Author: Admin

Our infrastructure is more vulnerable than we realized, Colonial Pipeline attack shows Length: 9:35 | May 11, 2021 Expert says there are several ways the hackers may have gotten access and how we can possibly prevent these attacks in the future. Source link

After crossing the 100 CVEs patched mark for the first time in April, Microsoft patched just 55 CVEs in May, the lowest number of CVEs patched this year. 4Critical 50Important 1Moderate 0Low Microsoft patched 55 CVEs in the April 2021 Patch Tuesday release, including four CVEs rated as critical, 50 rated as important and one rated as moderate. This month’s Patch Tuesday release includes fixes for: .NET Core &…

Everyone is talking about the need to “shift-left”, but it is not always clear what the implications are for infrastructure platform teams. This post looks at why enabling developers with management and operational capabilities is the next big shift that platform teams should embrace.   There are many stages in the life of an application that are typically disconnected from the rest of the software development lifecycle, a long-accepted fact of IT life that the…

Today’s VERT Alert addresses Microsoft’s May 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-943 on Wednesday, May 12th. In-The-Wild & Disclosed CVEs CVE-2021-31204 Up first in the list this month, we have a vulnerability that impacts .NET and Visual Studio and could allow a successful attacker to elevate their permissions. We see patches for Microsoft Visual Studio 2019 for Windows and macOS as well as .NET…

The state with the highest identity theft rate in the country may have been impacted by a Department of Labor data breach. According to new data released by the Federal Trade Commission (FTC), the reported rate of identity theft in Kansas in 2020 was higher than that of any other state and more than three times greater than the national average.  Last year, 43,211 Kansans informed the FTC that someone had stolen or attempted to…

  It has been more than a year since the outbreak of the COVID-19 global pandemic which has had a significant impact on health, lifestyles, and the way business is done. In the world of payments, many businesses have had to reinvent themselves and adapt to remote transactions and the world of e-commerce (in many cases on the cloud). On this blog, we discuss the challenges of e-commerce on payment security in Brazil with Carlos…

In line with our promise last year to continue publishing incident reviews for Docker Hub, we have two to discuss from April. While many users were unaffected, it is important for us to be transparent with our community, and we hope it is both informative and instructive. April 3rd 2021 Starting at about 07:30 UTC, a small proportion of registry requests (under 3%) against Docker Hub began failing. Initial investigation pointed towards several causes, including…

Though it likes to promote itself as being “philanthropic,” the DarkSide gang represents a dangerous threat to organizations around the world. The ransomware group that attacked Colonial Pipeline has in the past tried to donate some of its profits to charity in a twisted take on the tale of Robin Hood. But the gang known as DarkSide is appropriately named as it has proven it won’t hesitate to target vulnerable victims to make a buck….