'

Critical ConnectWise ScreenConnect flaw exploited in the wild

Critical ConnectWise ScreenConnect flaw exploited in the wild

A critical vulnerability patched this week in the ConnectWise ScreenConnect remote desktop software is already being exploited in the wild. Researchers warn that it’s trivial to exploit the flaw, which allows attackers to bypass authentication and gain remote code execution on systems, and proof-of-concept exploits already exist. ScreenConnect is a popular remote support tool with … Read more

Adarma Collaborates with Scottish Enterprise to Unveil Neurodiversity Strategy

Adarma Collaborates with Scottish Enterprise to Unveil Neurodiversity Strategy

Adarma has today announced its neurodiversity strategy in partnership with Scottish Enterprise, Scotland’s national economic development agency. The strategy supports Adarma’s continued commitment to attract, support, and empower people from diverse backgrounds into the cybersecurity sector, which will help combat the well-documented skills shortage in the cybersecurity sector. Adarma employs over 300 people and believes … Read more

Critical ScreenConnect Flaw Under Active Exploitation

Critical ScreenConnect Flaw Under Active Exploitation

Attackers are actively exploiting the critical authentication bypass in the ConnectWise ScreenConnect software disclosed on Monday and there is now proof-of-concept exploit code available for the flaw, as well. The flaw affects all versions of ScreenConnect below 23.9.8 and researchers who’ve analyzed it found that the bug is quite easy to exploit, and there are … Read more

Categories duo

Hackers using stolen credentials to launch attacks as info-stealing peaks

Hackers using stolen credentials to launch attacks as info-stealing peaks

Attackers prefer compromised valid accounts over phishing or any other infection methods to gain access into victim environments, according to an IBM report. “As defenders increase their detection and prevention capabilities, attackers are finding that obtaining valid credentials is an easier route to achieving their goals, considering the alarming volume of compromised yet valid credentials … Read more

Navigating NIS2 requirements with Microsoft Security solutions

Navigating NIS2 requirements with Microsoft Security solutions

The Network and Information Security Directive 2 (NIS2) is a continuation and expansion of the previous European Union (EU) cybersecurity directive introduced back in 2016. With NIS2, the EU expands the original baseline of cybersecurity risk management measures and reporting obligations to include more sectors and critical organizations. The purpose of establishing a baseline of … Read more

Is hybrid encryption the answer to post-quantum security?

Is hybrid encryption the answer to post-quantum security?

If you wear suspenders, do you need a belt? If you have one parachute, do you need a reserve? Many CISOs, security teams, and cryptographers are asking a similar question about encryption algorithms when they choose the next generation of protocols. Do users need multiple layers of encryption? Do they want the complexity and cost, … Read more