Infosec Pros: Multi-cloud environments create added security challenges

Infosec Pros: Multi-cloud environments create added security challenges

Organizations have multiple reasons for embracing a multi-cloud strategy. First, it enables them to avoid “vendor lock-in” where they need to rely on a single vendor for all their cloud-based needs. Second, it empowers them to take advantage of the perks offered by several cloud service providers at once. Lastly, such a strategy helps to protect them against data loss and/or downtime, as an issue in one environment won’t necessarily spill over into another. But…

Read More

5 tips for incident response management success – IT Governance

5 tips for incident response management success – IT Governance

The threat of cyber security incidents looms over all organisations. There are simply too many things that can go wrong – whether it’s a cyber attack, a technical malfunction or another delay – to assume that operations will always be functional. And when disaster strikes, time is of the essence. The longer it takes to respond, the more likely it is the costs will escalate. That’s why it’s essential to have an incident response plan….

Read More

A glimpse of women in the security sector today

A glimpse of women in the security sector today

A glimpse of women in the security sector today | 2021-07-08 | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more….

Read More

Building a culture of cybersecurity: 3 key takeaways from the 2021 SANS report

Building a culture of cybersecurity: 3 key takeaways from the 2021 SANS report

Building a culture of cybersecurity: 3 key takeaways from the 2021 SANS report | 2021-07-08 | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie…

Read More

CVE-2021-34527: Microsoft Releases Out-of-Band Patch for PrintNightmare Vulnerability in Windows Print Spooler

CVE-2021-34527: Microsoft Releases Out-of-Band Patch for PrintNightmare Vulnerability in Windows Print Spooler

Microsoft issues an out-of-band patch for critical ‘PrintNightmare’ vulnerability following reports of in-the-wild exploitation and publication of multiple proof-of-concept exploit scripts Background On July 6, Microsoft updated its advisory to announce the availability of out-of-band patches for a critical vulnerability in its Windows Print Spooler that researchers are calling PrintNightmare. This remote code execution (RCE) vulnerability affects all versions of Microsoft Windows. CVE Description CVSSv3 VPR* …

Read More

US Could Appeal Assange Extradition Refusal

US Could Appeal Assange Extradition Refusal

The United States has been given leave to appeal a British court’s decision not to extradite WikiLeaks founder Julian Paul Assange to America.  In Westminster Magistrate’s court in January, district judge Vanessa Baraitser ruled that Australian citizen Assange should not be extradited to the United States to face 17 charges under the Espionage Act and one charge under the Computer Fraud and Abuse Act.  The US Department of Justice indicted Assange in 2019 over his alleged involvement in the acquisition…

Read More

Scammers exploiting Kaseya ransomware attack to deploy malware

Scammers exploiting Kaseya ransomware attack to deploy malware

A new phishing campaign claims to offer a security update for Kaseya’s VSA software but actually tries to install malware, says Malwarebytes. Image: danijelala, Getty Images/iStockPhoto Cybercriminals are already taking advantage of the ransomware attack against IT firm Kaseya to deploy spam designed to infect computers with Cobalt Strike-delivered malware. In a July 6 update to an ongoing blog and a tweet about the Kaseya incident, security firm Malwarebytes said that its Threat Intelligence team…

Read More

Biden Administration Cancels $10bn JEDI Contract

Biden Administration Cancels bn JEDI Contract

The Biden administration has announced the cancellation of a $10bn massive cloud-computing contract awarded to Microsoft.  After Microsoft won a lengthy bidding process for the Joint Enterprise Defense Infrastructure (JEDI) cloud contract in 2019, competing contractor Amazon Web Services (AWS) complained that the decision wasn’t fair. Yesterday the DoD issued a statement declaring that the contract had passed its sell-by date and was no longer relevant. “The Department has determined that, due to evolving requirements, increased cloud conversancy, and industry advances,…

Read More

$13.7 million: Atlas VPN adds up the impact of the top 10 most successful blockchain scams

.7 million: Atlas VPN adds up the impact of the top 10 most successful blockchain scams

A new report finds that fake investment scams have netted the most funds among all the types of active blockchain scams. Image: Wit Olszewski/Shutterstock If you have been swindled by a blockchain con, the most likely culprit is a fake investment scam, according to an analysis by Atlas VPN. The top 10 most successful currently active blockchain scams have collected $13.7 million so far, the report found. CryptoMixer.com, a fake Bitcoin tumbler, is the biggest…

Read More

What to do when 2FA won’t allow you into your Linux servers

What to do when 2FA won’t allow you into your Linux servers

If two-factor authentication logins on your Linux servers are giving you fits, Jack Wallen has the solution for you. Image: iStockphoto/Jirsak Recently, I had an incident where a two-factor authentication-enabled Linux server wouldn’t allow me in via SSH. Fortunately, I had physical access to the server, so it wasn’t a complete disaster. Had I not been able to log into the machine on site, I would have had to count on someone on-premise to take…

Read More
1 3,501 3,502 3,503 3,504 3,505 4,087