Live Study Results Webinar: 2021 Cybersecurity Complexity Research Survey Data Breach by HendrikWiese - September 13, 20210 Attacks such as SolarWinds and Colonial Pipeline show that adversaries are not only stealthy, persistent and patient … but they also are taking advantage of our complexity – the sheer number of disparate tools, vendors and over-burdened staff that enterprises have cobbled together for defense, leaving dangerous gaps in detection
CMS interoperability rule enacted: How providers should tackle API security Data Breach by Jessica Davis - July 14, 20210 Sculpture “Life in the Community” in located at the exterior of the Health Care Financing Administration, the CMS enforcement arm. (Credit: Carol M. Highsmith/Library of Congress via Wikimedia Commons) On July 1, the Centers for Medicare and Medicaid Services began the enforcement of its Interoperability and Patient Access final rule, designed
Microsoft warns zero-day in SolarWinds Serv-U software being exploited by Chinese threat group Data Breach by Derek B. Johnson - July 14, 20210 SolarWinds CEO Sudhakar Ramakrishna attends a Senate Intelligence Committee hearing on Capitol Hill on Feb. 23, 2021, in Washington. A new zero-day affecting SolarWinds’ Serv-U software has seen “limited and targeted” exploitation by a threat group based in China, Microsoft warned. (Photo by Demetrius Freeman-Pool/Getty Images) Microsoft said it discovered a
Strata automation tool looks to simplify cloud migration projects Data Breach by Steve Zurier - July 14, 20210 Strata Identity’s Maverics Identity Discovery aims to automate the process of auditing and cataloging of legacy identity systems. (Photo by Sean Gallup/Getty Images) Strata Identity on Wednesday launched Maverics Identity Discovery, a free software tool that automates the manual process of auditing and cataloging on-premises identity environments. In a press release, Strata
AWS offers free online training for cloud architects Data Breach by Steve Zurier - July 14, 20210 The Amazon Web Services (AWS) office in Houston, Texas. (Tony Webster from Minneapolis, Minnesota, United States, CC BY 2.0 https://creativecommons.org/licenses/by/2.0, via Wikimedia Commons) Amazon Web Services this week launched a new free online training series on Twitch that aims to build up the skills of cloud developers. The new series, the AWS
Major authentication and encryption weaknesses discovered in Schneider Electric, outdated ICS systems Data Breach by Derek B. Johnson - July 14, 20210 Two workers at the Schneider Electric Lexington plant. A major vulnerability in the company’s Modicon programmable logic controllers can be chained with others to allow for remote code execution.(Schneider Electric) A major vulnerability in Schneider Electric’s Modicon programmable logic controllers can be chained with others to allow for remote code
Fashion brand Guess hacked, DarkSide ransomware group the likely culprit Data Breach by Steve Zurier - July 14, 20210 A Guess retail store. (N509FZ, CC BY-SA 4.0 https://creativecommons.org/licenses/by-sa/4.0, via Wikimedia Commons) Following news that noted fashion brand Guess suffered a data breach in which personal information may have been stolen, cybersecurity experts on Tuesday said that retailers should take this case as motivation to lock down their cyber defenses. News of
Microsoft fixes 117 vulnerabilities, four exploited in the wild Data Breach by Steve Zurier - July 14, 20210 The Microsoft logo is illuminated on a wall during a Microsoft launch event in New York City. Microsoft released fixes for 117 vulnerabilities. (Photo by Drew Angerer/Getty Images) Microsoft on Tuesday picked up the pace on patching for July and released fixes for 117 vulnerabilities, four of which are being actively exploited
Websites repeatedly stalked by fraudulent copycats, say researchers Data Breach by Bradley Barth - July 14, 20210 A spoofed Paypal webpage. (Image from Digital Shadows report.) New research has shed some light on just how constantly corporate brands are bombarded by fraudulent attempts to impersonate their website domains. In its new “Impersonating Domains Report,” researchers at Digital Shadows found that over a four-month span this year, its business clients
New open data project looks to gauge success, failure of ransomware policy Data Breach by Joe Uchill - July 13, 20210 The FBI’s Cyber Division leads the nation’s efforts to investigate and prosecute internet crimes. The bureau noted in its annual IC3 report that ransomware is uniquely underreported (FBI) The FBI notes in its annual IC3 report that ransomware is uniquely underreported, and its statistics can’t really be trusted. Various blockchain