Choosing between the different types of patch management solutions impacts the effort your IT team must make to keep the system safe. There’s no one-size-fits-all with patch management software, so you’ll need to evaluate your company’s profile first. Once you decide, look at this list of best patch management software. Key takeaways  Assess the company’s […]

The post Main Types of Patch Management Solutions: A Decision-Making Guide appeared first on Heimdal Security Blog.

Over the last decade, the cloud has gone from being a radical, disruptive new technology to becoming the default setting for organizations of all shapes and sizes. The days of enterprises and heavily regulated companies citing security as the main barrier to cloud adoption are over. So have all the cloud security challenges been solved? […]

The post A Guide to Effective Cloud Privileged Access Management appeared first on Heimdal Security Blog.

Securing digital assets has never been more critical. This guide offers direct access to indispensable cybersecurity risk assessment templates in PDF, Word, and Google Docs formats, enabling organizations and individuals to fortify their digital defenses effectively and efficiently. What are cybersecurity risk assessment templates? A cybersecurity risk assessment is a systematic process designed to identify […]

The post [Free & Downloadable] Cybersecurity Risk Assessment Templates – 2024 appeared first on Heimdal Security Blog.

AnyDesk confirmed recently that a cyberattack has affected their product systems. The hackers accessed the source code and private code signing keys. Initially, the 170,000 customers remote access software company claimed an unplanned maintenance to explain why client logins failed between January 29th and February 1st. A few days later, on February 2nd, AnyDesk announced […]

The post AnyDesk System Breach Raises Concerns Among MSP Users appeared first on Heimdal Security Blog.

An effective cybersecurity incident response plan (IRP) can be the difference between a minor disruption and a major crisis. This article provides you with comprehensive IRP templates in PDF, Word, and Google Docs formats to ensure your organization can quickly and effectively respond to any cyber incident. Why do you need an Incident Response Plan […]

The post [Free & Downloadable] Cybersecurity Incident Response Plan Templates – 2024 appeared first on Heimdal Security Blog.

New Chainalysis warns of ransomware payments raised above above $1.1 billion in 2023 and reached a new record. The $983 million previous peak was set in 2021, while in 2022 the ransomware payments dropped to $567. Chainalysis puts the unusual dropping on threat actors changing focus to politically motivated cyberattacks, due to the war in […]

The post Ransomware Payments New Record Exceeds $905 Million Peak by over 11% appeared first on Heimdal Security Blog.

An insider data breach at Verizon has compromised the personal information of more than 63,000 employees, nearly half of the company’s global workforce. The telecommunications giant disclosed the incident in a Data Breach Notification with the Office of the Maine Attorney General, revealing that the breach occurred around September 21, 2023, due to unauthorized access […]

The post Insider Data Breach at Verizon Affects Over 63,000 Employees appeared first on Heimdal Security Blog.

Demand for Identity and Access Management tools is booming. According to data website Statista, the market for this technology is set to reach over USD $43 billion by 2029 – almost triple the 2022 level.  Today, there are dozens of Identity and Access Management tools on the market. This can make choosing between providers very […]

The post The 11 Best Identity and Access Management Tools (2024) appeared first on Heimdal Security Blog.

According to a joint alert from CISA, the NSA, the FBI, and partner Five Eyes organizations, the Chinese cyberespionage group Volt Typhoon entered a critical infrastructure network in the United States and remained undiscovered for at least five years before being identified. What We Know So Far The Chinese threat group is known for extensively […]

The post Chinese Threat Actors Concealed in US Infrastructure Networks appeared first on Heimdal Security Blog.

Improper user access review management can have huge consequences — including being the victim of data breaches. Following a clear protocol can improve your company’s cybersecurity posture. This article will provide you with an insightful view into how to conduct the user access review process, along with a checklist and user access review template to […]

The post How to Perform User Access Reviews: Template, Process, Checklist appeared first on Heimdal Security Blog.

