Day: October 14, 2021

New AWS workbook for New Zealand financial services customers

We are pleased to announce a new AWS workbook designed to help New Zealand financial services customers align with the Reserve Bank of New Zealand (RBNZ) Guidance on Cyber Resilience. The RBNZ Guidance on Cyber Resilience sets out the RBNZ expectations for its regulated entities regarding cyber resilience, and aims to raise awareness and promote …

New AWS workbook for New Zealand financial services customers Read More »

Becoming a Cybercriminal Keeps Getting Easier

Zero-day vulnerabilities are no longer exclusively for elite hackers. There are now automated scripts available on GitHub so even novice hackers can explore these previously unknown security flaws. That was one of the insights in the HP Wolf Security Threat Insights Report released today. The report noted that the average time for a business to …

Becoming a Cybercriminal Keeps Getting Easier Read More »

Topic-specific policy 4/11: information transfer

“Information transfer” is another ambiguous, potentially misleading title for a policy, even if it includes “information security”. Depending on the context and the reader’s understanding, it might mean or imply a security policy concerning: Any passage of information between any two or more end points – network datacommunications, for instance, sending someone a letter, speaking …

Topic-specific policy 4/11: information transfer Read More »

Spirion partners with HANDD Business Solutions to help companies with data privacy regulations

Spirion and HANDD Business Solutions announced a partnership that showcases the depth of Spirion’s data discovery and classification technology combined with HANDD’s specialization in data protection. Spirion helps organizations comply with ever-changing data privacy regulations, avoid costly fees, protect against data breaches, and defend an organization’s reputation with Spirion Sensitive Data Platform (SDP). The Spirion …

Spirion partners with HANDD Business Solutions to help companies with data privacy regulations Read More »

The uppercased hell

Recently, Microsoft warned users about compatibility issues with applications using some non-ASCII characters in names of their registry keys. According to Microsoft: Compatibility issues have been found between apps using some non-ASCII characters in their registry keys or subkeys and Windows 11. Affected apps might be unable to open and might cause other issues or errors …

The uppercased hell Read More »

WhatsApp made available end-to-end encrypted chat backups

WhatsApp made available end-to-end encrypted chat backups on iOS and Android to prevent anyone from accessing user chats. WhatsApp is rolling out end-to-end encrypted chat backups on both iOS and Android devices, the move aims at implementing an optional layer of security to protect backups stored on Google Drive or iCloud cloud storage. Currently, WhatsApp …

WhatsApp made available end-to-end encrypted chat backups Read More »

These Six Security Capabilities Will Keep Applications, Hybrid Environments Secure

By Shira Sagiv, VP of Product at Radware As employees increasingly worked remotely during the pandemic, businesses quickened their pace toward the cloud. Already, the need for application agility was driving cloud adoption. As such, according to Radware’s The State of Web Application and API Protection report, 70% of production web applications now run in …

These Six Security Capabilities Will Keep Applications, Hybrid Environments Secure Read More »

How DocuSign phishing technique can be used to bypass your spam controls

Avanan cybersecurity specialists report the detection of a new phishing method in which threat actors look for susceptible targets among low-ranking employees who have access to an organization’s IT structure. Usually, a phishing attack involves the usurpation of the identity of a senior executive in an organization, which makes sense if we remember that in …

How DocuSign phishing technique can be used to bypass your spam controls Read More »

Introducing the Security at the Edge: Core Principles whitepaper

Amazon Web Services (AWS) recently released the Security at the Edge: Core Principles whitepaper. Today’s business leaders know that it’s critical to ensure that both the security of their environments and the security present in traditional cloud networks are extended to workloads at the edge. The whitepaper provides security executives the foundations for implementing a …

Introducing the Security at the Edge: Core Principles whitepaper Read More »

Three ideas to simplify your IT now

And just like that its October and another Cybersecurity Awareness Month is upon us. Since last year at this time… The post Three ideas to simplify your IT now appeared first on Entrust Blog. The post Three ideas to simplify your IT now appeared first on Security Boulevard.Read the article

Tom Kellermann joins Attivo Networks Advisory Board

Attivo Networks announced that Tom Kellermann has joined the company’s Advisory Board. Mr. Kellermann joins Attivo’s Advisory board as a highly respected cybersecurity expert with more than 22 years of experience. He serves as the Head of Cybersecurity Strategy for VMware Inc. Previously, Kellerman held the position of Chief Cybersecurity Officer for Carbon Black. In …

