GreyKeep Security

Expert security for an evolving digital age

News

Ransomware Campaign Targeting MOVEit Impacts 60 Million People

· ·

Progress MOVEit logo
Background by Peter Gargiulo

As reported by security research firms Emsisoft and Resecurity, as many as 1,000 organizations and 60 million individuals have been affected by the recent ransomware campaign targeting a SQL injection vulnerability (CVE-2023-34362) in the MOVEit Transfer web application. An attacker can exploit the vulnerability to access file transfers without authentication.

[Read more…] about Ransomware Campaign Targeting MOVEit Impacts 60 Million People

Google Workspace Introduces Notable Security Enhancements

· ·

Neon Google logo on industrial wall
Photo by Mitchell Luo

Google has announced several new security enhancements for its Workspace productivity suite geared towards improving account security and giving organizations more control over how they manage their data. The updates include multi-party approval for administrative actions, AI-based document classification, context-aware DLP, and digital sovereignty controls, such as ownership of client-side encryption keys.

[Read more…] about Google Workspace Introduces Notable Security Enhancements

Cybersecurity Daily: August 24, 2023

· ·

GreyKeep Security Cybersecurity Daily News

Your daily dose of relevant cybersecurity advisories, industry news, and product updates for August 24, 2023.

For the latest news on malware and ransomware, check out our weekly Malware Roundup.

Advisories

[Read more…] about Cybersecurity Daily: August 24, 2023

Email Phishing Remains Most Common Attack Vector

· ·

Email phishing attack

According to a recent report by web performance and security company Cloudflare, email phishing is still the primary way attackers gain access to organizations. Of the 250 million emails analyzed by Cloudflare between May 2022 – May 2023, specially crafted malicious links accounted for 35.6% of all threats.

Not only is the content of phishing emails becoming more convincing, but cybercriminals are adopting techniques that allow them to bypass standard email security controls, such as Sender Policy Framework (SPF), DomainKeys Identified Email (DKIM), and Domain-based Authentication, Reporting & Conformance (DMARC).

[Read more…] about Email Phishing Remains Most Common Attack Vector

Weekly Malware Roundup – August 21, 2023

· ·

GreyKeep Security Malware Roundup

This is the GreyKeep Security Malware Roundup for August 21, 2023. Here’s a summary of what’s in this week’s edition:

Organizations

CyberPower
Dataprobe
Microsoft
Apple
Citrix		Adobe
U.S. Military
Taiwan
South Korea
Latin Americans

Targets

CyberPower DCIM
Dataprobe iBoot PDU
Windows
Microsoft OWA
Powershell Gallery
MacOS
Linux		Android
Citrix NetScaler
Adobe Commerce/Magento 2
Ivacy VPN
GitLab
IoT
Zulip
[Read more…] about Weekly Malware Roundup – August 21, 2023

How can we help you become more secure? Contact Us