If you’re in the market for an endpoint detection and response (XDR) product, there are plenty of options available. But within the word salad of overlapping terms (XDR, EDR, ASM, and more), it can be a real challenge to actually understand what features you need and where they’re available. This means choosing the right XDR […]

The post Sophos vs. Trend Micro: How Do They Shape Up? appeared first on Heimdal Security Blog.

Massive hack forces CDK Global, a provider of software-as-a-service for car dealerships, to shut down its servers, leaving customers unable to run their businesses as usual. A SaaS platform from CDK Global serves clients in the auto sector, managing all facets of vehicle dealership operations, such as inventory management, CRM, financing, payroll, support, and servicing. […]

The post CDK Group Falls Victim to Two Cyberattacks appeared first on Heimdal Security Blog.

ONNX Store new PhaaS is targeting Microsoft 365 and Office 365 accounts in financial companies. The hackers use QR codes in PDF attachments to lure the employees into clicking malicious links. The phishing platform uses Telegram bots to spread and includes mechanisms to bypass two-factor authentication (2FA). Researchers think ONNX Store is Caffeine phishing kit […]

The post ONNX Phishing Targets Financial Companies’ Microsoft 365 Accounts appeared first on Heimdal Security Blog.

A bastion host is a server placed between the public internet and a company’s private network.  It enhances security by allowing access only to specific, authorized users. If you know about jump servers, you’ll recognize this remote access security concept. If not, you will by the end of this article. Understanding the functionality, types, and […]

The post What Is a Bastion Host? Types, Use Cases, and Safety Measures  appeared first on Heimdal Security Blog.

In the last decade, cybersecurity has come a long way. Once upon a time, keeping your IT environment secure largely required passwords, firewalls, and antivirus. In the days since, the move to cloud technology has thrown up a whole range of advanced tools and defenses to protect organizations that have employees and data distributed around […]

The post The Top 7 Unified Endpoint Management Tools in 2024 appeared first on Heimdal Security Blog.

A 28-year-old Russian man has been taken into custody by the Ukraine cyber police in Kyiv for his involvement in the Conti and LockBit ransomware operations, which involved making their malware impervious to antivirus software and carrying out at least one attack personally. The Dutch police, who responded to a ransomware attack and subsequent data […]

The post Crypter Specialist Involved in the Conti and LockBit Attack Arrested appeared first on Heimdal Security Blog.

On June 11th, Microsoft announced fixing a critical RCE vulnerability in their Message Queuing (MSMQ) technology. The flaw is tracked CVE-2024-30080 and has a CVSS score of 9.8 out of 10. Security researchers say threat hackers can exploit it remotely to take over Microsoft Servers. Why patch the MSMQ RCE vulnerability immediately The flaw only […]

The post MSMQ Vulnerability Allows Hackers to Takeover Microsoft Servers appeared first on Heimdal Security Blog.

Cleveland cyberattack shut down the City Hall and the Erieview offices for the last two days. Authorities revealed the incident on Monday June 10th and said public services were put offline until further notice. Emergency services and public utilities, like healthcare and trash collection remained functional, due to employees resuming to manual work. What we […]

The post Cleveland Cyberattack Turns Public Services Offline for Days appeared first on Heimdal Security Blog.

In this article, we’ll answer your question: “What are the best RMM solutions for 2024?” We’ll explore the top 10 tools to help MSPs efficiently monitor and manage client systems. Here’s a quick glance for you: Heimdal XDR ConnectWise Automate Datto RMM NinjaOne N-able RMM Kaseya VSA ITarian GoToResolve Atera RMM Action1 RMM Let’s review […]

The post 2024’s Best RMM Solutions for MSPs: Top 10 Remote IT Management Tools appeared first on Heimdal Security Blog.

A new phishing kit known as ‘V3B’ is being promoted on Telegram by cybercriminals. It aims to trick clients of 54 significant financial institutions in Ireland, the Netherlands, Finland, Austria, Germany, France, Belgium, Greece, Luxembourg, and Italy. Priced between $130 and $450 per month depending on what is purchased, the phishing kit features advanced obfuscation, […]

The post The V3B Phishing Kit Affects Customers of 54 European Banks appeared first on Heimdal Security Blog.

