Day: August 3, 2022

CyberRes joins forces with Google Cloud to address data privacy regulations

CyberRes, a Micro Focus line of business, announced a partnership with Google Cloud to support the upcoming release of BigQuery remote functions. The partnership will see CyberRes’ end-to-end enterprise data protection solution, Voltage SecureData, integrate with Google’s BigQuery data warehouse to accelerate and expand organizations’ data science initiatives and help companies comply with ever-evolving privacy …

CyberRes joins forces with Google Cloud to address data privacy regulations Read More »

Where Does Shared Responsibility Model for Security Breaks in the Real World?

Shared responsibility model for cloud security is the fundamental concept — perhaps the most fundamental concept — in cloud security. However, there are many challenges with how this concept fares in the real world today. This blog is basically an alpha version for a future blog on how we are evolving and improving the shared responsibility model shortcomings with our …

Where Does Shared Responsibility Model for Security Breaks in the Real World? Read More »

Endace partners with Vectra to defend customers against advanced cyber threats

Endace and Vectra have partnered to combine Endace’s packet capture and always-on network recording with the Vectra AI-driven threat detection and response platform. The combination of the two products gives security teams accurate discovery at all attack stages with conclusive forensic evidence, for faster and simpler threat investigation and response. The Vectra platform uses AI …

Endace partners with Vectra to defend customers against advanced cyber threats Read More »

Whistic collaborates with Cobalt to reduce risks that come from onboarding third-party applications

Whistic collaborates with Cobalt to enable vendors to consolidate all of their security documentation, including standard questionnaires, certifications, audits, and pentests (a security assessment, analysis and simulation of cyber attacks on an application or network to test security) into one centralized location, simplifying the security review process and accelerating sales along the way. Both Whistic …

Whistic collaborates with Cobalt to reduce risks that come from onboarding third-party applications Read More »

GitHub blighted by “researcher” who created thousands of malicious projects

by Paul Ducklin Just over a year ago, we wrote about a “cybersecurity researcher” who posted almost 4000 pointlessly poisoned Python packages to the popular repository PyPI. This person went by the curious nickname of Remind Supply Chain Risks, and the packages had project names that were generally similar to well-known projects, presumably in the …

GitHub blighted by “researcher” who created thousands of malicious projects Read More »

Banks, Insurer To Settle Fraudulent Transfer Coverage Row

By Katryna Perera (August 3, 2022, 10:44 PM EDT) — First National Bancorp Inc., its Montana subsidiary and their insurer reached a tentative settlement Wednesday to resolve a federal dispute over coverage of $900,000 in losses stemming from a fraudulent wire transfer. The banks filed a notice of pending settlement stating they reached a tentative …

Banks, Insurer To Settle Fraudulent Transfer Coverage Row Read More »

DirecTV Robocall Recipients Get Class Cert. In TCPA Row

By Allison Grande (August 3, 2022, 10:42 PM EDT) — A West Virginia federal judge has certified a class of nearly 114,000 individuals who claim they received unwanted telemarketing robocalls placed on behalf of DirecTV, agreeing with the plaintiffs that the dispute presents a “model case for the application of the class action mechanism.” In …

DirecTV Robocall Recipients Get Class Cert. In TCPA Row Read More »

Sparrow’s new solutions and features help users identify vulnerabilities in source code and web applications

At Black Hat USA 2022, Sparrow is announcing its newly upgraded Sparrow Cloud and open-source management solution, Sparrow SCA. Sparrow Cloud is a single platform for managing security and quality issues of both source code and web applications: running static and dynamic tests, checking test results, marking vulnerability status, and generating reports. Since its introduction …

Sparrow’s new solutions and features help users identify vulnerabilities in source code and web applications Read More »

State AGs Launch Anti-Robocall Litigation Task Force

By Kelly Lienhard (August 3, 2022, 10:03 PM EDT) — Attorneys general from all 50 states are banding together to launch a new task force that will focus on protecting the United States against illegal, foreign robocalls. The Anti-Robocall Litigation Task Force will work to investigate and prosecute telecom companies that bring foreign robocalls into …

State AGs Launch Anti-Robocall Litigation Task Force Read More »

UnitedHealth Judge Probes Health Tech Co.'s Data Safeguards

By Bryan Koenig (August 3, 2022, 9:59 PM EDT) — The D.C. federal judge slated to decide the fate of UnitedHealth Group’s proposed $13.8 billion acquisition of Change Healthcare pressed a Change executive on Wednesday to explain whether internal safeguards can prevent data abuses that the U.S. Department of Justice is worried about. U.S. District …

UnitedHealth Judge Probes Health Tech Co.'s Data Safeguards Read More »

