Day: November 19, 2021

Tor Project calls to bring more than 200 obfs4 bridges online by December

The Tor Project offers rewards to users who will set up a Tor server after observing a significant drop in the number of Tor relays and Tor bridges. Bridges are private Tor relays that allow users to circumvent censorship, their role is essential in countries, that block Tor connections such as China, Belarus, Iran, and Kazakhstan. …

Tor Project calls to bring more than 200 obfs4 bridges online by December Read More »

VMware simplifies purchase and deployment of VMware Cross-Cloud services for AWS customers

VMware is making it easier for Amazon Web Services (AWS) customers to purchase and deploy VMware Cross-Cloud services to support their AWS environments. VMware Cross-Cloud services help AWS customers drive digital innovation with enterprise control. VMware Carbon Black Cloud and VMware Tanzu are the latest services now available in the AWS Marketplace, a digital catalog …

VMware simplifies purchase and deployment of VMware Cross-Cloud services for AWS customers Read More »

Accenture to help build Organon’s enterprise capabilities with SAP S4/HANA on AWS

Accenture has been selected by Organon to help establish and manage the transformation of the company’s enterprise resource planning (ERP) technology into a cloud-based digital core that will improve patient and employee experiences. With a standardized technology platform that integrates business processes and people, Organon will have real-time analytics at its fingertips, allowing it to …

Accenture to help build Organon’s enterprise capabilities with SAP S4/HANA on AWS Read More »

The Week in Ransomware – November 19th 2021 – Targeting Conti

While last week was full of arrests and law enforcement actions, this week has been much quieter, with mostly new research released. Security firms released reports on the types of cryptomixers used by ransomware gangs, a detailed report on Conti, and how Russian ransomware gangs are starting to work with Chinese hackers. Today, US regulators …

The Week in Ransomware – November 19th 2021 – Targeting Conti Read More »

Speedb partners with Redis to deliver cost-effective performance for high capacity real-time datasets

Speedb announced a strategic alliance with Redis. Speedb’s enterprise-grade data engine technology will now be offered by Redis to their more than 8,000 customers as an option to support the largest deployments for Redis on Flash use cases. With Speedb as the data engine, Redis on Flash can generate up to double throughput, with half …

Speedb partners with Redis to deliver cost-effective performance for high capacity real-time datasets Read More »

DataCore acquires MayaData to accelerate container deployments for cloud-first enterprises

DataCore Software announced it will acquire MayaData. The move follows a joint venture between the two companies in January 2020 that included funding, technology licensing, transfer of the DataCore container team to MayaData, and seats on the board of directors for DataCore’s CEO and primary investors. MayaData and its entire San Jose, CA-based team become …

DataCore acquires MayaData to accelerate container deployments for cloud-first enterprises Read More »

2 unpatched vulnerabilities identified in Philips IntelliBridge EC40 and EC80 Hub that are used to transfer data been medical devices

A Philips security alert reveals the discovery of two vulnerabilities in the IntelliBridge EC40 and IntellBridge EC80 hubs whose successful exploitation would allow threat actors to perform all kinds of malicious activities. As users may remember, Philips IntelliBridge EC40/80 hubs enable data transfer between medical devices in different formats. The hubs do not alter in …

2 unpatched vulnerabilities identified in Philips IntelliBridge EC40 and EC80 Hub that are used to transfer data been medical devices Read More »

Infrastructure Security Month: Resiliency is a collaborative effort

Week three of Infrastructure Security Month (ISM) is dedicated to raising awareness around resilience in critical infrastructure. The Cybersecurity & Infrastructure Security Agency (CISA) is asking all infrastructure stakeholders to include resilience when upgrading or building new critical infrastructure. CISA has identified 16 infrastructure sectors that are vital to national security and public health.   A …

Infrastructure Security Month: Resiliency is a collaborative effort Read More »

Ducen completes SOC 1 Type I compliance to protect customers’ data against breaches and cyber attacks

Ducen announces the successful completion of its SOC 1 Type I compliance. This attestation shows the company’s commitment to protecting their customers’ data and providing them with the reassurance, transparency, and peace of mind needed to be able to focus on growing the business. “Security has become a mission-critical top 3 priority for all businesses. …

Ducen completes SOC 1 Type I compliance to protect customers’ data against breaches and cyber attacks Read More »

Windows 11 Insider Previews: What’s in the latest build?

