Author: Admin

Today, I will be going over CIS Control 2 from version 8 of the top 18 CIS Controls – Inventory and Control of Software Assets. Version 7 of CIS Controls had 10 requirements, but in version 8, it’s simplified down to seven safeguards. I will go over those safeguards and offer my thoughts on what I’ve found. Key Takeaways for Control 2 Reusability. The tools that were mentioned in CIS Control 1 will also be…

An Australian couple has admitted stealing personally identifiable information (PII) and using it to commit money laundering and deception offenses that netted them millions of dollars. Jason Bran Lees, aged 33, and Emily Jane Walker, aged 29, were arrested in Adelaide in February 2020 along with a then 31-year-old unidentified co-conspirator who had moved from Adelaide to Sydney.  The couple has since pleaded guilty to dozens of charges, including dishonest dealings with documents and being in possession…

By James Gorman, CISO of AuthX On May 12, 2021, President Biden issued an Executive Order focused on improving the nation’s cybersecurity. This executive order strives to accomplish several important objectives for the United States’ approach to safeguarding its data and systems. Create a Zero Trust environment Manage the supply chain and its vulnerabilities Minimize barriers to intelligence sharing Create a Safety Review Board Create a standardized playbook for Incident Response The key outcomes for US cybersecurity procedures from this executive order include: Developing a Zero Trust environment. This insight can apply to any organization, regardless of industry or size. Incorporating just this one element will lead…

Cybersecurity company XYPRO Technology Corporation has acquired a critical security and compliance monitoring platform for SAP HANA and Linux environments from Hewlett Packard Enterprise (HPE). The acquisition of Workload Aware Security (WASL) was announced on Tuesday along with the news that HPE will continue to sell and distribute the WASL tool.  XYPRO said the deal would bring its mission-critical security expertise to the Open Systems and SAP HANA markets and customers. The company added that while it will…

News Detail PALO ALTO, Calif.–(BUSINESS WIRE)– VMware, Inc. (NYSE: VMW), a leading innovator in enterprise software, today announced that Raghu Raghuram, VMware’s chief executive officer will present at the Citi 2021 Global Technology Virtual Conference as a keynote speaker on Monday, September 13, 2021 at 9:10 a.m. PT/ 12:10 p.m. ET. A live webcast will be available on VMware’s Investor Relations page … Wed, 01 Sep 2021 00:00:00 PALO ALTO, Calif.–(BUSINESS WIRE)– VMware, Inc. (NYSE:…

News Detail PALO ALTO, Calif.–(BUSINESS WIRE)– VMware, Inc. (NYSE: VMW), a leading innovator in enterprise software, today announced that Raghu Raghuram, VMware’s chief executive officer will present at the Deutsche Bank Technology 2021 Conference as a keynote speaker on Thursday, September 9, 2021 at 9:30 a.m. PT/ 12:30 p.m. ET. A live webcast will be available on VMware’s Investor Relations page at … Wed, 01 Sep 2021 00:00:00 PALO ALTO, Calif.–(BUSINESS WIRE)– VMware, Inc. (NYSE:…

The United States Securities and Exchange Commission (SEC) has charged eight companies with cybersecurity failures that led to the exposure of personal information.  Sanctions against the firms were announced on Monday in the form of three actions against Cetera Advisor Networks LLC, Cetera Investment Services LLC, Cetera Financial Specialists LLC, Cetera Advisors LLC, and Cetera Investment Advisers LLC (collectively, the Cetera Entities); Cambridge Investment Research Inc. and Cambridge Investment Research Advisors Inc. (collectively, Cambridge); and KMS Financial…

Microsoft has fixed a critical flaw in Cosmos DB that allowed any Azure user to remotely take over other users’ databases without any authorization. Researchers from Cloud security company Wiz disclosed technical details of a now-fixed Azure Cosmos database vulnerability, dubbed ChaosDB, that could have been potentially exploited by attackers to gain full admin access to other customers’ database instances without any authorization. The flaw was trivial to exploit and impacts thousands of organizations worldwide….

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert urging enterprises to address the recently disclosed vulnerability in Microsoft Azure Cosmos DB. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert urging organizations to address the recently disclosed vulnerability in Microsoft Azure Cosmos DB (aka ChaosDB) as soon as possible. Last week, researchers from Cloud security company Wiz disclosed technical details of a now-fixed Azure Cosmos database vulnerability, dubbed ChaosDB, that could…