Day: July 22, 2022

T-Mobile collaborates with Apple to simplify IT management for small businesses

T-Mobile is joining forces with Apple to introduce a plan JUST for small businesses that tackles pain points they face keeping their business and employees connected. Available now, Business Unlimited Ultimate+ for iPhone is the first and only wireless plan that makes IT easy for small businesses, pairing Apple Business Essentials with AppleCare+ for Business …

T-Mobile collaborates with Apple to simplify IT management for small businesses Read More »

Platform Security Firm SonicWall Promotes Sales Guru to CEO

Network Firewalls, Network Access Control , Security Operations SonicWall Taps Bob VanKirk to Grow Cloud Transformation and Enterprise Coverage Michael Novinson (MichaelNovinson) • July 22, 2022     Bob VanKirk starts as SonicWall’s CEO on Aug. 1 (Image: SonicWall) SonicWall has promoted its accomplished chief revenue officer, Bob VanKirk, to CEO and tasked him with …

Platform Security Firm SonicWall Promotes Sales Guru to CEO Read More »

Siemens Energy joins AWS Partner Network to provide customers with industrial cybersecurity solutions

Siemens Energy announces it is joining the Amazon Web Services (AWS) Partner Network (APN), a global community of partners that leverage programs, expertise, and resources to build, market, and sell customer offerings. This expanded relationship includes listing Siemens Energy’s Managed Detection and Response (MDR) industrial cyber security solution in AWS Marketplace, a digital catalog that …

Siemens Energy joins AWS Partner Network to provide customers with industrial cybersecurity solutions Read More »

Uber Inks Deal With Feds In Criminal Probe Over 2016 Breach

By Hailey Konnath (July 22, 2022, 11:05 PM EDT) — Uber has reached an agreement with the U.S. Department of Justice that puts to rest a criminal investigation into the company’s cover-up of the sprawling 2016 data breach in which 57 million riders’ information was stolen, the DOJ announced Friday. The ride-hailing company has entered into …

Uber Inks Deal With Feds In Criminal Probe Over 2016 Breach Read More »

Understanding Proposed SEC Rules Through an ESG Lens

Environmental, social, and governance (ESG) considerations are hardly new topics when it comes to compliance reporting for financial services firms, but the impact of cybersecurity breaches on the governance component soon will gain a much higher profile for financial and non-financial organizations alike. Whether addressing privacy issues, the financial losses of ransomware, or business continuity …

Understanding Proposed SEC Rules Through an ESG Lens Read More »

ESW #281 – Aubrey Turner

Paul’s Security Weekly Fri, 22 Jul 2022 22:25:32 +0000 Fri, 22 Jul 2022 22:31:51 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ production@securityweekly.net (production@securityweekly.net) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly paul@securityweekly.com hacking,security false production@securityweekly.net episodic no ESW #281 – Aubrey Turner Fri, 22 Jul 2022 22:25:32 +0000 02:11:50 false podcast full Read more

Amazon-One Medical Deal: Scrutiny Likely, Lawsuit Not

By Bryan Koenig (July 22, 2022, 10:24 PM EDT) — A prevailing antagonism against big companies generally and the power of online platforms specifically may spur antitrust scrutiny of Amazon’s $3.9 billion bid for One Medical, but enforcers are unlikely to find grounds to launch a direct challenge, competition attorneys said Friday. In past administrations, …

Amazon-One Medical Deal: Scrutiny Likely, Lawsuit Not Read More »

SWN #225 – C++, 8220, Microsoft, Okta Passwords, Candiru, Intel Microcode, & Heat – Wrap Up

Paul’s Security Weekly Fri, 22 Jul 2022 22:25:32 +0000 Fri, 22 Jul 2022 22:31:50 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ production@securityweekly.net (production@securityweekly.net) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly paul@securityweekly.com hacking,security false production@securityweekly.net episodic no SWN #225 – C++, 8220, Microsoft, Okta Passwords, Candiru, Intel Microcode, & Heat – Wrap Up Fri, 22 Jul 2022 22:21:00 +0000 …

SWN #225 – C++, 8220, Microsoft, Okta Passwords, Candiru, Intel Microcode, & Heat – Wrap Up Read More »

Americans Deserve More Than The Current American Data Privacy Protection Act

EFF is disappointed by the latest draft of the American Data Privacy Protection Act, or the ADPPA (H.R. 8152), a federal comprehensive data privacy bill. The bill passed the U.S. House Energy and Commerce committee on Wednesday, and is headed to the House floor. We have been closely monitoring the progress of this bill, and …

