November 22, 2022

Malwarebytes collaborates with Stellar Cyber to increase productivity and efficiency of security teams

Malwarebytes partners with Stellar Cyber to help resource-constrained teams produce consistent security outcomes across all environments; on-premises, cloud and anything in between. The partnership comes at a critical time in the cybersecurity landscape, as security products become more complex and IT teams spend more time maintaining their security controls, instead of investigating and mitigating cyber …

Malwarebytes collaborates with Stellar Cyber to increase productivity and efficiency of security teams Read More »

‘Pig butchering’ romance scam domains seized and slaughtered by the Feds

The US government seized seven domain names used in so-called “pig butchering” scams that netted criminals more than $10 million. Pig butchering is a newish twist on romance scams in which fraudsters build a relationship with their victims and then con them into transferring money into accounts controlled by the crooks. In these cases, however, …

‘Pig butchering’ romance scam domains seized and slaughtered by the Feds Read More »

‘Pig butchering’ romance scam domains seized and slaughtered by the Feds

The US government seized seven domain names used in so-called “pig butchering” scams that netted criminals more than $10 million. Pig butchering is a newish twist on romance scams in which fraudsters build a relationship with their victims and then con them into transferring money into accounts controlled by the crooks. In these cases, however, …

‘Pig butchering’ romance scam domains seized and slaughtered by the Feds Read More »

OneTrust partners with ECI to help companies evaluate their ethics and compliance programs

OneTrust is partnering with the Ethics & Compliance Initiative (ECI), the global non-profit organization that empowers organizations to build and sustain cultures of integrity. The partnership enables OneTrust to offer its customers the ECI High-Quality Ethics & Compliance Program (HQP) Assessment tool, which helps organizations evaluate their ethics and compliance programs and determine their level …

OneTrust partners with ECI to help companies evaluate their ethics and compliance programs Read More »

Headless Commerce & Microservices Explained

In comparison to traditional ecommerce software solutions, headless, microservices-based software offers a huge range of operational and business benefits allowing increased flexibility and agility with less upkeep. What you will learn by downloading this free ebook: Key concepts in the world of headless commerce Pros and cons for headless and monolithic systems A hypothetical business …

Headless Commerce & Microservices Explained Read More »

From Coercion to Invasion: The Theory and Execution of China’s Cyber Activity in Cross-Strait Relations

Editors Note: This is an excerpt of a full report. To read the entire analysis with endnotes, click here to download the report as a PDF. This report examines how China conceptualizes and executes cyber coercion and cyber warfare, with a focus on Taiwan. It will be of most interest to Taiwans government and military, …

From Coercion to Invasion: The Theory and Execution of China’s Cyber Activity in Cross-Strait Relations Read More »

Anomali Cyber Watch: URI Fragmentation Used to Stealthily Defraud Holiday Shoppers, Lazarus and BillBug Stick to Their Custom Backdoors, Z-Team Turned Ransomware into Wiper, and More

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Cyberespionage, Phishing, Ransomware, Signed malware, and Wipers. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. …

Anomali Cyber Watch: URI Fragmentation Used to Stealthily Defraud Holiday Shoppers, Lazarus and BillBug Stick to Their Custom Backdoors, Z-Team Turned Ransomware into Wiper, and More Read More »

Wipro launches cybersecurity consulting offering for businesses across Europe

Wipro has launched a strategic cybersecurity consulting offering in Europe. The announcement comes on the heels of a series of acquisitions in the consulting space—Edgile, Capco, and Ampion—and is part of the firm’s vision to build a global cybersecurity consulting offering to help clients stay ahead of a dynamic threat and regulatory environment. “Escalation of …

Wipro launches cybersecurity consulting offering for businesses across Europe Read More »