The FBI has disclosed that it has acquired over 7,000 LockBit decryption keys that individuals can utilize to access encrypted data at no cost, but it is urging previous victims of LockBit ransomware attacks to come forward. This was announced by the FBI’s Cyber Division Assistant Director, Bryan Vorndran, at the 2024 Boston Conference on […]

The post 7,000 LockBit Keys Recovered by the FBI! appeared first on Heimdal Security Blog.

In an unprecedented coordinated effort, international law enforcement agencies have successfully dismantled several major botnets in what has been described as the largest ever operation against cybercrime. Dubbed ‘Operation Endgame’, this large-scale crackdown involved multiple countries and led to significant disruptions in the operations of cybercriminals worldwide. Details of the operation Between May 27 and […]

The post Operation Endgame, The Largest Ever Operation Against Botnets appeared first on Heimdal Security Blog.

Zyxel urges users to apply patches for three critical vulnerabilities impacting two of its end-of-life NAS products Security researcher Timothy Hjort reported 5 vulnerabilities in Zyxel products: NAS326, version V5.21(AAZF.16)C0 and earlier NAS542, version V5.21(ABAG.13)C0 and earlier Three of the flaws are critical and enable command injection and remote code execution (RCE) attacks. End-of-life means […]

The post Zyxel Patches EOL NAS Devices Against Three Critical Flaws appeared first on Heimdal Security Blog.

Nowadays, cyber threats are more sophisticated and common than ever.  Companies face significant risks from breaches, ransomware, and other malicious activities, leading to financial loss, reputational damage, and operational disruptions. Strong incident response capabilities are now essential. Investing in top-tier incident response software is crucial. These tools offer comprehensive solutions for efficiently detecting, managing, and […]

The post [2024] The 12 Best Incident Response Software On the Market appeared first on Heimdal Security Blog.

A ransomware attack hit services provider Synnovis on June 3rd, causing activity disruption at several major NHS hospitals in London. Blood transfusions, surgeries, blood tests, and other procedures were postponed, redirected to other clinics, or canceled. The attack impacted Guy’s and St Thomas’, King’s College Hospital NHS Foundation Trusts, and primary care services in southeast […]

The post Synnovis Ransomware Attack Disrupts NHS London Hospitals’ Activity appeared first on Heimdal Security Blog.

Hugging Face, a well-known AI company, reports that malicious actors have gained access to its members’ authentication secrets through a compromise on its Spaces platform. “Hugging Face Spaces” is a collection of AI apps made and submitted by community members, available for other members to test. Hugging Face alerted in a blog post: Earlier this […]

The post Hugging Face Spaces Platform Breached, Authentication Tokens Stolen appeared first on Heimdal Security Blog.

There’s growing evidence that organizations are consolidating their cybersecurity tools. One survey found that 60% of companies are looking to reduce the number of point solutions they use. And it’s not just about saving money – the top driver was in fact about improving usability (for 23%). Cybersecurity platforms are meeting this demand. By bringing […]

The post 11 Cybersecurity Platforms You Should Know About [2024] appeared first on Heimdal Security Blog.

A growing number of MSPs are moving towards a platform approach for their cybersecurity tools. What’s behind the shift away from point solutions?  Imagine you’re packing your bag to go camping. You might need to cut some twigs for kindling, so you put a saw in your backpack. You need a can opener so you […]

The post Less Is More: Why MSPs Are Moving to the Cybersecurity Platform Model appeared first on Heimdal Security Blog.

Ticketmaster has been breached and the data of over 500 million customers is listed for sale. A threat actor known as ShinyHunters is selling on the recently revived BreachForums hacking forum what they claim is the personal and financial information of Ticketmaster customers. The listing goes for $500,000. Details About the Breach: What Information Was […]

The post Ticketmaster Breached? Data of Over 500 Million Customers For Sale appeared first on Heimdal Security Blog.

The BBC has revealed that on May 21, a data security breach resulted in unauthorized access to files held on a cloud-based service, jeopardizing the confidentiality of members of the BBC Pension Scheme. What Do We Know About the Incident? The incident impacted roughly 25,000 people according to the reports, including former and current employees […]

The post BBC Breached! Current And Former Employees Impacted by the Attack appeared first on Heimdal Security Blog.