Americans Deserve More Than The Current American Data Privacy Protection Act Read More »

Microsoft closes off two avenues of attack: Office macros, RDP brute-forcing

Microsoft is shutting the door on a couple of routes cybercriminals have used to attack users and networks. The enterprise IT giant’s policy of blocking internet-sourced Visual Basic for Applications (VBA) macros in Office by default has been activated once again after a brief pause to address feedback from users who were having difficulty with …

Microsoft closes off two avenues of attack: Office macros, RDP brute-forcing Read More »

Feds Warn Healthcare Sector of Web Application Attacks

Application Security & Online Fraud , Fraud Management & Cybercrime , Healthcare HHS HC3 Advises Medical Centers, Others to Mitigate Risks Involving Many Common Apps Marianne Kolbasuk McGee (HealthInfoSec) • July 22, 2022     Federal authorities are advising healthcare sector entities to batten down their patient portals and other common web applications from cyberattacks. …

Feds Warn Healthcare Sector of Web Application Attacks Read More »

Ex-Twitter Worker's Saudi Spy Trial Homes In On Global Travel

By Bonnie Eslinger (July 22, 2022, 9:39 PM EDT) — The criminal trial of a former Twitter employee accused of spying for Saudi Arabia entered its second day Friday with California federal prosecutors showing that in the months before he quit working for the social media giant, he jetted internationally from San Francisco to London; …

Ex-Twitter Worker's Saudi Spy Trial Homes In On Global Travel Read More »

Cybersecurity Rating vs. Penetration Testing (Pen Test)

IT leaders are responsible for keeping their organization’s digital and informational assets safe and secure. It should go without saying that protecting employees and client data should be a top priority for CISOs. Assets that have fallen into the digital world, such as IP addresses, subdomains, DNS records, etc., could pose risk to your organization, …

Cybersecurity Rating vs. Penetration Testing (Pen Test) Read More »

ICYMI: Neopets & the Gaming Problem; SolarWinds Hackers Are Back; Google Ads Abused

Welcome to Dark Reading’s weekly digest of the can’t-miss stories of the week, featuring the lowdown on the Neopets breach and what it means for consumer-facing companies of all kinds; Google Drive and the trouble with the malicious use of cloud applications; a slew of disclosures about state-sponsored campaigns; and a Google Ads-related malvertising issue. …

ICYMI: Neopets & the Gaming Problem; SolarWinds Hackers Are Back; Google Ads Abused Read More »

MICROSOFT MAKES THINGS HARDER FOR CYBER CRIMINALS BY DISABLING MACROS AGAIN BY DEFAULT IN OFFICE PRODUCTS

One of the attack methods that hackers can use is a simple Word document that they send in the mail. They use macros that are capable of executing the malicious payload and infecting a system, stealing information, etc. Microsoft has had second thoughts about what to do with macros. Now it looks like it’s back …

MICROSOFT MAKES THINGS HARDER FOR CYBER CRIMINALS BY DISABLING MACROS AGAIN BY DEFAULT IN OFFICE PRODUCTS Read More »

[Control systems] Rockwell Automation security advisory (AV22-411)

Number: AV22-411Date: 22 July 2022 On 21 July 2022 ICS-CERT published an ICS Advisory to highlight vulnerabilities in the following product: ISaGRAF Workbench – versions 6.0 to 6.6.9 Exploitation of these vulnerabilities could result in arbitrary code execution and privilege escalation. The Cyber Centre encourages users and administrators to review the provided web link, perform …

[Control systems] Rockwell Automation security advisory (AV22-411) Read More »

[Control systems] Johnson Controls security advisory (AV22-410)

Number: AV22-410Date: 22 July 2022 On 21 July 2022 ICS-CERT published an ICS Advisory to highlight a vulnerability in the following product: Johnson Controls Metasys ADS, ADX, OAS with MUI – versions 10 and 11 Exploitation of this vulnerability could result in information disclosure. The Cyber Centre encourages users and administrators to review the provided …

[Control systems] Johnson Controls security advisory (AV22-410) Read More »

Don’t dive head first into that crypto pool, FBI warns

The FBI has warned cryptocurrency owners and would-be owners about a scam involving phony liquidity mining that the bureau says has cost victims more than $70 million in combined losses since 2019. Liquidity mining is an investment strategy that appears to reward investors for contributing some of their crypto assets to a pool, which provides …

Don’t dive head first into that crypto pool, FBI warns Read More »