Why the cloud will never eat the data center

Why the cloud will never eat the data center

Sometimes it’s hard to see gradual changes in technology paradigms because they’re gradual.  Sometimes it helps to play “Just suppose…” and see where it leads. So, just suppose that the cloud did what some radical thinkers say, and “absorbed the network”. That’s sure an exciting tag line, but is this even possible, and how might it come about? Companies are already committed to a virtual form of networking for their WAN services, based on VPNs…

Read More

VERT Threat Alert: June 2021 Patch Tuesday Analysis | The State of Security

VERT Threat Alert: June 2021 Patch Tuesday Analysis | The State of Security

Today’s VERT Alert addresses Microsoft’s June 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-947 on Wednesday, June 9th. In-The-Wild & Disclosed CVEs CVE-2021-31955 This is one of two vulnerabilities fixed in today’s patch drop which were reported by Kaspersky Lab after detecting exploitation by threat actor PuzzleMaker. This Windows Kernel Information Disclosure could allow an attacker to read kernel memory via a user mode process via…

Read More

One night in March 2020 – Cisco Blogs

One night in March 2020 – Cisco Blogs

While sitting at the kitchen table one evening in early March of 2020, my wife and I discussed what was happening in the world and how my team at Cisco — like many of yours — was about to face an immediate mandate to enable remote work for our organizations. Our teams brainstormed, drafted contingency plans, and coordinated with other teams across Cisco’s IT organization. We had a collective understanding of how to respond. You…

Read More

Microsoft’s June 2021 Patch Tuesday Addresses 49 CVEs (CVE-2021-31955, CVE-2021-31956 and CVE-2021-33742)

Microsoft’s June 2021 Patch Tuesday Addresses 49 CVEs (CVE-2021-31955, CVE-2021-31956 and CVE-2021-33742)

CVE-2021-33739 | Microsoft Desktop Window Manager Core Library Elevation of Privilege Vulnerability CVE-2021-33739 is an EoP vulnerability in the Microsoft Desktop Window Manager (DWM) core library, dwmcore.dll. It was discovered and reported to Microsoft by researchers at DBAPPSecurity Threat Intelligence Center. In February, DBAPPSecurity Threat Intelligence Center disclosed another zero-day vulnerability, CVE-2021-1732, an elevation of privilege vulnerability in Win32k linked to a threat actor known as BITTER APT. In April, researchers at Kaspersky…

Read More

MoviePass Operators Settle Data Security Allegations

MoviePass Operators Settle Data Security Allegations

The operators of subscription service MoviePass have agreed to settle Federal Trade Commission allegations of fraud and data security failures.  It is alleged that MoviePass used an elaborate three-prong approach to prevent and discourage subscribers from using its $9.95 “one movie a day” monthly subscription service as advertised. First, according to the FTC complaint, the company blocked as many as 75,000 subscribers from accessing content by purposefully invalidating their passwords.  The FTC said: “MoviePass’s operators invalidated subscriber passwords…

Read More

Control Cisco Secure Workload Using APIs, Ansible, and Terraform

Control Cisco Secure Workload Using APIs, Ansible, and Terraform

Cisco Secure Workload, (formerly Cisco Tetration) provides policy lifecycle services, micro-segmentation, and cloud workload protection. Furthermore, it is completely accessible via open APIs and by using Ansible and Terraform. It is also part of Cisco Application-First Security and a pillar of the Cisco Zero Trust architecture.   Do you want to learn more about Cisco Secure Workload, and how to control it using APIs, Ansible and Terraform?Register here for the webinarTuesday, June 15th, 8:00 AM PDT …

Read More

Cyber-attack on NYC Law Department

Cyber-attack on NYC Law Department

An intrusion into the IT system of the New York City Law Department is being co-investigated by the New York Police Department and the FBI’s Cyber Task Force. The hack was first reported by The Daily News, which learned that sensitive information belonging to more than a thousand department employees may have been exposed in the security incident. After discovering the intrusion, the city restricted admission to the system, preventing government lawyers from accessing documents.  On…

Read More

Top 5 things to know about medical data security

Top 5 things to know about medical data security

Medical data is a valuable commodity—one that needs to be protected from cybersecurity threats. Tom Merritt lists five things to know about medical data security. Seth Rosenblatt’s “The Parallax View” recently posted about medical vulnerabilities found by CybelAngel’s senior cybersecurity analyst, David Sygula. TechCrunch had a similar writeup about warnings for medical imaging from Greenbone Networks’ lead researcher, Dirk Schrader. Last December, Kaspersky project manager Maria Namestnikova warned that software used by medical organizations is…

Read More
1 3,563 3,564 3,565 3,566 3,567 3,815