Threat actors got access to sensitive information belonging to 2,812,336 people due to the Sav-Rx data breach. The prescriptions management company discovered the data leakage on October 8th, 2023, five days after the attackers had breached their system. It was a network disruption that raised awareness. While they didn`t reveal how the hackers gained initial […]

The post Sav-Rx Data Breach Exposes Sensitive Information of Over 2.8 Million People appeared first on Heimdal Security Blog.

Researchers warn that hackers target Check Point remote access VPNs in an attempt to breach corporate networks. Using password-only authentication on old local accounts enables attackers to gain initial access to the company’s network. Check Point released a security update on May 27th advising users to bolster VPN security. One day later, the vendor released […]

The post Check Point VPNs under Attack. Vendor releases Hotfix for CVE-2024-24919 appeared first on Heimdal Security Blog.

Cybersecurity researchers identified several fake antivirus websites used by cybercriminals to distribute malware. These websites closely mimic legitimate antivirus sites but deliver malicious software instead of protection. In mid-April, Trellix’s Advanced Research Center discovered that these fake websites host malicious files, including .apk, .exe, and installer files created with Inno Setup. The malware includes espionage […]

The post Researchers Uncover Fake Antivirus Sites Spreading Malware appeared first on Heimdal Security Blog.

We are thrilled to announce the release of Heimdal 4.2.0, now rolling out with significant enhancements to our platform. One of the key highlights is our compliance with the Keeping Children Safe in Education norms. This ensures a safer digital environment for schools and colleges, reinforcing our commitment to protecting young users. For an in-depth […]

The post Experience Heimdal 4.2.0 Release Candidate appeared first on Heimdal Security Blog.

Ensuring the confidentiality, integrity, and availability of data is not just a best practice but a necessity to protect against breaches and cyber threats. Our Network Security Policy Template provides a robust framework for safeguarding your organization’s information assets. Download the Network Security Policy Templates Network Security Policy Template – PDF Network Security Policy Template […]

The post [Free & Downloadable] Network Security Policy Template appeared first on Heimdal Security Blog.

Researchers discovered that malicious actors launched a new malware campaign dubbed CLOUD#REVERSER. The infection chain uses notorious cloud storage services like Google Drive and Dropbox to deploy the malware. By updating operating scripts and retrieving commands from a remote server, the malware can steal data and perform remote code execution. For that it uses VBScript […]

The post CLOUD#REVERSER Malware Campaign Uses Google Drive and Dropbox  appeared first on Heimdal Security Blog.

LONDON, May 23, 2024 – Heimdal® is excited to announce its participation in Infosecurity Europe 2024, taking place from 4-6 June 2024 at ExCel London. Attendees are invited to visit Heimdal’s booth for an exclusive opportunity to engage with industry-leading cybersecurity experts, experience live demonstrations, and enjoy engaging presentations. Event Highlights Personalized Experience and Meet […]

The post Heimdal to Showcase Widest Cybersecurity Tech Stack at Infosecurity Europe 2024 appeared first on Heimdal Security Blog.

Only a few days left until InfoSecurity Europe kicks off and we can already feel the excitement of being there.   Starting June 4th, at ExCeL London, you’re up for three days of interacting with top names and brands in the information security industry. Get ready to see the latest cybersecurity tech in action, learn from […]

The post Top things to do at InfoSecurity Europe 2024 – Learn, Explore and Have Fun  appeared first on Heimdal Security Blog.

BeyondTrust and Delinea are some of the most popular privileged access management (PAM) products on the market. They each offer a sophisticated range of tools for managing access, identities, and endpoints. But like all security tools, they’re not for everybody. The right PAM solution for you will depend on your specific IT environment, budget, internal […]

The post BeyondTrust vs. Delinea: Which Is Best for Privileged Access Management? appeared first on Heimdal Security Blog.

