Author: Admin

One of the world’s largest cruise ship operators has disclosed a data breach from mid-March, impacting an unspecified number of customers, employees, and crew. Carnival Corporation runs many of the globe’s leading cruise lines, including P&O, Cunard and Carnival Cruise Line. According to a data breach notification letter sent to customers and seen by Infosecurity, the firm detected unauthorized third-party access to a “limited number” of email accounts on March 19. “The impacted information includes data routinely…

The Cloud Permissions Gap exposes organizations to highly exploitable risk combined with the inability to implement and manage Zero Trust policies. By Raj Mallempati, CloudKnox Security COO In 2020, when organizations were prioritizing digital transformation so they could pivot to remote work on an unprecedented scale, Gartner added a new category to its 2020 Hype Cycle for Identity and Access Management Technologies called Cloud Infrastructure Entitlement Management (CIEM). CIEM? Looks a lot like SIEM. CIEM…

More than a billion records were exposed after a misconfiguration error left a CVS Health cloud database without password protection. The 240GB of unsecured data was discovered by WebsitePlanet and security researcher Jeremiah Fowler in a cooperative investigation.  Because of the security oversight by CVS Health, which owns CVS Pharmacy and Aetna, a total of 1,148,327,940 records were exposed. Information that was left publicly accessible to anyone who knew how to look for it included customers’ search histories detailing their…

  To follow up on an earlier communication, PCI SSC is now targeting a Q1 2022 publication date for PCI DSS v4.0. This timeline supports the inclusion of an additional request for comments (RFC) for the community to provide feedback on the PCI DSS v4.0 draft validation documents.

Written by Sean Lyngaas Jun 17, 2021 | CYBERSCOOP Days after Israel and Gaza-based militant group Hamas agreed to a ceasefire in May, Arabic-speaking hackers resumed an effort to break into government networks in the Middle East, according to research published Thursday. The hacking group, known as MoleRATs, sent target organizations a malware-laced PDF claiming to be a report on Hamas members meeting with the Syrian government, security firm Proofpoint said. The malicious code is…

Australians’ lives were disrupted on Thursday by a widespread internet outage that impacted the country’s mail service and multiple businesses, including banks and airlines. The outage began in the early hours and was caused by a problem at Akamai Technologies, a global content delivery network (CDN) and cybersecurity and cloud service provider.  Akamai, which is based in Cambridge, Massachusetts, has acknowledged the issue, but has not yet disclosed the cause of service disruptions to its hosting platform,…

How well can you predict, prevent and respond to ever-changing cyberthreats? How do you know that your security efforts measure up? The stakes are high if this is difficult to answer and track.  Imagine if you had one place where you found a comprehensive real time security posture that tells you exactly where the looming current cyber risks are and the impact?  Let’s consider a recent and relevant cyber threat. Take, for example, the May…