The Security Ledger

JANUARY 19, 2022

What does 2022 have in store? Dean Coclin of DigiCert speaks with host Paul Roberts about the trends that will shape the New Year, from cloud sovereignty to the growing reliance on PKI to secure digital identities, DEVOPs and more. Can We Fix It In 2022? So it is with predictions for this new year, 2022.

Cloud 98

Cloud IoT Encryption Cybersecurity 98

Krebs on Security

MAY 28, 2024

KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later. The 911 S5 botnet-powered proxy service, circa July 2022. In the months that followed, however, 911 S5 would resurrect itself under a different name: Cloud Router. ”

Cloud 225

Cloud Data breaches Government IT 225

Thales Cloud Protection & Licensing

JANUARY 11, 2023

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List. Throughout 2022, Thales hosted more than 40 webinars on a wide variety of cybersecurity topics, including, cloud security, data sovereignty, compliance, data threat trends, and rethinking approaches to role-based authentication.

Compliance 83

Compliance Cloud Security Financial Services 83

Security Affairs

DECEMBER 29, 2022

NCC Group’s Fox-IT research team warns of thousands of Citrix ADC and Gateway endpoints remain vulnerable to two critical vulnerabilities, tracked as CVE-2022-27510 and CVE-2022-27518 (CVSS scores: 9.8), that the company addressed in recent months. Citrix addressed the flaw on November 8, 2022.

Cloud 96

Cloud Authentication Access IT 96

Data Breach Today

JUNE 3, 2024

Mandiant's Sandra Joyce, Jurgen Kutscher Talk Post-Acquisition Growth, Innovations Sandra Joyce and Jurgen Kutscher highlight the significant advancements in Mandiant's threat intelligence and consulting services following Google's September 2022 acquisition, emphasizing improved scalability, engineering support and global reach as well as new focuses (..)

Cloud 157

Cloud 157

Data Breach Today

FEBRUARY 3, 2023

Reminder: Real-World Attacks Often Focus on Small Subset of Known Vulnerabilities Criminals lately have been prioritizing two types of attacks: exploiting Remote Desktop Protocol and penetrating cloud databases.

Insurance 130

Insurance Honeypots Cloud Access 130

Hunton Privacy

FEBRUARY 18, 2022

On February 15, 2022, the French Data Protection Authority (the “CNIL”) published its enforcement priority topics for 2022. For 2022, the CNIL indicated that it will focus on three major strategic priorities: Direct Marketing. Cloud Computing.

Cloud 108

Cloud Data breaches GDPR Marketing 108

Security Affairs

DECEMBER 9, 2022

On the third day of the Zero Day Initiative’s Pwn2Own Toronto 2022 hacking competition, participants earned more than $250,000. Another successful exploit in the SOHO SMASHUP category @ #P2OToronto #Pwn2Own pic.twitter.com/8Qty12wmU1 — Zero Day Initiative (@thezdi) December 9, 2022. The results of Day Three are available here.

Cloud 121

Cloud Security Information Security IT 121

eSecurity Planet

JANUARY 18, 2024

Cloud storage is a cloud computing model that allows data storage on remote servers operated by a service provider, accessible via internet connections. Local storage prioritizes direct access, potential cost savings, and reduced reliance on the internet, yet lacks the scalability and security of the cloud.

Cloud 125

Cloud Risk Security Encryption 125

Data Breach Today

NOVEMBER 28, 2023

Dhawan Is Proofpoint's 3rd CEO Since March 2022; Interim Leader Thomas Back as CFO Proofpoint landed top VMware lieutenant Sumit Dhawan as its new chief executive just days after the cloud and virtualization giant was acquired by Broadcom.

Cloud 256

Cloud Security IT 256

Security Affairs

DECEMBER 8, 2022

Pwn2Own Toronto 2022 Day Two – Participants demonstrated exploits for smart speaker, smartphone, printer, router, and NAS. On the first day of the Zero Day Initiative’s Pwn2Own Toronto 2022 hacking competition participants earned $400,000 for 26 unique zero-day exploits. SecurityAffairs – hacking, Pwn2Own Toronto 2022 ).

Cloud 97

Cloud Security Information Security IT 97

eSecurity Planet

MARCH 27, 2023

Mandiant tracked 55 zero-day vulnerabilities that were actively exploited in 2022. Overall, the proportion of financially motivated zero-day exploitation decreased in 2022. Far more of the 16 cases with a clear motive were state-sponsored – 13 of the zero-days tracked in 2022 appear to have been leveraged by cyber espionage groups.