Tom Kellermann joins Attivo Networks Advisory Board Read More »

MyKing, the world’s oldest and largest botnet, generates millions of dollars for hackers

Cybersecurity experts report that, despite efforts to take it down, the MyKings botnet is still active and generating an incredible amount of money for its operators nearly five years after it was first detected. In addition, traders continue to resort to all sorts of tricks, including the use of bootkits, cryptojackers and other malicious tools. …

MyKing, the world’s oldest and largest botnet, generates millions of dollars for hackers Read More »

SentinelOne achieves AWS Security Competency status to help customers in defending cloud workloads

SentinelOne announced that the company has achieved Amazon Web Services (AWS) Security Competency status. The designation recognizes SentinelOne’s deep technical expertise and proven customer success protecting user endpoints and securing cloud adoption. As an AWS Partner, SentinelOne is committed to working closely with AWS customers to secure their cloud estates from the evolving threat landscape. …

SentinelOne achieves AWS Security Competency status to help customers in defending cloud workloads Read More »

US govt reveals three more ransomware attacks on water treatment plants this year

Ransomware gangs have silently hit three US water and wastewater treatment facilities this year, in 2021, the US government said in a joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA. The attacks —which had been previously unreported— took place in March, July, and August and hit facilities in Nevada, Maine, and California, …

US govt reveals three more ransomware attacks on water treatment plants this year Read More »

How to protect your Facebook account from hackers with new security feature “Facebook Protect”

To every single Public Relationships crisis it goes through, Facebook tries to respond with improvements to its service, especially in terms of user privacy and information security. The most recent of these improvements was dubbed Facebook Protect, a new feature that the social media giant has begun suggesting to its users. Some users report receiving …

How to protect your Facebook account from hackers with new security feature “Facebook Protect” Read More »

Adblocker promises to blocks ads, injects them instead

Researchers at Imperva uncovered a new ad injection campaign based on an adblocker named AllBlock. The AllBlock extension was available at the time of writing for Chrome and Opera in the respective web stores. While disguising your adware as an adblocker may seem counterintuitive, it is actually a smart thing to do. But let’s have …

Adblocker promises to blocks ads, injects them instead Read More »

House Lawmakers Announce Bill Targeting Tech Algorithms

Bill Would Remove Some Third-Party Content ‘Immunity’ Held by Social PlatformsDemocratic lawmakers on the House Committee on Energy and Commerce announced legislation that would rein in tech algorithms on platforms exceeding 5 million monthly viewers. This follows a high-profile whistleblower case heard before Congress on Facebook’s allegedly questionable data policies.Read the article

OpenSea vulnerability allowed crypto stealing with malicious NFTs

Researchers investigated the issue in OpenSea after an increase in complaints about receiving and opening free airdropped NFTs to steal user funds. The IT security researchers at Check Point identified critical security vulnerabilities in OpenSea (OpenSea.io – the highly popular and world’s largest NFT marketplace), which would allow remote attackers to drain the crypto wallets …

OpenSea vulnerability allowed crypto stealing with malicious NFTs Read More »

Since 2020, at least 130 different ransomware families have been active

The popular Google’s VirusTotal scanning service has published an interesting analysis of more than 80 Million ransomware samples. VirusTotal has published its first ransomware activity report based on the analysis of more than 80 million samples that have been uploaded from 140 countries worldwide. Since 2020, at least 130 different ransomware families have been active. …

Since 2020, at least 130 different ransomware families have been active Read More »

A Non-Programmer Introduction to the Software Supply Chain (Electron)

A topic that comes up frequently at Sonatype is something called the “software supply chain.” The term is based on how supply companies send parts to manufacturers who assemble them into things like cars, laptops, and musical instruments. This “chain” is an important focus because the connected links of a quality, speed, and consistency behind …

A Non-Programmer Introduction to the Software Supply Chain (Electron) Read More »

FBI, CISA warn water facility operators of ongoing malicious cyber activity

Written by AJ Vicens Oct 14, 2021 | CYBERSCOOP Ransomware attackers are continuing to target water and wastewater facilities, U.S. intelligence and law enforcement officials warned in a new bulletin based on incidents in five states. A cybersecurity advisory published Thursday from the FBI, the Cybersecurity Infrastructure and Security Agency, the Environmental Protection Agency, and the …

FBI, CISA warn water facility operators of ongoing malicious cyber activity Read More »