ArmorPoint

Each year, cybercriminals grow more dangerous and utilize
sophisticated attack methods to breach the networks and data banks of
enterprises.
Are you secure? Armor Up!

The IT Leaders’ Guide to Choosing the Right SIEM Deployment Method – ArmorPoint The IT Leaders’ Guide to Choosing the Right SIEM Deployment Method by Katie Simmons April 4, 2019 Guide A Security Information & Event Management (SIEM) is a platform used for managing security incidents. It enables the collection and analysis of security logs and machine data from across an organ...

Have you ever wondered how hackers steal your information?
Spear-phishing is a common method, and this is how it works.

How Cyber Hackers Use Spear Phishing Scams To Steal Your Information When it comes to cyber-attacks, the most common method of gaining access to your passwords and information may surprise you- it is just by asking for it. Hackers use a method called Spear Phishing to trick users into giving up their data freely.

Even defibrillators can get hacked!
No instances have occurred yet, but the risk remains.
How should the medical industry react?

Hackers can take over heart devices, DHS warns Any connected device these days is a potential target of hackers — and that now includes defibrillators.

Have you ever heard of hash-and-roll? It is a new and completely free way of creating new, secure passwords.

Hash And Roll Your Way To Secure Passwords In the electronic battlefield that is 2019, the realm of password security is fraught with dangers. Websites from companies big and small leak like sieves, storing user data in completely unsecure …

A new vulnerability being dubbed “Evil PLC Attack” has been discovered affecting PLC’s (program logic controllers). Currently, it is affecting top automation companies such as Rockwell Automation, Schneider Electric, GE, B&R, XINJE, OVARRO, and Emerson. The attack targets engineers on industrial networks who work on PLC’s in top industries such as manufacturing, automotive, utilities, electricity, and water and waste among others. Products include:
• OVARRO: TBox platform
• B&R (by ABB Group): X20 System platform
• Schneider Electric: Modicon platform (mainly M340, M580)
• General Electric (GE): Mark VIe platform
• Rockwell Automation: Micro800 Control Systems platform
• Emerson: PACSystems platform
• XINJE: XD Series platform
For more information, please see: https://bit.ly/3pwCDQF

A vulnerability with Netwrix Auditor has been discovered where an insecure object deserialization issue can allow attackers to use remote code ex*****on to submit arbitrary objects to achieve remote code ex*****on. This can lead to a compromise of the Active Directory domain. Recommended actions: update to version 10.5. More information can be found at:

Netwrix Auditor Application Critical Vulnerability Advisory Bishop Fox covers the Insecure Object Deserialization vulnerability within the Netwrix Auditor application and suggested fixes in this advisory.

A flaw was found with the Questions for Confluence app that could allow a remote, unauthenticated attacker with knowledge of the hardcoded password to log into Confluence and access all content accessible to users in the confluence-users group. This exploit is now being seen in the wild. Uninstalling does not remediate this issue – please update the Questions for Confluence app to a fixed version:
2.7.x >= 2.7.38
Versions >= 3.0.5
For more information, please visit: https://bit.ly/3PK7QLV