security

Most Tech Leaders Worry About SaaS Security Threats

Posted on by Admin
Most Tech Leaders Worry About SaaS Security Threats

Software-as-a-Service applications have long been targets of cyberthreats. A new study finds that these threats remain top of mind for 78% of U.S. technology leaders as more SaaS apps find their way into the enterprise. Although enterprises have been prioritizing data privacy and security, their continued reliance on SaaS and cloud offerings means they remain at risk, according to the The SaaS Disruption Report: Security & Data by Onymos and Enterprise Strategy Group. Shiva Nathan,…

Read More

Report Highlights Rising Risks in Sensitive Data Management

Posted on by Admin
Report Highlights Rising Risks in Sensitive Data Management

The volume of sensitive data that companies are harbouring in non-production environments, like development, testing, analytics, and AI/ML, is rising, according to a new report. Executives are also getting more concerned about protecting it — and feeding it into new AI products is not helping. The “Delphix 2024 State of Data Compliance and Security Report” found that 74% of organisations that handle sensitive data increased the volume kept in non-production, also known as lower, environments…

Read More

Ransomware Trends: Most Attacks Hit Between 1am and 5am, Study Finds

Posted on by Admin
Ransomware Trends: Most Attacks Hit Between 1am and 5am, Study Finds

Threat actors are taking advantage of when security professionals are off-duty to stage their ransomware attacks, new research has found. The ThreatDown 2024 State of Ransomware report from Malwarebytes has revealed most incidents in the last year occurred between 1 a.m. and 5 a.m. The report’s authors used data from the ThreatDown Managed Detection and Response team to conduct their research. It found that global ransomware attacks increased by 33% in the last year, with…

Read More

SOCI Act 2024: Insights on Critical Infrastructure

Posted on by Admin
SOCI Act 2024: Insights on Critical Infrastructure

A rise in ransomware incidents and the embrace of artificial intelligence are considered potential data risks facing Australia’s critical infrastructure organisations, according to a new report. This news comes as new cyber security rules under the Security of Critical Infrastructure Act 2018 come into force in August 2024. The Critical Infrastructure Edition of the 2024 Data Threat Report, by technology organisation Thales, found that ransomware incidents at critical infrastructure organisations are on the rise globally…

Read More

National Public Data Breach: 2.7bn Records Leaked on Dark Web

Posted on by Admin
National Public Data Breach: 2.7bn Records Leaked on Dark Web

In August, a hacker dumped 2.7 billion data records, including social security numbers, on a dark web forum, in one of the biggest breaches in history. The data may have been stolen from background-checking service National Public Data at least four months ago. Each record has a person’s name, mailing address, and SSN, but some also contain other sensitive information, such as names of relatives, according to Bloomberg. How the data was stolen This breach…

Read More

How to Offer Secure IVR Banking and Authenticate Callers

Posted on by Admin
How to Offer Secure IVR Banking and Authenticate Callers

IVR banking is very common. If you’ve ever dialed your bank to check an account balance or pay a bill, you’ve probably used it. In addition to these basic self-service tasks, customers can use bank IVRs to report fraud, update personal information, check their transaction history, or even change their PIN without having to wait for an agent. Having access to a variety of options such as these makes using IVR a convenient alternative to…

Read More

NIS2 Compliance Unveiled: Operational Managers' Roadmap to Actionable Security Measures

Posted on by Admin
NIS2 Compliance Unveiled: Operational Managers' Roadmap to Actionable Security Measures

Most companies acting in the European Union (EU) responsible for their own, or other, critical infrastructures already have stringent processes and procedures triggered by national and industry regulations and through implementing industry standards like IEC 62443 and IEC 62351. However, new and evolving regulations, like the upcoming implementation of the EU NIS2 Directive in each EU Member State, force companies to reassess the current state of their organizational, operational, and technical security controls, along with…

Read More

Microsoft Azure Outage Caused by DDoS Attack

Posted on by Admin
Microsoft Azure Outage Caused by DDoS Attack

Microsoft has confirmed the cause of the outage on July 30 was a distributed denial-of-service attack. However, its advisory added that the issue was exacerbated by an “error in the implementation of their defenses” during a mitigation attempt. The Azure cloud services were impacted between approximately 11:45 UTC and 19:43 UTC after being flooded by internet traffic. Redmond security pros say that the Azure Front Door and Azure Content Delivery Network components were “performing below…

Read More

Top 6 Cloud Computing Certifications Worth Taking

Posted on by Admin
Top 6 Cloud Computing Certifications Worth Taking

Course Spotlight: Microsoft Cloud Support Associate Professional Certificate on Coursera Our assessment: Best for going from beginner to ready for a career This certification teaches skills from the very basics of knowledge about computing to valuable professional techniques in Microsoft Azure, one of the most popular cloud platforms. This certification includes 12 courses intended to get learners up to speed on IT and cybersecurity, Microsoft 365, cloud management and professional cloud administration. The courses included…

Read More

Microsoft Says VMware ESXi Flaw is Being Exploited By Ransomware Groups

Posted on by Admin
Microsoft Says VMware ESXi Flaw is Being Exploited By Ransomware Groups

A vulnerability in the ESXi hypervisor was patched by VMware last week, but Microsoft has revealed that it has already been exploited by ransomware groups to gain administrative permissions. VMware ESXi is a bare-metal hypervisor that enables the creation and management of virtual machines directly on server hardware, which may include critical servers. CVE-2024-37085 is an authentication bypass vulnerability that allows malicious actors with sufficient permissions to gain full access to a domain-joined ESXi host….

Read More
1 2 3 4 5 6 15