Cloud Security: Mess It Up and It's on You

Data Breach Today

Jay Heiser of Gartner Says the Cloud Demands New Security Processes, Tools The transition to cloud-based software and infrastructure has revolutionized development and services. It's also created a bevy of new security challenges.

IT 195

2020 Security Agenda: Who Owns it?

Data Breach Today

ForeScout's Ellen Sundra on Security Priorities and Challenges It's relatively easy to list an enterprise's cybersecurity priorities for 2020. But who owns them? What are the hurdles to completing these projects? These can be tougher questions to answer, says Ellen Sundra of ForeScout

IT 160

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Massive cyber attack forced Ruhr University Bochum (RUB) to shut down its IT infrastructure

Security Affairs

Ruhr University Bochum (RUB) shuts down a large portion of its central IT infrastructure between May 6 and May 7, 2020. “Due to considerable technical problems in the IT infrastructure, a large number of systems have not been available since around 8 a.m.

IT 99

Addressing Shadow IT Issues During COVID-19 Crisis

Data Breach Today

Security Experts Offer Risk Mitigation Tips With the massive shift to telework as a result of the COVID-19 pandemic, shadow IT is becoming a more critical security issue around the world. Security experts offer tips on mitigating the risks involved

IT 225

Signal Is Finally Bringing Its Secure Messaging to the Masses

WIRED Threat Level

The encryption app is putting a $50 million infusion from WhatsApp cofounder Brian Acton to good use, building out features to help it go mainstream. Security Security / Security News

Samsung fixes a zero-click issue affecting its phones

Security Affairs

Samsung addressed this month a critical 0-click vulnerability that was discovered by security researchers from Google. Samsung released this week a security patch that addresses a critical vulnerability, tracked as CVE-2020-8899, impacting all smartphones sold since 2014.

IT 104

Microsoft investigates claims that its GitHub account has been hacked

Security Affairs

Microsoft confirmed that it is investigating claims that its GitHub account has been hacked after some of its files were leaked online. Microsoft launched an investigation into the claims that its GitHub account has been hacked.

IT 96

API Security and Hackers: What’s the Need?

Security Affairs

API Security – There is a considerable demand for data-centric projects, that is why companies have quickly opened their data to their ecosystem through REST or SOAP APIs. Here are the simple tips for API security, let’s have a look! Call Security Experts.

87

The DoD Isn't Fixing Its Security Problems

Schneier on Security

It has produced several reports outlining what's wrong and what needs to be fixed. It's not fixing them : GAO looked at three DoD-designed initiatives to see whether the Pentagon is following through on its own goals.

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

Security Affairs

It has imposed online learning and earning, which in turn has open new doors of cybersecurity threats and data breaches. EU General Data Protection Regulation ( GDPR ) regulates the data security implemented by the organizations and companies. Secured Network.

GDPR 114

ISS reveals malware attack impacted parts of the IT environment

Security Affairs

ISS , the multinational Denmark-based facility services company, was hit with a malware that shuts down shared IT services worldwide. ISS services include cleaning services, support services, property services, catering services, security services and facility management services.

IT 113

RIP, 'IT Security'

Dark Reading

Information security is vital, of course. But the concept of "IT security" has never made sense

Cisco addresses multiple issues in its SD-WAN product

Security Affairs

Cisco has addressed a total of five vulnerabilities in its SD-WAN solution, including three high severity flaws. Cisco has addressed five vulnerabilities in its SD-WAN solution, including three high severity flaws. SecurityAffairs – CISCO SD-WAN, cyber security).

IT 94

Mozilla offers bigger rewards for Firefox flaws under its bug bounty program

Security Affairs

Mozilla announced some changes to its Firefox bug bounty program, it promises bigger rewards for vulnerabilities and will accept duplicate reports if necessary. Mozilla announced some major changes to its bug bounty program that was first launched in 2004.

IT 105

Security Doesn't Trust IT - and IT Doesn't Trust Security

Dark Reading

How a rocky relationship between IT operations and cybersecurity teams can compound security risks

Insurer Chubb Investigating 'Security Incident'

Data Breach Today

Maze Gang Claims Insurer Is a Victim, Emsisoft Reports Switzerland-based global insurance firm Chubb acknowledges that it's investigating a "security incident."

Security Affairs newsletter Round 265

Security Affairs

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 265 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived!

ICT solutions provider NTT Com discloses security breach

Security Affairs

NTT Com provides network management, security and solution services [3] to consumers, corporations and governments. The company launched an investigation after discovering unauthorized access to some systems on May 7, then this week it confirmed that threat actors may have been stolen.

Reducing Shadow IT Through Digital Transformation

Rocket Software

All businesses today have a hybrid IT environment. Other IT spending includes mobile, desktop and end-user devices. In many cases, those budgets might be by server domain, so the mainframe budget is separate and independent of the rest of their IT infrastructure.

Tor Project cut a third of its staff due to the Coronavirus

Security Affairs

The Tor Project cut a third of its staff due to the economic impact of the ongoing Coronavirus outbreak, 13 staffers out of 35 left the team. “The world won’t be the same after this crisis, and the need for privacy and secure access to information will become more urgent.

