Wed.Aug 03, 2022

Busting the Myths of Hardware Based Security

Security Affairs

Many experts often overlook hardware based security and its vital importance in establishing a secure workspace. When it comes to cybersecurity, everyone likes to talk about software and the dangers that it poses.

Fortinet Looks to Address Rising Costs with Price Increases

Data Breach Today

Fortinet Says Price Hikes Have More Than Offset Supply Chain and Geopolitical Issues Fortinet has raised prices on products and services to address macroeconomic challenges including shipping delays, longer activation timelines, and the suspension of sales in Russia.

Sales 226
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks

Dark Reading

SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more

Ping Identity to Go Private in $2.8B Thoma Bravo Acquisition

Data Breach Today

Thoma Bravo-Ping Deal Comes Just Four Months After Thoma Agreed to Buy SailPoint Thoma Bravo is doubling down on identity, inking a deal to buy Ping Identity for $2.8 billion just four months after agreeing to purchase SailPoint.

Build Your Open Data Lakehouse on Apache Iceberg

Speaker: Veena Vasudevan and Jason Hughes

In this webinar, Dremio and AWS will discuss the most common challenges in data architecture and how to overcome them with an open data lakehouse architecture on AWS. Sign up now!

5 Ways Chess Can Inspire Strategic Cybersecurity Thinking

Dark Reading

Rising interest in chess may feed the next generation of cybersecurity experts

More Trending

School Kid Uploads Ransomware Scripts to PyPI Repository as 'Fun' Project

Dark Reading

The malware packages had names that were common typosquats of a legitimate widely used Python library. One was downloaded hundreds of times

Hackers Steal $8M in Ongoing Attack on Solana Hot Wallets

Data Breach Today

Cause of Attack Is Unknown, Moving Funds to Cold Wallets Recommended Hackers are using an unknown exploit to draw down internet-connected wallets on the Solana blockchain.

Zero-Day Defense: Tips for Defusing the Threat

Dark Reading

Because they leave so little time to patch and defuse, zero-day threats require a proactive, multilayered approach based on zero trust

106
106

Dental Care Alliance Settles Breach Lawsuit for $3 Million

Data Breach Today

2020 Cyberattack Affected Patients, Employees at Hundreds of Dental Practices A $3 million settlement is headed for final court approval in a class action lawsuit involving a 2020 cyberattack against a vendor that provides support services to hundreds of dental practices in 21 states.

The Ultimate Guide to Hardening Windows Servers

IT Professional looking to harden your servers? ThreatLocker’s got you covered. The Ultimate Guide to Hardening Windows Servers offers tips and best practices to help mitigate cyber threats, better protect your servers, and secure your endpoints. Download today!

Google fixed Critical Remote Code Execution flaw in Android

Security Affairs

Google addressed a critical vulnerability in Android OS, tracked as CVE-2022-20345, that can be exploited to achieve remote code execution over Bluetooth. Google has fixed a critical vulnerability, tracked as CVE-2022-20345, that affects the Android System component.

IT 101

Hacking Concerns Delay Balloting for New UK Prime Minister

Data Breach Today

Online Voting System Being Revamped Over Concerns Ballots Could Later Be Changed Britain's Conservative Party is holding a leadership contest, with the winner set to become the country's next prime minister.

How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes

Dark Reading

Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT

Proof of Concept: China's Threat to National Security

Data Breach Today

Data Value Scorecard Report

This report examines the quantitative research of data leaders on data value and return on investment.

Manjusaka, a new attack tool similar to Sliver and Cobalt Strike

Security Affairs

Researchers spotted a Chinese threat actors using a new offensive framework called Manjusaka which is similar to Cobalt Strike.

OCC's Hsu Urges Multifactor Authentication

Data Breach Today

MFA Plus Patch Management and Backups Can Prevent Cyber Incidents A top federal regulatory official urged financial institutions to implement multifactor authentication for all nonpublic systems, telling an audience of financial executives that a majority of breaches could be avoided or mitigated through basic cybersecurity controls.

Cyberattackers Drain Nearly $6M From Solana Crypto Wallets

Dark Reading

So far, the ongoing attack has impacted nearly 8,000 Solana hot wallets

99

Reducing Risk by Breaking Down Supply Chain Siloes

Data Breach Today

Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

Enterprises poured $73 billion into data management software in 2020 – but are seeing very little return on their data investments. 22% of data leaders surveyed have fully realized ROI in the past two years, with 56% having no consistent way of measuring it.

New Startup Footprint Tackles Identity Verification

Dark Reading

Early-stage startup Footprint's goal is to provide tools that change how enterprises verify, authentication, authorize, and secure identity

Power semiconductor component manufacturer Semikron suffered a ransomware attack

Security Affairs

Semikron, a German-based independent manufacturer of power semiconductor components, suffered a ransomware cyberattck.

The Microsoft Team Racing to Catch Bugs Before They Happen

WIRED Threat Level

What's it like to be responsible for a billion people's digital security? Just ask the company's Morse researchers. Security Security / Cyberattacks and Hacks Security / Security News

IT 88

Labor Market Social Engineering: Supply-Side and Demand-Side

KnowBe4

We’re accustomed to social engineering being used for credential theft and business email compromise. We’re also accustomed to hearing about the increase in remote work during the pandemic, and how that has expanded organizations’ attack surface. Social Engineering

12 Considerations When Evaluating Data Lake Engine Vendors for Analytics and BI

Businesses today compete on their ability to turn big data into essential business insights. Modern enterprises leverage cloud data lakes as the platform used to store data. 57% of the enterprises currently using a data lake cite improved business agility as a benefit.

American Express, Snapchat Open-Redirect Vulnerabilities Exploited in Phishing Scheme

Dark Reading

Phishing operators are taking advantage of security bugs in the Amex and Snapchat websites (the latter is unpatched) to steer victims to phishing pages looking to harvest Google and Microsoft logins

Drone Deliveries into Prisons

Schneier on Security

Seems it’s now common to sneak contraband into prisons with a drone. Uncategorized crime drones prisons

Sending Spammers to Password Purgatory with Microsoft Power Automate and Cloudflare Workers KV

Troy Hunt

How best to punish spammers? I give this topic a lot of thought because I spend a lot of time sifting through the endless rubbish they send me.

A New Attack Easily Knocked Out a Potential Encryption Algorithm

WIRED Threat Level

SIKE was a contender for post-quantum-computing encryption. It took researchers an hour and a single PC to break it. Security Security / Cyberattacks and Hacks

Checklist Report: Preparing for the Next-Generation Cloud Data Architecture

Data architectures have evolved dramatically. It is time to reconsider the fundamental ways that information is accumulated, managed, and then provisioned to the different downstream data consumers.

On-Demand Webinar: New 2022 Phishing By Industry Benchmarking Report: How Does Your Organization Measure Up

KnowBe4

As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to be a race between effective technology and ever evolving attack strategies from the threat actors.

Cobalt Strike Inspires Next-generation Crimeware

eSecurity Planet

Cobalt Strike is a legitimate vulnerability scanning and pentesting tool that has long been a favorite tool of hackers , and it’s even been adapted by hackers for Linux environments. And now it’s inspiring imitators.

ShiftLeft Appoints Prevention-First, Cybersecurity Visionary and AI/ML Pioneer Stuart McClure as CEO

Dark Reading

Serial entrepreneur, cybersecurity leader, and industry veteran joins ShiftLeft to drive growth and AI/ML innovation globally