​​What Is Just-In-Time Access? Just-in-Time Access is the process that grants employees privileged access to applications and systems for a limited time, on an as-needed basis. A good security plan means giving people and systems exactly the access they need to get their tasks done, and only for as long as they need it. While […]

The post Just-in-Time Access (JIT Access) Explained: How It Works, Importance, Benefits appeared first on Heimdal Security Blog.

Hackers targeted two French healthcare providers and generated the largest data breach in French history. The French Data Protection Agency (CNIL) said both Viamedis and Almerys data breaches exposed the data of 33 million people. The two medical insurance companies announced at the beginning of February 2024 that they were victims of cybercrime. Hackers used […]

The post France Cyber Attack – Data Breaches Compromise 33 Million People’s Data appeared first on Heimdal Security Blog.

The purpose of this document is to provide a comprehensive template for organizations seeking to assess their compliance with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). The NIST CSF is a voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity-related risk.  The framework’s adaptable nature allows it […]

The post NIST Cybersecurity Framework Policy Template Guide – 2024 appeared first on Heimdal Security Blog.

Since the earliest days of technology, hackers and cybersecurity professionals have been locked in a cat-and-mouse game, each inventing more innovative ways of outsmarting the other. In 2024, that resulted in an increasingly complex landscape of privileged threat vectors for organizations to defend against. This creates a key challenge for security teams. How do you […]

The post How to Defend Against the 10 Most Dangerous Privileged Attack Vectors appeared first on Heimdal Security Blog.

A data breach compromising customers’ personal information has been alerted by Bank of America to consumers following last year’s intrusion of Infosys McCamish Systems (IMS), one of its service partners. Data exposed in the security breach include the names, addresses, social security numbers, birth dates, and even financial information (including account and credit card numbers) […]

The post Bank of America Warns Its Customers About Data Breach appeared first on Heimdal Security Blog.

We trained LLMs to act secretly malicious. We found that, despite our best efforts at alignment training, deception still slipped through. Evan Hubinger – Sleeper Agents: Training Deceptive LLMs that Persist Through Safety Training Just like the plot of Netflix’s ‘Leave the World Behind’, we’ve welcomed artificial intelligence (AI) into our homes and workplaces. It’s […]

The post You’re Saying LLMs Can Turn Nasty? A Machine Learning Engineer’s View appeared first on Heimdal Security Blog.

Windows’ celebrated CLI (Command-Line Interpreter) is a treasure trove of hidden features, tools, and settings. Command Prompt lets you tap into every area of your Operating System, from creating new folders to formatting internal and external storage. To help you navigate cmd.exe like a pro, we’ve prepared a compressive list of cool CMD commands to […]

The post 80+ Essential Command Prompt (CMD) Commands appeared first on Heimdal Security Blog.

Access review is an important process for verifying and validating access rights in an organization’s IT environment. It ensures that permissions align with business needs, security policies, and regulatory requirements.  This article explains everything about access review — from definition to regulatory implications — and will work as a go-to resource for you to rely […]

The post Access Review: What Is It? appeared first on Heimdal Security Blog.

A reboot in the middle of my presentation? Good job, IT team, perfect timing, as always. As an MSP, you’ve certainly had to deal with those moments when a customer pushes back against a mandatory rebooting policy. You’re left wondering, “Why all the fuss over a basic maintenance procedure?”. Skipping out on those reboots is […]

The post Dear Customer, Why Won’t You Listen? An MSP Guide to Mandatory Rebooting Policies appeared first on Heimdal Security Blog.

Understanding JIT Administration Just-in-time (JIT) administration is a privileged access management system practice for controlling how long certain privileges are active for an organization’s employees and close partners. This method works alongside a precise definition of what permissions are given (called Just Enough Admin, or JEA). Microsoft has been promoting this approach since 2014. In Server […]

The post Just-in-Time Administration in Active Directory: What Should You Know? appeared first on Heimdal Security Blog.

International law enforcement operation disrupts LockBit ransomware gang and offers victims free decryption tool. The campaign was dubbed Operation Cronos and was a collaboration between the U.K.’s National Crime Agency (NCA), the Europol, the FBI, and a coalition of international police agencies. On February 20th, police officers arrested two LockBit threat actors in Poland and […]

The post Lockbit Disrupted. Police Arrests Staff Members and Gives Victims Free Decryptor appeared first on Heimdal Security Blog.