IT 106

Japan suspects HGV missile data leak in Mitsubishi security breach

Security Affairs

it suspects a possible leak of data including details of a prototype missile. Mitsubishi Electric disclosed the security incident only after two local newspapers, the Asahi Shimbun and Nikkei , reported the security breach.

Gartner's Top IT Security Projects for 2019

eSecurity Planet

Which IT security projects deliver the most value and protection from risk? Gartner analysts offer their views

Risk 99

Security Affairs newsletter Round 261

Security Affairs

The best news of the week with Security Affairs. Are Maze operators behind the attack on the IT services giant Cognizant? The post Security Affairs newsletter Round 261 appeared first on Security Affairs. A new round of the weekly newsletter arrived!

Security Pros Reassigned to IT Tasks in Coronavirus Pandemic

Dark Reading

Most security practitioners surveyed say their job functions have changed during the pandemic, and 90% are now working remotely full time

IT 91

Secure 2018 US Elections: It's Too Late

Data Breach Today

But here's how the company can get its act together in time for 2020 Facebook's Ex-CSO Says That Ship Has Sailed; Look to 2020 With less than three months to go until the U.S. midterm elections, Alex Stamos, until recently Facebooks's CSO, says there isn't time to properly safeguard this year's elections.

IT 143

Hackers are targeting recently patched WebLogic security vulnerability

Security Affairs

Oracle warns of attacks against recently patched WebLogic security bug. IT giant Oracle published a security alert to warn organizations running WebLogic servers of ongoing attacks that exploit the CVE-2020-2883 vulnerability.

Ke3chang hacking group adds new Ketrum malware to its arsenal

Security Affairs

The Ke3chang hacking group added a new malware dubbed Ketrum to its arsenal, it borrows portions of code and features from older backdoors. ” reads the report published by the security firm Intezer.

IT 71

The City of Durham shut down its network after Ryuk Ransomware attack

Security Affairs

The City of Durham, North Carolina, was the last victim in order of time of the infamous Ryuk ransomware that infected its systems. The City of Durham, North Carolina was forced to shut down its network after its systems have been infected with the Ryuk Ransomware during the weekend.

Securing IoT: Is It Feasible?

Data Breach Today

In an interview, Al Pascual of Javelin Strategy & Research, discusses the challenges involved in securing the exploding IoT landscape consumers now own about 870 million IoT devices.

IoT 100

Malware campaign employs fake security certificate updates

Security Affairs

Crooks are using a new phishing technique to trick victims into accepting the installation of a security certificate update and deliver malware. The Mokes backdoor allows hackers to execute arbitrary commands on the victim’s computer, it works on Linux, Windows and also OS X.

Security Affairs newsletter Round 253

Security Affairs

The best news of the week with Security Affairs. Google sued by New Mexico attorney general for collecting student data through its Education Platform. ISS reveals malware attack impacted parts of the IT environment. A new round of the weekly newsletter arrived!

Security Affairs newsletter Round 260

Security Affairs

The best news of the week with Security Affairs. The post Security Affairs newsletter Round 260 appeared first on Security Affairs. A new round of the weekly newsletter arrived!

Zyxel 0day Affects its Firewall Products, Too

Krebs on Security

On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware. Now it appears Holden’s hunch was dead-on.

IT 183

The EARN-IT Act

Schneier on Security

But far from mere recommendations, those "best practices" would be approved by Congress as legal requirements: if a platform failed to adhere to them, it would lose essential legal protections for free speech. Prepare for another attack on encryption in the U.S.

IT 108

Open Exchange Rates discloses a security breach

Security Affairs

Last week, Open Exchange Rates disclosed a data breach that exposed the personal information and hashed passwords for customers of its API service. Open Exchange Rates provides an API that allows its customers to obtain real-time and historical exchange rates for over 200 world currencies.

Popular Page Builder WordPress plugin fixes critical issues. Update it now!

Security Affairs

The Page Builder by SiteOrigin is the most popular page creation plugin for WordPress, it allows easily to create responsive column based content, using the widgets users know. The vulnerabilities have been discovered by experts from the Wordfence security firm. Update it now!

IT 90

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

San Francisco International Airport (SFO) disclosed a data breach, its websites SFOConnect.com and SFOConstruction.com were hacked last month. In March hackers compromised two websites of San Francisco International Airport (SFO) and now it disclosed a data breach.

AI-Augmented Security: Can Cyberattackers Counter It?

Data Breach Today

XM Cyber's Adi Ashkenazy on the Latest Trends Are cyberattackers working on ways to counter artificial intelligence-augmented security? And will the bad guys ever use AI-driven attacks? Adi Ashkenazy of XM Cyber offers an analysis

The North Korean Kimsuky APT threatens South Korea evolving its TTPs

Security Affairs

The Kimsuky APT group has been analyzed by several security teams. It was first spotted by Kaspersky researcher in 2013, recently its activity was detailed by ESTsecurity. By analyzing its contents, we noticed that it is used to delete the initial artifact (scr) and file itself.

IT 113

Security Affairs newsletter Round 258

Security Affairs

The best news of the week with Security Affairs. The post Security Affairs newsletter Round 258 appeared first on Security Affairs. A new round of the weekly newsletter arrived!