Windows 11 has been released, but behind the scenes, Microsoft is constantly working to improve the newest version of Windows. The company frequently rolls out public preview builds to members of its Windows Insider Program, allowing them to test out — and even help shape — upcoming features. The Windows Insider program is divided into …

Windows 11 Insider Previews: What’s in the latest build? Read More »

Cisco partners with JupiterOne to enhance its SecureX product portfolio

The new product, Cisco Secure Cloud Insights, offers cloud inventory tracking and relationship mapping to navigate public clouds as well as access rights management and security compliance reporting. Image: Shutterstock/GreenTech Cisco announced this week it has partnered with cloud security and governance platform provider JupiterOne to launch Cisco Secure Cloud Insights. Secure Cloud Insights will …

Cisco partners with JupiterOne to enhance its SecureX product portfolio Read More »

Canadian teenager stole $36 Million in cryptocurrency via SIM Swapping

A Canadian teen has been arrested for his alleged role in the theft of roughly $36.5 million worth of cryptocurrency. A Canadian teenager has been arrested for his alleged role in the theft of roughly $36.5 million worth of cryptocurrency from an American individual. The news of the arrest was disclosed by the Hamilton Police …

Canadian teenager stole $36 Million in cryptocurrency via SIM Swapping Read More »

Some Tesla owners unable to unlock cars due to server errors

Some Tesla owners worldwide are unable to unlock or communicate with their cars using the app due to an outage of the company’s servers. Starting around 4 PM EST, Tesla owners have taken to social media reporting that the Tesla app is returning a “500 server error” when attempting to communicate with the car. Tesla …

Some Tesla owners unable to unlock cars due to server errors Read More »

3 unpatched vulnerabilities in Philips MRI 1.5T and 3T machines allow leaking confidential health data

Information security specialists report the detection of three vulnerabilities in MRI 1.5T and MRI 3T, two magnetic resonance machines developed by the technology company Philips. According to reports, the flaws could be exploited to compromise vital functions in the affected systems, not to mention that so far there are no known updates. Below are brief …

3 unpatched vulnerabilities in Philips MRI 1.5T and 3T machines allow leaking confidential health data Read More »

Broadband Must Be Faster For Gov't Funding: EU Proposal

By Bryan Koenig (November 19, 2021, 9:56 PM EST) — The European Union on Friday sought public comment on proposed new guidelines for member countries’ use of government funding for broadband projects, particularly those that will enable faster minimum speeds, support mobile network deployment and provide consumer assistance. First teased in a July evaluation that …

Broadband Must Be Faster For Gov't Funding: EU Proposal Read More »

8 advanced threats Kaspersky predicts for 2022

Advanced threats constantly evolve. This year saw multiple examples of advanced persistent threats under the spotlight, allowing us to predict what threats might lead the future. Image: Profit_Image/Shutterstock Advanced persistent threats, which focus on cyberespionage goals, are a constant threat to companies, governments and freedom activists, to name a few. This activity keeps growing and …

8 advanced threats Kaspersky predicts for 2022 Read More »

95% of Board Members Say Information Security Strategy is Now Critical

Last Updated on November 22, 2021             The Deloitte Insights report, “Reshaping the cybersecurity landscape,” indicates that financial firms have been steadily increasing security spend, board security involvement and security/business alignment over the past three years. With increased pressure on boards and executive management teams to address security risks, the …

95% of Board Members Say Information Security Strategy is Now Critical Read More »

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim’s funds via Zelle, a “peer-to-peer” (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family. Naturally, a great deal of phishing schemes that precede these bank account takeovers begin …

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back Read More »

Feds Finalize Curbed Cyber Incident Reporting Rule For Banks

By Ben Kochman (November 19, 2021, 9:15 PM EST) — Federal regulators have finalized a rule that will require U.S. banks to alert authorities about confirmed cybersecurity episodes within 36 hours, using a new narrowed definition of a cybersecurity “incident” after industry lobbyists criticized an initial draft. In a joint notice published Thursday, the Federal …

Feds Finalize Curbed Cyber Incident Reporting Rule For Banks Read More »

Software supply chain threats. Recent Iranian cyber operations. Banking disclosure rules. ICS updates. UK, US announce closer cooperation in cyberops. A real, literal, evil maid?

Software supply chain incidents: FatPipe, PyPi, and IT services generally. A look at recent Iranian operations. The US Federal Reserve publishes its disclosure rules for banks sustaining cyber incidents. CISA issues a set of ICS advisories. Two of the Five Eyes announce plans for continued, even closer cooperation in cyberspace. Johannes Ullrich on attackers abusing …

Software supply chain threats. Recent Iranian cyber operations. Banking disclosure rules. ICS updates. UK, US announce closer cooperation in cyberops. A real, literal, evil maid? Read More »

Updated: APT Exploitation of ManageEngine ADSelfService Plus Vulnerability

The Federal Bureau of Investigation (FBI), CISA, and Coast Guard Cyber Command (CGCYBER) have updated the Joint Cybersecurity Advisory (CSA) published on September 16, 2021, which details the active exploitation of an authentication bypass vulnerability (CVE-2021-40539) in Zoho ManageEngine ADSelfService Plus—a self-service password management and single sign-on solution. The update provides details on a suite …

Updated: APT Exploitation of ManageEngine ADSelfService Plus Vulnerability Read More »

Hatem Naguib, new CEO of Barracuda Networks, to discuss his views on how cybersecurity trends have drastically changed over the past year, including the rise of ransomware.

This interview from November 11th, 2021 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner speaks with Hatem Naguib, new CEO of Barracuda Networks, to discuss his views on how cybersecurity trends have drastically changed over the past year, including the rise of ransomware.Read more