President Joe Biden has signed an executive order to enhance cybersecurity at U.S. ports. $20 billion will be invested in port upgrades, including a shift to trusted crane suppliers. This measure counteracts risks posed by the use of cranes made by China, and aims to expand the Coast Guard’s authority. Strengthening U.S. Port Cybersecurity The […]

The post Biden Signs Executive Order to Boost Maritime Cybersecurity Amid China Concerns appeared first on Heimdal Security Blog.

A new version of the LockBit ransomware seems to be on the horizon. The developers of the file-encrypting malware were secretly working on a project dubbed LockBit-NG-Dev, believed to be the 4.0 version of the tool. This information surfaced recently when law enforcement took down the cybercriminal’s infrastructure earlier this week. The New LockBit Tool […]

The post LockBit 4.0? The Ransomware Operation’s Secret Project appeared first on Heimdal Security Blog.

Researchers in security are issuing warnings about threat actors misusing Google Cloud Run to spread large amounts of banking trojans, such as Astaroth, Mekotio, and Ousaban. With Google Cloud Run, customers can manage workloads and launch front-end and back-end services, websites, and apps without having to worry about scaling or maintaining an infrastructure. Reports from […]

The post Google Cloud Run Abused in Massive Banking Trojan Operation appeared first on Heimdal Security Blog.

While Datto is undoubtedly a powerful solution, it has certain limitations which can be frustrating for managed service providers. Let’s learn more about some of these limitations, and explore alternative solutions you should consider.  Reasons MSPs Are Looking for Datto Alternatives Datto is a data backup and recovery provider. They build hardware which sits in […]

The post The 9 Best Datto Competitors & Alternatives in 2024 (for MSPs) appeared first on Heimdal Security Blog.

Developing a cybersecurity risk management plan from scratch can be time-consuming and costly. This comprehensive cybersecurity risk management template provides a structured approach for identifying, assessing, and prioritizing cybersecurity risks. By offering a standardized framework, it enables organizations to systematically evaluate their vulnerabilities and the potential impact of various cyber threats. This streamlined process ensures […]

The post [Free & Downloadable] Cybersecurity Risk Management Template – 2024 appeared first on Heimdal Security Blog.

As an MSP, ensuring the security of your client’s businesses is paramount, and ConnectWise offers a dependable RMM solution for managing their IT operations. However, due to its complex user interface, which can hinder effective remote device management and less responsive support — you would need to look out for alternatives that offer a more […]

The post 8 Best ConnectWise Competitors & Alternatives in 2024 (for MSPs) appeared first on Heimdal Security Blog.

A subdomain related to ScreenConnect appears as an Indicator of Compromise (IoC) on CISA`s #StopRansomware: ALPHV Blackcat joint advisory update. Fisa99.screenconnect[.]com, which is a ScreenConnect remote access domain, is listed in Table 4, as a network IoC. In their advisory, the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the […]

The post ConnectWise ScreenConnect Subdomain Listed as IoC in CISA’s BlackCat Ransomware Advisory appeared first on Heimdal Security Blog.

SubDoMailing phishing campaign hijacked 8000 abandoned domains and 13,000 subdomains to avoid spam detection. Hackers sent 5 million malicious emails daily. The campaign exploited the credibility of big brands in tech, education, charity, e-commerce, and the press industry. MSN, VMware, McAfee, The Economist, Cornell University, CBS, NYC.gov, PWC, Pearson, Better Business Bureau, UNICEF, ACLU, Symantec, […]

The post Cornell, UNICEF, VMware and McAfee Subdomains Hijacked to Bypass Filters appeared first on Heimdal Security Blog.

On the 12th of February, the Romanian Digital National Security Center (DNSC) announced that an unidentified threat actor launched a massive ransomware attack against Romanian e-health solutions provider RSC, temporarily disrupting server connection to the Hipocrate (HIS) infrastructure. The attacker demanded a 3.5 BTC ransom. Following the official investigation, we aim to prove that the […]

The post Investigating the Shadows: Is Russia-Linked Phobos Ransomware Group Responsible for Romanian Healthcare Disruption? appeared first on Heimdal Security Blog.