An authentication bypass vulnerability of maximum severity (CVSS V4 Score: 10.0) tracked as CVE-2024-4985 was recently fixed by GitHub. The vulnerability impacts GitHub Enterprise Server (GHES) instances using SAML single sign-on (SSO) authentication. What to Know About the Vulnerability By taking advantage of the vulnerability, a threat actor might spoof a SAML response and obtain […]

The post Critical SAML Auth Bypass Vulnerability Found in GitHub Enterprise Server appeared first on Heimdal Security Blog.

Privileged access management (PAM) tools have changed a lot over the last few years. Once, you could rely on a fairly standard set of features across all providers. Now, the unique security challenges of cloud technology have ushered in a whole range of new tools and acronyms. From PASM to PEDM, CIEM, secrets management, and […]

The post BeyondTrust vs. CyberArk: Pros, Cons, and Alternatives for Privileged Access Management appeared first on Heimdal Security Blog.

A recent  study by Cybersecurity Dive shows that nearly all companies (98%) use software integrations with third-party vendors that have suffered breaches in the past two years. Since not a single company can maintain ops integrity by solely relying on in-house developed software, the stakes are higher than ever. In this article, we’re going to […]

The post Guide to Third Party Risk Management: Dealing with Vendor Vulnerabilities appeared first on Heimdal Security Blog.

The Singing River Health System stated that the August 2023 ransomware attack impacted 895,204 individuals. The Mississippi-based healthcare provider operates multiple hospitals and medical facilities across the Gulf Coast region. What data was exposed in the breach? According to the data breached notice, the exposed information includes: full names dates of birth physical addresses Social […]

The post Singing River Health System Ransomware Attack Affects Nearly 900,000 appeared first on Heimdal Security Blog.

Click and execute! A new vulnerability in the open-source LibreOffice is being exploited by threat actors. As per reports, attackers can run malicious code on victims by deceiving them into opening and clicking on a maliciously crafted document. The LibreOffice developers warn users in a security advisory that the office software supports linking scripts to […]

The post Click to Hack? New LibreOffice Vulnerability Allows Threat Actors to Execute Malware With One Click appeared first on Heimdal Security Blog.

The notorious BreachForums has been seized by the FBI. The hacking forum is renowned for leaking and selling corporate data to other cybercriminals. The seizure occurred on Wednesday morning, shortly after the data leak of a Europol law enforcement portal. Now, the forum is displaying a message informing users that the FBI has taken possession […]

The post BreachForums Seized by the FBI! Investigations Ongoing appeared first on Heimdal Security Blog.

XDR is on the verge of becoming a must-have in terms of cybersecurity solutions. The latest studies are estimating that by 2027 about 40% of all organizations will have an XDR solution in place. If you are considering adding one to your company’s cybersecurity tool stack, you should know you have plenty of options on […]

The post SentinelOne vs. Sophos: Singularity XDR or Intercept X? (+ Alternative) appeared first on Heimdal Security Blog.

Google released a patch for a new zero-day this Monday, four days after addressing another vulnerability exploited in the wild. The latest Chrome zero-day is tracked as CVE-2024-4671. Security specialists described it as a high-severity out-of-bounds write flaw in the V8 JavaScript and WebAssembly engine. For the moment, Google won’t disclose details, to allow users […]

The post New Google Chrome Zero-Day in Less Than a Week. Update Your Browser Now! appeared first on Heimdal Security Blog.

Authorities investigating the Helsinki data breach revealed the attack originated in hackers exploiting an unpatched vulnerability. On May 2, 2024, the City of Helsinki announced that a data breach impacted its Education Division. The hackers got access to a network drive containing tens of millions of files belonging to tens of thousands of people. Considering […]

The post Unpatched Vulnerability Causes Massive Helsinki Data Breach appeared first on Heimdal Security Blog.

A jump server is a computer that acts as a safe bridge between networks in different security zones. It’s a hardened device that administrators use to safely bypass firewalls that isolate public networks from private ones. Another name for a jump server is a jump box or jump host. By using a jump server, a […]

The post What Is a Jump Server? Definition and Safety Measures appeared first on Heimdal Security Blog.

