breach has been reported by QSure insurance firm in South Africa. As a result of this incident, sensitive information like bank account details were stolen, according to Money Web.
After announcing their exit from the ransomware business in favor of data theft extortion, the Babuk gang appears to have slipped back into their old habit of encrypting corporate networks.
India-based technology startup Salesken.ai has secured an exposed server that was spilling private and sensitive data on one of its customers, Byju’s, an education technology startup.
The security holes can allow an attacker to cause a denial of service (DoS) condition and in some cases even execute arbitrary code by sending specially crafted packets to the targeted device.
Cobalt Strike has become one of the most misused tools in the cybercrime world as a recent report showed a 161% year-pn-year increase in cyberattacks using this tool. This tool is now used by general commodity malware operators rather than espionage threat actors and APTs, which makes it a worrisome threat.
Cybersecurity experts uncovered a spyware campaign leveraging fake dating apps to steal contact details, SMSes, and GPS locations of Indian soldiers. Adversaries have laid down their trap via dating and other instant messaging apps. The criminals, however, don't appear to be running a sophisticated operation.
A report on Hades ransomware group by Accenture Security found no concrete evidence to verify the group's attribution to known threat groups but confirmed that it has targeted victims across multiple sectors. It is possible that the group is quickly changing and adapting its TTPs to baffle security experts.
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the show more ...
broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
This is the Impacket implementation of the PrintNightmare proof of concept originally created by Zhiniang Peng and Xuefeng Li that leverages a privilege escalation vulnerability in the Windows Print Spooler.
Red Hat Security Advisory 2021-2431-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.5.41. Issues addressed include XML injection, cross site request forgery, and denial of service vulnerabilities.
An ongoing brute-force attack campaign targeting enterprise cloud environments has been spearheaded by the Russian military intelligence since mid-2019, according to a joint advisory published by intelligence agencies in the U.K. and U.S. The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the U.K.'s National
Microsoft on Thursday officially confirmed that the "PrintNightmare" remote code execution (RCE) vulnerability affecting Windows Print Spooler is different from the issue the company addressed as part of its Patch Tuesday update released earlier this month, while warning that it has detected exploitation attempts targeting the flaw. The company is tracking the security weakness under the
Google has launched an updated version of Scorecards, its automated security tool that produces a "risk score" for open source initiatives, with improved checks and capabilities to make the data generated by the utility accessible for analysis. "With so much software today relying on open-source projects, consumers need an easy way to judge whether their dependencies are safe," Google's Open
Cybersecurity researchers on Thursday revealed details about a new Mirai-inspired botnet called "mirai_ptea" that leverages an undisclosed vulnerability in digital video recorders (DVR) provided by KGUARD to propagate and carry out distributed denial-of-service (DDoS) attacks. Chinese security firm Netlab 360 pinned the first probe against the flaw on March 23, 2021, before it detected active
In yet another instance of software supply chain attack, unidentified hackers breached the website of MonPass, one of Mongolia's major certificate authorities, to backdoor its installer software with Cobalt Strike binaries. The trojanized client was available for download between February 8, 2021, and March 3, 2021, said Czech cybersecurity software company Avast in a report published Thursday.
Cyber resilience refers to a business’s ability to mitigate damage to its systems, processes and even its reputation. It’s based on the principle that, in the real (and really connected) world, adverse events occur. This could be in the form of a user enabling a breach by providing sensitive information during a show more ...
phishing attack, through a new threat known as a “zero day” being weaponized against a business, or an event of any complexity in between. When it comes to building a cyber resilient business, technology is an important piece. But it’s not the only one. A well-rounded security strategy is also essential. People and processes are key ingredients when it comes to that. Audit checklists are a great place to start when ensuring your business is taking a holistic approach to data security, and so is this revealing conversation with Channel E2E and MSP Alert editor Joe Panettieri and a product marketing expert at OpenText. The two discuss how there’s no silver bullet to all the potential threats to your data security, but how adapting the right mindset can help organizations begin to think about security differently. Our experts cover the “train, block, protect, backup and recover” model and what solutions for each can look like as a part of a real-life security stack. The two touch on the importance of user security training, variables introduced by widespread remote workforces and how backup can undermine ransomware actors. Whether you’re designing a cybersecurity framework for your own business or putting one in place for clients, you won’t want to miss this conversation. The post Podcast: How to build a cyber resilient business appeared first on Webroot Blog.