What is Patch Tuesday, and why does it matter in our fight against cybersecurity threats? Simply, it’s when Microsoft systematically delivers security updates for its products on the second Tuesday of every month. This practice is pivotal for preventing cyber attacks by addressing known vulnerabilities promptly. Our article dissects the significance, process, and benefits of […]

The post What Is Patch Tuesday and Why Does It Matter for Cybersecurity appeared first on Heimdal Security Blog.

Pepco Group, a leading European retailer, recently disclosed a significant financial loss due to a phishing attack on its Hungarian operations. The incident, which led to a €15 million setback, sparks a conversation about the sophistication of cyber-attacks and the measures companies must take to protect themselves. What happened to Pepco? Pepco, operating across 21 […]

The post Pepco Group Falls Victim to Multi-Million Euro Phishing Scam appeared first on Heimdal Security Blog.

Change Healthcare, a subsidiary of UnitedHealth Group, has fallen victim to a ransomware attack orchestrated by the notorious cybercrime gang ALPHV/BlackCat. The attack, which began on February 21, has caused widespread disruptions, affecting thousands of pharmacies and hospitals across the United States, and stalling prescriptions and healthcare services for millions of Americans. Change Healthcare is […]

The post Massive Ransomware Attack Disrupts US Healthcare: Behind it, ALPHV/BlackCat appeared first on Heimdal Security Blog.

The popular Cybersecurity Framework (CSF), a seminal guideline paper from the National Institute of Standards and Technology (NIST) for lowering cybersecurity risk, has been updated. Regardless of the level of cybersecurity competence, the new 2.0 edition is intended for all audiences, industry sectors, and organization types, from the tiniest organizations and schools to the biggest […]

The post NIST Releases the 2.0 Version of their Cybersecurity Framework (CSF 2.0) appeared first on Heimdal Security Blog.

If you’re in the market for a remote monitoring and management (RMM) solution, it can be difficult to know where to start. With so many options on the market, it can be a real challenge to understand what features you need – and which solutions are best placed to fulfill them. As one of the […]

The post 7 Best Atera Competitors & Alternatives for 2024 (for MSPs) appeared first on Heimdal Security Blog.

IAM and PAM refer to similar topics in the world of access management, and they’re often used interchangeably. However, it’s important to understand how and why they’re different and what that means for your wider cybersecurity strategy. If you want to find out more, you’re in the right place. In this blog, we discuss: The […]

The post IAM vs PAM: What’s the Difference And Why It Matters appeared first on Heimdal Security Blog.

CISA, the FBI, and MS-ISAC joined forces in a new advisory disclosing the latest Phobos ransomware IoCs and tactics. The update is rooted in recent investigations up to February 2024. The alert gives organizations a heads-up regarding how to prevent and mitigate a Phobos ransomware infection. The Phobos ransomware-as-a-service frequently targets government and critical infrastructure […]

The post CISA Updates Phobos Ransomware IoCs List in New Joint Advisory appeared first on Heimdal Security Blog.

Microsoft took six months to patch an actively exploited Windows kernel zero-day. Successful exploitation of CVE-2024-21338 gives attackers system privileges over the infected device. The patch for this flaw is available in the February 2024 Patch Tuesday updates. Security researchers urge Windows users to apply patches as soon as possible, to avoid privilege escalation. Windows […]

The post Windows Kernel Zero-day Patched after Six Months of Active Exploitation appeared first on Heimdal Security Blog.

Keeping your clients’ IT systems operational and secure is important for a Managed Service Provider (MSP), and having the right tools at your disposal isn’t just important, it’s mandatory for thriving the MSP space. There are tens of solutions to choose from but from these, a few stood out in particular, and one of these […]

The post 8 Best N-Able Alternatives & Competitors in 2024 (for MSPs) appeared first on Heimdal Security Blog.