Extended detection and response (XDR) is fast becoming the gold standard for cybersecurity. According to Gartner, 40% of all organizations will have an XDR in place by 2027, rising from just 5% in 2021.  If your Manager Service Provider (MSP) business is looking to use an XDR, then narrowing down your shortlist can be tough. […]

The post CrowdStrike vs. Trend Micro: Which XDR Is Right for You? (+ Alternative) appeared first on Heimdal Security Blog.

Ensuring the security of your organization’s information systems is crucial in today’s digital landscape. Access Control is a fundamental aspect of cybersecurity that safeguards sensitive data and protects against unauthorized access. To assist you in establishing robust access control measures, we are pleased to offer a comprehensive Access Control Policy Template, available for download. Download […]

The post [Free & Downloadable] Access Control Policy Template -2024 appeared first on Heimdal Security Blog.

Cybersecurity-focused Managed Service Providers (MSPs) are dealing with more potential weak links than ever before. The cause? Endpoints.  MSPs’ clients are using far more endpoints than in the past. From mobile devices to web-connected printers, cloud storage to cloud apps, IoT sensors to BYOD.  One solution here is extended detection and response (XDR). Numerous cybersecurity […]

The post SentinelOne vs. Trend Micro – Singularity XDR or Vision One? (+ Alternatives) appeared first on Heimdal Security Blog.

Computer company Dell Technologies revealed on Friday that it is looking into a data breach event involving a company site that contained limited customer information tied to sales. Dell informed consumers in a message that the results of its investigation indicate that unauthorized access was made to a database containing customer names, addresses, hardware, and […]

The post Dell Data Breach Affects 49 Million Customers appeared first on Heimdal Security Blog.

The City of Wichita, Kansas, fell victim to a ransomware attack, prompting the shutdown of its network to prevent further damage. The LockBit ransomware group has since claimed responsibility, adding the city to its list of targets on its Tor leak site and threatening to release stolen data. How is Wichita managing the ransomware incident? […]

The post Wichita Falls Victim to Ransomware Attack Claimed by LockBit appeared first on Heimdal Security Blog.

Official Press Release Copenhagen, Denmark – May 8th, 2024 — Heimdal®, a global leader in cybersecurity solutions, is excited to announce the appointment of Jesper Frederiksen as its new Chief Executive Officer. Bringing a wealth of experience from the SaaS and cloud security sectors, Frederiksen is renowned for his expertise in scaling IT technology organizations and enhancing […]

The post Heimdal Welcomes Jesper Frederiksen as Its New Chief Executive Officer appeared first on Heimdal Security Blog.

Researchers warn that Xiaomi devices are vulnerable to over 20 critical issues affecting applications and system components. Security specialists notified the vendor regarding the flaws at the end of April 2023. For the moment, Xiaomi didn’t manage to fix all of them. What are the vulnerable Xiaomi apps? The Xiaomi vulnerabilities impact applications that common […]

The post 20+ Xiaomi Vulnerabilities Put Users’ Data and Devices at Risk appeared first on Heimdal Security Blog.

If you’re in the market for an endpoint detection and response (XDR) solution, there’s a good chance you’ll find yourself wondering whether Sophos vs Palo Alto XDR is the right tool for you. These are some of the most popular options on the market, so it’s only natural to consider whether they have the right […]

The post Sophos vs. Palo Alto: Intercept X vs. Cortex XDR (Comparison, Reviews, And Alternatives) appeared first on Heimdal Security Blog.

Finding a remote monitoring and management (RMM) platform that works for your MSP can be very tricky. With dozens of solutions to choose from, narrowing down your options takes a lot of time and effort. According to one survey of MSP owners, “choosing the best [IT] solutions” was the third biggest difficulty they faced (after […]

The post NinjaOne vs. ManageEngine: Which Software Is Better? (Are There Any Alternatives) appeared first on Heimdal Security Blog.

Choosing the right cybersecurity solution is crucial for protecting your business. With options like CrowdStrike and Sophos in the market, it’s essential to compare their offerings. In this article, we’ll focus on two prominent solutions: Falcon by CrowdStrike and Intercept X by Sophos.  We’ll analyze the strengths and weaknesses of each solution, providing you with […]

The post CrowdStrike vs. Sophos: Comparing Falcon and Intercept X (Are There Other Alternatives?) appeared first on Heimdal Security Blog.