Meet Linda, the CFO of a multinational company. She is currently on her way to a business conference on the other side of the world. Linda makes many more trips like this these days. Once upon a time, jet-setting across the world meant no access to files, emails, or messages for the whole time she…

This post is authored by Heimdal’s Cybersecurity Architect and Technical Product Marketing Manager Andrei Hinodache. You may know him as the face of our popular series of webinars. If you want to watch the full webinar this EDR strategy guide is based on, check out the recording here.  If you want to understand why effective…

Organizations of all sizes rely on tools like Action1 to manage software updates and security patches. However, Action1 is not the only game in town. Businesses often need alternatives that better support remote devices, streamline software deployment, or align with their unique needs. This article reviews seven powerful Action1 alternatives for patch management, helping you…

The holiday season is a time of celebration, but it’s also a high-risk period for cyberattacks. Cybercriminals look to exploit reduced staffing, remote work, and the surge in online activity. As everyone scrambles for last-minute deals, these attackers find it easier than ever to slip through the cracks in your defenses. As a system administrator at…

Effectively managing third-party risks starts with a solid plan, and our Vendor Risk Assessment Template is the perfect tool to help you evaluate vendors and protect your business. Third-party vendors can introduce significant risks—ranging from cybersecurity vulnerabilities to compliance challenges. Why Use This Template? Our template is designed to simplify and enhance your vendor risk…

A well-structured Cloud Security Policy is no longer a luxury—it’s a necessity. To help you stay ahead, we’re offering a free, downloadable Cloud Security Policy Template designed to simplify your cloud security journey. You can download your template in PDF, Microsoft Word, or Google Docs formats, allowing you to choose the one that best fits…

The New Glove Stealer malware has the ability to bypass Google Chrome’s Application-Bound (App-Bound) encryption to steal browser cookies. The threat actors’ attacks employed social engineering techniques akin to those employed in the ClickFix infection chain, in which phony error windows included in HTML files attached to phishing emails deceive potential victims into installing malware.…

Imagine the scenario: an employee at your company has innocently decided to install an add-on to their browser to help with time management. Except there’s a catch. The browser extension has been hacked by cybercriminals, who can exploit it as a backdoor into your company’s systems. However, if your organization uses application allowlisting (also known…

Hackers are exploiting two VMware vCenter Server flaws, one of which is a critical remote code execution flaw. Both vulnerabilities received security updates in September 2024, but the initial patches didn’t solve the problems completely. Thus, in October, VMware released a new patch to close the RCE vulnerability. Now security researchers warn users that they’ve…

The FBI, the Australian Cyber Security Centre, and the U.S. Cybersecurity & Infrastructure Security Agency have issued a new advisory stating that the BianLian ransomware operation has changed its strategy and is now predominantly a data theft extortion gang. The same agencies issued a joint advisory in May that warned about BianLian’s shifting tactics, which…