Multi-cloud is now clearly emerging as a strategic driver for many organizations as they seek to innovate and build a competitive edge. However, this shift brings with it challenges, many of which I discussed in a prior blog series.  With organizations seeing increased complexity, projects falling short of targets, and growing cloud consumption bills; these challenges, if not addressed, can drive negative impacts that offset the business value gained from leveraging the public cloud. But…

The European Commission finally approved Google’s acquisition of Fitbit yesterday, adding some conditions intended to protect user privacy and competition, although campaigners are disappointed in the decision. The Commission has been mulling the $2.1bn acquisition of the fitness monitoring giant for several months, as distrust over Google’s handling of data and alleged anti-competitive practices is high in the region. In February, the advisory European Data Protection Board raised concerns about the possibility of the tech…

UK energy supplier People’s Energy has suffered a data breach affecting its entire database, including information on previous customers. Co-founder of the company, Karin Sode, told BBC News that sensitive personal information of its customers, including names, addresses, dates of birth, phone numbers, tariff and energy meter IDs had been stolen by hackers. Following discovery of the breach on Wednesday morning, it has contacted all its 270,000 current customers to inform them of the breach….

A high impact vulnerability has been discovered in a popular Java cryptography library which could allow attackers to more easily brute force Bcrypt hashed passwords. CVE-2020-28052 is an authentication bypass bug in the OpenBSDBcrypt class of the widely used Bouncy Castle library. By exploiting it, attackers can effectively bypass password checks in applications using the Bcrypt algorithm for password hashing, explained Synopsys. Although attack complexity is rated high, so is the potential impact on confidentiality,…

Microsoft has notified over 40 customers that they have been compromised by malicious SolarWinds updates as part of a massive suspected Russian cyber-espionage campaign. The attacks, which the US government admitted to for the first time on Wednesday, are thought to have compromised numerous departments including the Treasury and commerce, health, energy and state departments, plus the National Nuclear Security Administration (NNSA). A malicious SolarWinds Orion update is thought to have been a primary attack…

Life for university students has changed massively during the coronavirus pandemic, as it has for all of us. While some in-person lectures and seminars are still taking place, there has been a big shift to remote learning. This has, perhaps understandably, led to concerns about how well students are engaging with this way of studying. Many universities have sought to address this by turning to remote monitoring tools to track students’ online activities. These tools…

SANTA CLARA, Calif., Dec. 17, 2020 /PRNewswire/ — Palo Alto Networks (NYSE: PANW), today launched a rapid response program to help SolarWinds Orion customers navigate risks from cyberattacks. SolarWinds Orion products are currently being exploited by malicious actors to gain access to the company’s systems, activity being tracked by Palo Alto Networks’ Unit 42 as SolarStorm. A rapid compromise assessment to map out an organization’s attack surface and tailored incident response services are available immediately at:…