Cloud 104

Cloud Ransomware Risk Access 104

Security Affairs

MAY 18, 2022

CISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 vulnerabilities by May 23, 2022. The list of impacted products includes: VMware Workspace ONE Access (Access) VMware Identity Manager (vIDM) VMware vRealize Automation (vRA) VMware Cloud Foundation vRealize Suite Lifecycle Manager. states VMware.

Cybersecurity 89

Cybersecurity Access Cloud Security 89

eSecurity Planet

JULY 8, 2022

In this era of the cloud, the big cloud providers take care of the underlying infrastructure. All that is needed is a connection to the cloud. Druva’s cloud data protection and management system includes DR, backup, and ransomware protection. Fault-tolerant cloud is available for disaster recovery.

Ransomware 142

Ransomware Cloud Encryption Marketing 142

OpenText Information Management

JUNE 20, 2022

The latest announcement by OpenText of Cloud Editions includes exciting updates to the OpenText™ Developer Cloud. June 2022: What’s new in the OpenText Developer Cloud 22.2 June 2022: What’s new in the OpenText Developer Cloud 22.2 Check out the latest updates below.

Cloud 92

Cloud 92

Security Affairs

MARCH 8, 2022

Microsoft March 2022 Patch Tuesday security updates address 89 vulnerabilities in multiple products, including 3 zero-days. Three flaws addressed by the Microsoft March 2022 Patch Tuesday security updates are zero-day issues, and for two of them, CVE-2022-21990 and CVE-2022-24459, public exploits are available.

Libraries 99

Libraries IoT Cloud Security 99

AIIM

APRIL 27, 2021

Global research and advisory firm, Gartner, predicts that by 2024 more than 45% of IT spending will shift from legacy on-premises solutions to the cloud. Cloud infrastructure spending is expected to jump from $63 billion in 2020 to $81 billion by 2022. Benefits of a Cloud-First Data Management Strategy.

Cloud 190

Cloud ROT Metadata Content services 190

Thales Cloud Protection & Licensing

JANUARY 5, 2022

Trends and Predictions for 2022 – More of the Same? Wed, 01/05/2022 - 05:12. What will 2022 bring for cybersecurity? What are the key security challenges for 2022? Organizations are not slowing down the migration of applications, workloads, and data to the cloud, which leads to a broader attack surface.

Phishing 127

Phishing Digital transformation Communications Cybersecurity 127

Security Affairs

AUGUST 9, 2022

Microsoft Patch Tuesday security updates for August 2022 addressed a zero-day attack remote code execution vulnerability in Windows. Yes Yes RCE CVE-2022-30134 Microsoft Exchange Server Elevation of Privilege Vulnerability Important 7.6 No No RCE CVE-2022-35804 SMB Client and Server Remote Code Execution Vulnerability Critical 8.8

Security 122

Security Cloud IT Information Security 122

Security Affairs

APRIL 14, 2022

Threat actors are actively exploiting a critical flaw, tracked as CVE-2022-22954 , in VMware Workspace ONE Access and Identity Manager recently patched by the vendor. CVE-2022-22954 event detected Source IP: 178.176.202.121 ( ) Target: VMware Workspace ONE Access and Identity Manager servers vulnerable to remote code execution ( [link] ).

Access 103

Access Cloud Cybersecurity Security 103

Thales Cloud Protection & Licensing

JUNE 20, 2022

Cloud First, Security Second? Tue, 06/21/2022 - 05:17. Cloud solutions were a lifesaver for organizations during the height of the COVID-19 pandemic as employees worked remotely or went hybrid and businesses pivoted their technology strategies to keep operations going. Multi-cloud Adoption Challenges and Complexities.

Cloud 71

Cloud Security Encryption Authentication 71

eSecurity Planet

AUGUST 4, 2022

Opaque Systems enables machine-learning and analytics on end-to-end encrypted data in the cloud. Protects and controls access to data across hybrid multi-cloud environments. Helps in sharing secured files with others via key sharing, even with access to cloud storage in Dropbox and Google Drive. Opaque Systems. NordLocker.

Encryption 132

Encryption Computer and Electronics Cloud Passwords 132

Security Affairs

JANUARY 11, 2023

US CISA added Microsoft Exchange elevation of privileges bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog. The first issue, tracked as CVE-2022-41080 , is a Microsoft Exchange server privilege escalation vulnerability. The issue can be chained with CVE-2022-41082 (ProxyNotShell) to achieve remote code execution.

IT 94

IT Ransomware Cloud Cybersecurity 94

Security Affairs

SEPTEMBER 28, 2022

nuvola is the new open-source cloud security tool to address the privilege escalation in cloud environments. The tool was released during the RomHack 2022 security conference in Rome. The tool helps the security community to address the complex topic of privilege escalation on cloud environments such as AWS.

