Day: September 2, 2021

Training Discount

Hey you! Out there beyond the wall, breaking bottles in the hall, you haven’t removed this feed from your RSS reader! If you add this feed there’s a training discount on my next open training course, kicking off October 11.Read the article

Caveonix and AWS Security Hub integration enriches data for improved risk and compliance posture

Caveonix announces its integration with Amazon Web Services (AWS) Security Hub. Security Hub provides a central repository to view and monitor findings and alerts, and through the two-way integration with Caveonix Cloud, customers can assess data around their security and compliance posture in a centralized, intuitive dashboard. Through this integration, Caveonix Cloud and AWS cloud-native …

Caveonix and AWS Security Hub integration enriches data for improved risk and compliance posture Read More »

White House Warns Of Cyberthreats Over Labor Day Weekend

NSC Adviser Anne Neuberger Says Organizations Should Take PrecautionsWhile there is currently a lack of specific cyberthreats, Deputy National Security Adviser Anne Neuberger urges organizations, especially those in critical infrastructure, to take precautions over the Labor Day weekend, as threat groups have taken advantage of previous holidays to conduct attacks.Read the article

Bluetooth BrakTooth bugs could affect billions of devices

Vulnerabilities collectively referred to as BrakTooth are affecting Bluetooth stacks implemented on system-on-a-chip (SoC) circuits from over a dozen vendors. The set of issues impact a wide variety of devices, from consumer electronics to industrial equipment. The associated risk ranges from denial-of-service, deadlock condition of the device to arbitrary code execution. Wide variety of products …

Bluetooth BrakTooth bugs could affect billions of devices Read More »

Acronis enhances cyber protection for MSPs through the CloudBlue PSA solution

Acronis announced the integration of its cyber protection solution for service providers, Acronis Cyber Protect Cloud, with CloudBlue’s PSA solution. The new integration gives service providers the ability to easily manage Acronis’ integrated cybersecurity, data protection, and endpoint protection management solution through the professional services automation and revenue management software they already rely on. The …

Acronis enhances cyber protection for MSPs through the CloudBlue PSA solution Read More »

Pixalate raises $18.1M to accelerate global expansion and media ratings platform

Pixalate announces $18.1 million of additional growth capital bringing the total investment to $22.7 million to date. Pixalate empowers organizations to navigate the increasingly complex CTV and Mobile ad supply chain by analyzing 5+ million apps that span multiple app stores, including Roku TV, Amazon FireTV, Google Play, and Apple App Store. In addition, Pixalate …

Pixalate raises $18.1M to accelerate global expansion and media ratings platform Read More »

Spring or autumn, your biggest cyber threat could be in the cloud

Sponsored The sun never seems to set on the cybercriminal threat, but whether you’re heading into autumn or bursting into spring you can tap into the world’s finest cyber security training, at upcoming SANS Institute events in Asia and Oceania. And with the cloud accounting for ever more of the world’s compute, you can be …

Spring or autumn, your biggest cyber threat could be in the cloud Read More »

DarkHole: 2

Here you can download the mentioned files using various methods. We have listed the original source, from the author’s page. However, after time these links ‘break’, for example: either the files are moved, they have reached their maximum bandwidth limit, or, their hosting/domain has expired. For these reasons, we have been in touch with each …

DarkHole: 2 Read More »

Tutorial: Migrate your applications from Okta to Azure Active Directory

In this tutorial, learn how to migrate your applications from Okta to Azure Active Directory (Azure AD). When converting Okta applications to Azure AD, it’s recommended to first document the current environment and application settings before migration. Source: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/migrate-applications-from-okta-to-azure-active-directoryRead the article

MOXFIVE hires Jeff Palatt as VP of Technical Advisory Services

MOXFIVE announced the appointment of Jeff Palatt as Vice President of Technical Advisory Services to scale its Technical Advisory team and meet the unprecedented demand for its services. Prior to MOXFIVE, Jeff was the Director of Cyber Defense and Incident Response at RSA Security and he previously worked in a variety of roles with Emergency …