VirusTotal Reveals Apps Most Exploited by Hackers to Spread Malware

According to the latest research findings from VirusTotal, cybercriminals and threat actors are increasingly relying on mimicked versions of genuine, common-use apps such as Adobe Reader, Skype, and VLC Player to successfully conduct social engineering attacks. Findings Details In their study of malware, researchers at Google’s VirusTotal revealed that cybercriminals deploy numerous approaches to abuse …

VirusTotal Reveals Apps Most Exploited by Hackers to Spread Malware Read More »

Reducing Risk by Breaking Down Supply Chain Siloes

Matt Marciniak, information security manager, Quantile Supply chains for large organizations are complex and highly siloed, posing hidden security risks from potentially dozens of places. That’s why an enterprisewide risk management program framework is essential to managing multiple vendors, says information security manager Matt Marciniak of financial service organization Quantile. “It is not feasible for …

Reducing Risk by Breaking Down Supply Chain Siloes Read More »

Proof of Concept: China's Threat to National Security

Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Governance & Risk Management Also: Latest Analysis of Log 4j Event; How to Secure Evolving Work Patterns Anna Delaney (annamadeline) • August 3, 2022     Clockwise, from top left: Anna Delaney, Tom Field, John Kindervag and Grant Schneider In the latest “Proof of Concept,” …

Proof of Concept: China's Threat to National Security Read More »

Dental Care Alliance Settles Breach Lawsuit for $3 Million

Healthcare , Industry Specific , Legislation & Litigation 2020 Cyberattack Affected Patients, Employees at Hundreds of Dental Practices Marianne Kolbasuk McGee (HealthInfoSec) • August 3, 2022     A support services contractor for dental practices is set to pay out $3 million to settle a putative class action launched over a 2020 cyberattack that affected …

Dental Care Alliance Settles Breach Lawsuit for $3 Million Read More »

Microsoft widens enterprise access to its threat intelligence pool

Microsoft says it will give enterprise security operation centers (SOCs) broader access to the massive amount of threat intelligence it collects every day. Through two new services unveiled this week, the enterprise software giant said organizations would be able to proactively protect themselves by seeing the same data Microsoft cybersecurity experts see, and understanding the …

Microsoft widens enterprise access to its threat intelligence pool Read More »

How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes

It’s a well-known fact that humans are — and will continue to remain — one of the weakest links in any company’s cyber defenses. Security admins have tried to help the situation through random phishing tests and training, ultimatums, eliminating local control over a given device, and even naming and shaming those unlucky souls who clicked on …

How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes Read More »

How To Build and Optimize Your Cybersecurity Program

Originally published by Axonius here. Written by Ronald Eddings, Axonius. Digital transformation has been a shock to the system for security teams — the attack landscape is ever-evolving, and organizations are constantly using new tech. From a security perspective, it can be hard to keep up. When building and optimizing your security program, your goal …

How To Build and Optimize Your Cybersecurity Program Read More »

Taiwan Stores Hacked by Message. China also Hacked during Pelosi Visit too!

Hackers have infiltrated Asia’s 7/11 convenience stores to display a message telling “warmonger” Nancy Pelosi to “get out” of Taiwan. After US Speaker Pelosi landed in Taiwan, China displayed its irritation with a burst of military activity surrounding the self-ruled island, some of it falling within the country’s 12-mile nautical border, defence analysts say. Pelosi – who is the 3rd …

Taiwan Stores Hacked by Message. China also Hacked during Pelosi Visit too! Read More »

An Overview of TDIR: Threat Detection and Incident Response

Originally published by Panther here. Today, countless solutions support threat detection. This is great news, but the market is saturated with different solutions and many different acronyms. One of the more recent acronyms to gain traction is threat detection and incident response (TDIR). This article will explore TDIR’s importance in the marketplace and what it …

An Overview of TDIR: Threat Detection and Incident Response Read More »

How the Cyber Ambassador In Waiting Plans to Control $1.5 Billion for Open Networks

Cookie List A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. …

How the Cyber Ambassador In Waiting Plans to Control $1.5 Billion for Open Networks Read More »

SSU dismantles an infowar botnet. Disinformation and deception in a hybrid war. Rewards for Justice works toward securing elections from Russian meddling.

At a glance.SSU dismantles an infowar botnet.HIMARS, atrocities, provocation, and disinformation.A Russian disinformation mouthpiece raises the prospect that there are highly placed traitors in the GRU.Rewards for Justice works toward securing elections from Russian meddling.The case that Russia’s war is genocidal.The case that pan-Slavism has found wayward, but sincere, expression in Mr. Putin’s war.Ukraine claims …

SSU dismantles an infowar botnet. Disinformation and deception in a hybrid war. Rewards for Justice works toward securing elections from Russian meddling. Read More »