The rise of GenAI (Generative AI) gives leeway to malicious content creators with 80% of all phishing campaigns discovered in the wild being generated by AI tools such as ChatGPT or similar. In this article, we are going to explore the latest phishing techniques that capitalize on GenAI. A new milestone in phishing Why is […]

The post There’s Something Phishy About Generative AI appeared first on Heimdal Security Blog.

A new critical-severity vulnerability in TeamCity On-Premises is being exploited by threat actors. CVE-2024-27198 is an authentication bypass vulnerability with a critical severity score of 9.8 out of 10. It affects all versions through 2023.11.4 of TeamCity’s on-premises edition software. The exploitation appears to be massive. Hundreds of new users created on unpatched instances of […]

The post Critical TeamCity On-Premises Vulnerability Actively Exploited by Threat Actors appeared first on Heimdal Security Blog.

Large-scale attacks on WordPress websites are being carried out by hackers to insert scripts that compel users’ browsers to try different websites’ passwords repeatedly. Cybersecurity researchers have been tracking a threat actor known for breaching sites to inject crypto wallet drainer scripts which steal all cryptocurrency and assets of victims when they connect to their […]

The post WordPress Websites Used by Threat Actor to Launch Brute-Force Attacks appeared first on Heimdal Security Blog.

Capita, a British outsource company has reported a staggering annual loss of more than £106 million, significantly attributed to a ransomware attack by the Black Basta group last March. The hack was directly responsible for nearly a fourth of these losses, costing the corporation £25.3 million in related expenditures, according to the company’s annual report. Capita said […]

The post Capita Reports a Yearly Loss of about £106M Due to Cyberattack appeared first on Heimdal Security Blog.

It’s a good time to be a Managed Service Provider. According to analysis by Mordor Intelligence, the global MSP market is set to rise from $281bn in 2024 to $411bn in 2028. The need for skilled IT support is continually growing, and MSPs are perfectly placed to meet this demand. Understanding what MSPs can offer […]

The post What Is An MSP (Managed Service Provider)? A Vendor and Buyer Guide appeared first on Heimdal Security Blog.

On Heimdal’s 10th Birthday, we want to thank everyone who shaped our journey from 2014 to today, and the future. Ours is a story of perseverance, innovation, and the relentless pursuit of excellence through community empowerment. What better way to celebrate than by sharing that story with you? 2011 – Heimdal® wins CTF Championship. Source: […]

The post Heimdal’s 10th Anniversary – Our Finest Hours appeared first on Heimdal Security Blog.

Midnight Blizzard hackers used Microsoft’s stolen authentication secrets to advance into their internal system and access source code. The Russian attackers initially used password spraying to get into a legacy non-production test tenant account. Microsoft disclosed this initial attack in January 2024. The compromised account had access to an OAuth application with elevated privilege to […]

The post Russians Used Microsoft’s Stolen Authentication Secrets to Access Source Code appeared first on Heimdal Security Blog.

MSPs handle IT management, while MSSPs specialize in cybersecurity. MSPs ensure smooth operations, while MSSPs maintain a security posture. Both are essential — each with its unique role. In this article, we’ll discuss their key differences! What Is an MSP (Managed Service Provider)? An MSP is a specialized company that oversees and maintains a client’s […]

The post MSP vs MSSP: What Is The Difference appeared first on Heimdal Security Blog.

IBM and VU Amsterdam University researchers published on March 12th their study about the new GhostRace attack type. Apart from the technical paper, blog post and Proof of Concept (PoC) exploit, they also released scripts for scanning the Linux kernel for SCUAF gadgets. What’s at risk GhostRace exploits Speculative Race Conditions (SRCs) and is tracked as […]

The post Researchers Disclose Proof of Concept for New GhostRace Attack appeared first on Heimdal Security Blog.

An information security policy template serves as a comprehensive guide for organizations aiming to fortify their defenses against information breaches and cyber-attacks. It encompasses key areas such as purpose and objectives, authority, scope, organizational security management, functional responsibilities, and much more. Recognizing the diverse needs and preferences of different organizations, the information security policy template […]

The post [Free & Downloadable] Information Security Policy Template – 2024 appeared first on Heimdal Security Blog.