Strata automation tool looks to simplify cloud migration projects Data Breach by Steve Zurier - July 14, 20210 Strata Identity’s Maverics Identity Discovery aims to automate the process of auditing and cataloging of legacy identity systems. (Photo by Sean Gallup/Getty Images) Strata Identity on Wednesday launched Maverics Identity Discovery, a free software tool that automates the manual process of auditing and cataloging on-premises identity environments. In a press release, Strata
AWS offers free online training for cloud architects Data Breach by Steve Zurier - July 14, 20210 The Amazon Web Services (AWS) office in Houston, Texas. (Tony Webster from Minneapolis, Minnesota, United States, CC BY 2.0 https://creativecommons.org/licenses/by/2.0, via Wikimedia Commons) Amazon Web Services this week launched a new free online training series on Twitch that aims to build up the skills of cloud developers. The new series, the AWS
Fashion brand Guess hacked, DarkSide ransomware group the likely culprit Data Breach by Steve Zurier - July 14, 20210 A Guess retail store. (N509FZ, CC BY-SA 4.0 https://creativecommons.org/licenses/by-sa/4.0, via Wikimedia Commons) Following news that noted fashion brand Guess suffered a data breach in which personal information may have been stolen, cybersecurity experts on Tuesday said that retailers should take this case as motivation to lock down their cyber defenses. News of
Microsoft fixes 117 vulnerabilities, four exploited in the wild Data Breach by Steve Zurier - July 14, 20210 The Microsoft logo is illuminated on a wall during a Microsoft launch event in New York City. Microsoft released fixes for 117 vulnerabilities. (Photo by Drew Angerer/Getty Images) Microsoft on Tuesday picked up the pace on patching for July and released fixes for 117 vulnerabilities, four of which are being actively exploited
Microsoft aims to expand cloud security by acquiring RiskIQ Data Breach by Steve Zurier - July 12, 20210 Building 92 at Microsoft Corporation in Washington state. (Coolcaesar, CC BY-SA 4.0 https://creativecommons.org/licenses/by-sa/4.0, via Wikimedia Commons) Looking to strengthen its position in cloud security, Microsoft on Monday announced a definitive agreement to acquire RiskIQ, a cloud-based threat intelligence and attack surface management vendor best known for its PassiveTotal product. In a blog
Four vulnerabilities found in Sage X3 ERP software could allow threat actors to run commands at will Data Breach by Steve Zurier - July 10, 20210 A view of the entrance into the Rapid7 offices. The research firm found vulnerabilities in Sage X’s ERP software, which was patched in recent releases. (Rapid7) Researchers reported earlier this week that they had identified four vulnerabilities in Sage X3’s enterprise, resource and planning (ERP) supply chain software that if left
Online course provider Coursera hit with API issues, with cloud driving additional exposure Data Breach by Steve Zurier - July 9, 20210 Researchers on Thursday disclosed that over the past year they found and later fixed a broken object level authorization (BOLA) vulnerability and many other API issues on the platform used by online course provider Coursera. (“Werbach-Student-Flatscreen3” by Vanessa Blaylock is licensed under CC BY 2.0) Researchers on Thursday disclosed that over the past year they found
Emergency ‘PrintNightmare’ patch said to fix RCEs, but not privilege escalation on Windows servers Data Breach by Steve Zurier - July 7, 20210 A signage of Microsoft is seen on March 13, 2020, in New York City. Security researchers are still evaluating a patch for a vulnerability in Windows Print Spooler released July 6. (Photo by Jeenah Moon/Getty Images) Microsoft on Tuesday released an emergency patch on the so-called PrintNightmare vulnerability that attacked the
As Kaseya works to bring SaaS servers online, experts laud precautionary measures as ‘opposite of complacency’ Data Breach by Steve Zurier - July 7, 20210 A visitor photographs a symbol of a cloud at the Deutsche Telekom stand the day before the CeBIT technology trade fair. Kaseya began the technical work for deployment of the company’s servers that support the software-as-a-service VSA product, after the SaaS servers were taken offline as a precautionary measure
Phishing attack targets DocuSign and SharePoint users Data Breach by Steve Zurier - July 3, 20210 DocuSign Headquarters. (Coolcaesar is licensed under CC BY-SA 4.0) Researchers reported on Friday that cybercriminals are mimicking legitimate correspondence to actively target popular cloud applications DocuSign and SharePoint in phishing attacks designed to steal user log-in credentials. In a blog by the Bitdefender Antispam Lab, the researchers said most of the emails