Author: Admin

CSO Online | May 19, 2021 The SolarWinds breach represents a tectonic shift in threat actor tactics, suggesting this kind of attack vector will be replicated. Not only were the attacker’s sophistication and technical proficiency high — allowing them to stay in stealth mode — they also understood the supply chain. Join us to learn how improved identity management and governance surrounding software components, along with workload runtime protection, are critical strategies in guarding against…

Amazon’s, Google’s and Microsoft’s experiences with building massive infrastructures for the world allows for some fascinating insights into the future of IT security at scale. As a result, when Google published The CISO’s Guide to Cloud Security Transformation earlier this year, I was curious about what priorities they saw in cloud security. It’s a short read, and it’s well worth the time invested in downloading a copy.  I want to share my observations on some…

The scourge that is ransomware has had a devastating impact on the lives of ordinary people around the world, but it doesn’t have to be that way, according to a panel of experts speaking at the 2021 RSA Conference on May 18. Ransomware is not a new problem in 2021, and it certainly is not one that appears to be diminishing by any measure; rather, it’s growing. Jen Miller-Osborn, deputy director of threat intelligence for Unit…

  P2PE Assessors and Participating Organizations are invited to provide feedback on the draft P2PE v3.1 Standard minor revision during a 30-day request for comments (RFC) period running from 18 May through 17 June 2021. This minor revision primarily includes updates to Domain 5 to align with the updates, as applicable, from the PCI PIN v3.1 Standard minor revision published in March 2021. Additional errata updates are also included.

At the first-ever virtual Google I/O, Alphabet Chief Executive Officer Sundar Pichai talked about news on Workspace, quantum computing and privacy needs. Google announced new video collaboration features as part of Smart Canvas, a new set of capabilities that is part of Workspace. The keynote for Google I/O was live streamed from Google’s headquarters in Mountain View, California on Tuesday, and Google executives touched on everything from new collaboration features in Workspace, to quantum computing,…

When a security breach occurs in the US today there is no single authority or national breach reporting law that needs to be adhered to, but that could change in the near future, according to a panel of experts speaking at the 2021 RSA Conference on May 18. Luke Dembosky, partner at law firm Debevoise & Plimpton LLP, commented that the current state of breach reporting in the US is a patchwork of laws and policies that vary…

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Android, Malware, Ransomware, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat…