Organizations have multiple reasons for embracing a multi-cloud strategy. First, it enables them to avoid “vendor lock-in” where they need to rely on a single vendor for all their cloud-based needs. Second, it empowers them to take advantage of the perks offered by several cloud service providers at once. Lastly, such a strategy helps to protect them against data loss and/or downtime, as an issue in one environment won’t necessarily spill over into another. But…

The threat of cyber security incidents looms over all organisations. There are simply too many things that can go wrong – whether it’s a cyber attack, a technical malfunction or another delay – to assume that operations will always be functional. And when disaster strikes, time is of the essence. The longer it takes to respond, the more likely it is the costs will escalate. That’s why it’s essential to have an incident response plan….

Microsoft issues an out-of-band patch for critical ‘PrintNightmare’ vulnerability following reports of in-the-wild exploitation and publication of multiple proof-of-concept exploit scripts Background On July 6, Microsoft updated its advisory to announce the availability of out-of-band patches for a critical vulnerability in its Windows Print Spooler that researchers are calling PrintNightmare. This remote code execution (RCE) vulnerability affects all versions of Microsoft Windows. CVE Description CVSSv3 VPR* …

The United States has been given leave to appeal a British court’s decision not to extradite WikiLeaks founder Julian Paul Assange to America.  In Westminster Magistrate’s court in January, district judge Vanessa Baraitser ruled that Australian citizen Assange should not be extradited to the United States to face 17 charges under the Espionage Act and one charge under the Computer Fraud and Abuse Act.  The US Department of Justice indicted Assange in 2019 over his alleged involvement in the acquisition…

A new phishing campaign claims to offer a security update for Kaseya’s VSA software but actually tries to install malware, says Malwarebytes. Image: danijelala, Getty Images/iStockPhoto Cybercriminals are already taking advantage of the ransomware attack against IT firm Kaseya to deploy spam designed to infect computers with Cobalt Strike-delivered malware. In a July 6 update to an ongoing blog and a tweet about the Kaseya incident, security firm Malwarebytes said that its Threat Intelligence team…

The Biden administration has announced the cancellation of a $10bn massive cloud-computing contract awarded to Microsoft.  After Microsoft won a lengthy bidding process for the Joint Enterprise Defense Infrastructure (JEDI) cloud contract in 2019, competing contractor Amazon Web Services (AWS) complained that the decision wasn’t fair. Yesterday the DoD issued a statement declaring that the contract had passed its sell-by date and was no longer relevant. “The Department has determined that, due to evolving requirements, increased cloud conversancy, and industry advances,…

A new report finds that fake investment scams have netted the most funds among all the types of active blockchain scams. Image: Wit Olszewski/Shutterstock If you have been swindled by a blockchain con, the most likely culprit is a fake investment scam, according to an analysis by Atlas VPN. The top 10 most successful currently active blockchain scams have collected $13.7 million so far, the report found. CryptoMixer.com, a fake Bitcoin tumbler, is the biggest…

If two-factor authentication logins on your Linux servers are giving you fits, Jack Wallen has the solution for you. Image: iStockphoto/Jirsak Recently, I had an incident where a two-factor authentication-enabled Linux server wouldn’t allow me in via SSH. Fortunately, I had physical access to the server, so it wasn’t a complete disaster. Had I not been able to log into the machine on site, I would have had to count on someone on-premise to take…