Cloud 96

Cloud Security Metadata Data breaches 96

IT Governance

OCTOBER 27, 2022

The Standard was last revised almost a decade ago (although a new iteration of the supplementary standard ISO 27002 was published in February 2022), meaning that the release of ISO 27001:2022 has been much needed and highly anticipated. However, the most significant changes with the 2022 version of ISO 27002 are in its structure.

IT 119

IT Information Security Compliance Security 119

Security Affairs

MAY 21, 2024

A vulnerability in the Fluent Bit Utility, which is used by major cloud providers, can lead to DoS, information disclosure, and potentially RCE. Tenable researchers have discovered a severe vulnerability in the Fluent Bit utility, which is used on major cloud platforms.

Cloud 86

Cloud IoT Access Cybersecurity 86

eSecurity Planet

JUNE 21, 2022

” Also read: Cybersecurity Employment in 2022: Solving the Skills Gap. As of mid-2022, the cost is $381 USD. As of mid-2022, the cost is $249. . As of mid-2022, the cost is $749 USD. As of mid-2022, the cost of the exam is $575 for ISACA members and $760 for non-members. . CEH (Certified Ethical Hacker).

Cybersecurity 120

Cybersecurity Systems administration Information Security Compliance 120

eSecurity Planet

APRIL 19, 2023

Portnox Cloud offers network access control (NAC) as a cloud-hosted SaaS solution that enables rapid deployment of basic NAC capabilities. Although the capabilities are more limited than some NAC competitors, the quick deployment and reduced IT labor costs make Portnox Cloud an attractive solution for many.

Cloud 98

Cloud Authentication IoT Access 98

OpenText Information Management

AUGUST 23, 2022

The OpenText™ Developer Cloud provides developers with a new way to build solutions and speed end-to-end processes using our cloud services. During the Developer Summit at OpenText™ World 2022 in Las Vegas, … The post Simplify your solution building with APIs at OpenText World 2022 appeared first on OpenText Blogs.

Cloud 62

Cloud 62

Dark Reading

MAY 13, 2022

Three RSA 2022 sessions take deep dives into the security considerations around data cloud transformation.

Cloud 95

Cloud Security 95

eSecurity Planet

MARCH 21, 2022

The final piece of the complicated Mandiant-FireEye split and subsequent FireEye-McAfee merger fell into place today, as McAfee’s cloud security business was officially spun off under the new name of Skyhigh Security. McAfee Cloud is now Skyhigh Security. STG also owns RSA Security, which remains a separate company.

Cloud 135

Cloud Security Marketing Access 135

Thales Cloud Protection & Licensing

MAY 18, 2022

RSA Conference 2022 Back to Physical - The Thrill of Meeting in Person! Thu, 05/19/2022 - 05:25. And just like that, RSA Conference 2022 is back in San Francisco ! Besides keynotes and presentations, RSA Conference 2022 is also about socializing and networking. Cloud sovereignty challenges. ThalesRSAC2022.

Cloud 71

Cloud Digital transformation Encryption IoT 71

Security Affairs

SEPTEMBER 23, 2022

A critical vulnerability in Oracle Cloud Infrastructure (OCI) could be exploited to access the virtual disks of other Oracle customers. Wiz researchers discovered a critical flaw in Oracle Cloud Infrastructure (OCI) that could be exploited by users to access the virtual disks of other Oracle customers. ” added the experts.

Cloud 85

Cloud Access Security IT 85

Security Affairs

SEPTEMBER 22, 2022

Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability. “We observed the active exploitation of CVE-2022-26134 , an unauthenticated remote code execution (RCE) vulnerability with a critical rating of 9.8 ” concludes the report.

Mining 114

Mining File names Ransomware Cloud 114

Security Affairs

OCTOBER 26, 2022

VMware addressed a critical remote code execution vulnerability in VMware Cloud Foundation tracked as CVE-2021-39144. VMware has released security updates to address a critical vulnerability, tracked as CVE-2021-39144 (CVSSv3 9.8), in VMware Cloud Foundation. appliances on VMware Cloud Foundation 3.x. Apply the NSX-v 6.4.14

Cloud 90

Cloud Libraries Security IT 90

DLA Piper Privacy Matters

FEBRUARY 22, 2022

On 15 February 2022, published a post regarding its upcoming dawn raids for 2022. For 2022, the CNIL has decided to focus its attention on three topics which should represent one third of the dawn raids to be carried out. Use of cloud computing. Another key topic is teleworking which developed with the pandemic.

IT 105

IT Cloud Personal data Data breaches 105