Cybersecurity expert discusses the many ways attackers could have gotten access to the Colonial Pipeline company and reminds us why the threat always looms. TechRepublic’s Karen Roby spoke with Vyas Sekar, a professor in electrical and computer engineering at Carnegie Mellon University, about the Colonial Pipeline ransomware attack by the hacker group Darkside. The following is an edited transcript of their conversation. Karen Roby: We’re learning more about the Colonial Pipeline ransomware attack. There are…

Our infrastructure is more vulnerable than we realized, Colonial Pipeline attack shows Length: 9:35 | May 11, 2021 Expert says there are several ways the hackers may have gotten access and how we can possibly prevent these attacks in the future. Source link

After crossing the 100 CVEs patched mark for the first time in April, Microsoft patched just 55 CVEs in May, the lowest number of CVEs patched this year. 4Critical 50Important 1Moderate 0Low Microsoft patched 55 CVEs in the April 2021 Patch Tuesday release, including four CVEs rated as critical, 50 rated as important and one rated as moderate. This month’s Patch Tuesday release includes fixes for: .NET Core &…

Everyone is talking about the need to “shift-left”, but it is not always clear what the implications are for infrastructure platform teams. This post looks at why enabling developers with management and operational capabilities is the next big shift that platform teams should embrace.   There are many stages in the life of an application that are typically disconnected from the rest of the software development lifecycle, a long-accepted fact of IT life that the…

Today’s VERT Alert addresses Microsoft’s May 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-943 on Wednesday, May 12th. In-The-Wild & Disclosed CVEs CVE-2021-31204 Up first in the list this month, we have a vulnerability that impacts .NET and Visual Studio and could allow a successful attacker to elevate their permissions. We see patches for Microsoft Visual Studio 2019 for Windows and macOS as well as .NET…

The state with the highest identity theft rate in the country may have been impacted by a Department of Labor data breach. According to new data released by the Federal Trade Commission (FTC), the reported rate of identity theft in Kansas in 2020 was higher than that of any other state and more than three times greater than the national average.  Last year, 43,211 Kansans informed the FTC that someone had stolen or attempted to…

  It has been more than a year since the outbreak of the COVID-19 global pandemic which has had a significant impact on health, lifestyles, and the way business is done. In the world of payments, many businesses have had to reinvent themselves and adapt to remote transactions and the world of e-commerce (in many cases on the cloud). On this blog, we discuss the challenges of e-commerce on payment security in Brazil with Carlos…