MOXFIVE hires Jeff Palatt as VP of Technical Advisory Services Read More »

Security Alliance appoints Wiebe Ruttenberg as Director of Strategy

Wiebe Ruttenberg has joined cyber threat intelligence company Security Alliance, as Director of Strategy. Prior to this he worked in senior roles at the European Central Bank (ECB), the last five years as programme director focusing on technological innovation and cyber resilience across the financial sector. During his time at the ECB, Ruttenberg chaired the …

Security Alliance appoints Wiebe Ruttenberg as Director of Strategy Read More »

Andy Ellis joins Orca Security as advisory CISO

Orca Security announced that Andy Ellis, famed cybersecurity leader, has joined the company as an advisory CISO. Ellis will harness his broad security expertise from product development to industry awareness building, and even supporting HR, leadership, and talent management to further catapult the rapidly growing cloud security innovator forward. Ellis will leverage more than two …

Andy Ellis joins Orca Security as advisory CISO Read More »

UK: ICO rules regarding the online privacy of children enter into force

By James Clark and Anna Ward, DLA Piper UK LLP The Age Appropriate Design Code (“Code”), a new statutory Code of Practice published by the UK Information Commissioner’s Office (“ICO”), enters into force today (2 September 2021) following a one year transition period.  The Code seeks to regulate the provision of online services to children, …

UK: ICO rules regarding the online privacy of children enter into force Read More »

FBI: Americans lost more than $8 million to sextortion scams this year

The US Federal Bureau of Investigation said today that Americans lost more than $8 million to sextortion scams in the first seven months of the year following a massive uptick in activity from criminal groups. The Bureau’s Internet Crime Complaint Center (IC3) said today it received more than 16,000 sextortion complaints as of July 31, …

FBI: Americans lost more than $8 million to sextortion scams this year Read More »

Semperis extends its Active Directory protection to businesses in APAC market

Semperis announced new investments in the Asia-Pacific region as it extends its Active Directory protection, response, and recovery solutions to businesses in APAC. To support this expansion, the company is building out its team in the region and bringing on former Proofpoint sales director Albert Lee, a leader with 20 years of business management, enterprise …

Semperis extends its Active Directory protection to businesses in APAC market Read More »

KnockOutlook – A Little Tool To Play With Outlook

“The best feeling is to win by knockout.” – Nonito Donaire Overview KnockOutlook is a C# project that interacts with Outlook’s COM object in order to perform a number of operations useful in red team engagements. Command Line Usage metadata of every account search : search for the provided keyword in every mailbox save : …

KnockOutlook – A Little Tool To Play With Outlook Read More »

WhatsApp CVE-2020-1910 bug could have led to user data exposure

The now-fixed CVE-2020-1910 vulnerability in WhatApp ‘s image filter feature could have exposed user data to remote attackers. A high-severity security vulnerability in WhatApp’s image filter feature, tracked as CVE-2020-1910, could have been exploited by attackers to read sensitive information from the app’s memory by simply sending a specially crafted image over the messaging app …

WhatsApp CVE-2020-1910 bug could have led to user data exposure Read More »

A Microcontroller Friendly AR Headset On The Cheap

Generating the real-time images required for augmented reality (AR) goggles usually requires a fair amount of processing power, to the point that DIY efforts based around the Raspberry Pi often have trouble keeping up. But what if your AR aspirations don’t require fancy high-resolution graphics? If text and the occasional icon is enough to get …

A Microcontroller Friendly AR Headset On The Cheap Read More »

Security Bulletin: A security vulnerability has been fixed in IBM Security Identity Manager Virtual Appliance(CVE-2021-20480)

Sep 2, 2021 3:46 pm EDT | Medium Severity Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: – Tomcat incorrectly ignored the transfer encoding header …

Security Bulletin: A security vulnerability has been fixed in IBM Security Identity Manager Virtual Appliance(CVE-2021-20480) Read More »