Broadcom-VMware Merger Faces European Regulatory Hurdles

Cloud Security , Endpoint Protection Platforms (EPP) , Endpoint Security UK’s Competition Authority Announces Probe as Broadcom Awaits EU Clearance for M&A Akshaya Asokan (asokan_akshaya) • November 22, 2022     Broadcom’s acquisition of VMware faces challenges from European regulatory authorities over potential competitive advantages. The $61 billion deal announced in May still needs clearance …

Broadcom-VMware Merger Faces European Regulatory Hurdles Read More »

ReliaQuest CEO Brian Murphy on Joining SecOps, Threat Intel

Next-Generation Technologies & Secure Development , Threat Intelligence , Video CEO Shares How Digital Shadows Acquisition Helped Clients to Customize Threat Intel Michael Novinson (MichaelNovinson) • November 22, 2022     Brian Murphy, founder and CEO, ReliaQuest ReliaQuest customers have tailored Digital Shadows’ threat intelligence to their organizations to ensure conversations about their brands or …

ReliaQuest CEO Brian Murphy on Joining SecOps, Threat Intel Read More »

AGs Urge Apple to Tighten Health Privacy, Security in Apps

Data Loss Prevention (DLP) , Endpoint Security , Governance & Risk Management Attorney General Group Says Third-Party Apps Threaten Reproductive Health Privacy Marianne Kolbasuk McGee (HealthInfoSec) • November 22, 2022     Ten state attorneys general sent a letter to Apple urging the tech giant to address privacy and security gaps in third-party applications available …

AGs Urge Apple to Tighten Health Privacy, Security in Apps Read More »

DraftKings gamblers lose $300,000 to credential stuffing attack

A credential stuffing attack over the weekend that affected sports betting biz DraftKings resulted in as much as $300,000 being stolen from customer accounts. The Boston-based company said that its systems were not breached but that the login information of the impacted customers was stolen elsewhere and applied to their DraftKings accounts, where the same …

DraftKings gamblers lose $300,000 to credential stuffing attack Read More »

Leaning into Retail’s Challenges with Digital Transformation

Digital transformation initiatives have picked up in the retail sector in recent years as store chains compete for brand awareness and sales in a rapidly evolving market. By 2026, retailers’ global investments in digital transformation tools are expected to reach $388 billion, growing by 18% a year. That may sound like retail leaders are all …

Leaning into Retail’s Challenges with Digital Transformation Read More »

5 API Vulnerabilities That Get Exploited by Criminals

Let’s give a look at API vulnerabilities by reading the API Security Top 10 published by the Open Web Application Security Project (OWASP). It’s no secret that cyber security has become a leading priority for most organizations — especially those in industries that handle sensitive customer information. And as these businesses work towards building robust …

5 API Vulnerabilities That Get Exploited by Criminals Read More »

Hornetsecurity expands APAC and EMEA growth through new distribution agreements

Hornetsecurity announced a major push into several different regions across the world, with the signing of new distributors and partnerships. This further expands Hornetsecurity’s established presence in Europe, the US and LATAM. In the Philippines and Saudi Arabia, the signing of distributors WSI and S2 will see Hornetsecurity’s capabilities support even more businesses in limiting …

Hornetsecurity expands APAC and EMEA growth through new distribution agreements Read More »

Cybersecurity Pros Put Mastodon Flaws Under the Microscope

As Mastodon experiences explosive user growth as a replacement for Twitter, infosec experts are pointing out security holes in the social media network. From an anonymous server collecting user information to configuration errors that create vulnerabilities, the increased popularity of the platform is leading to increased scrutiny of its flaws. Unlike other social media apps, …

Cybersecurity Pros Put Mastodon Flaws Under the Microscope Read More »

Adversarial AI Attacks Highlight Fundamental Security Issues

Artificial intelligence and machine learning (AI/ML) systems trained using real-world data are increasingly being seen as open to certain attacks that fool the systems by using unexpected inputs. At the recent Machine Learning Security Evasion Competition (MLSEC 2022), contestants successfully modified celebrity photos with the goal of having them recognized as a different person, while …

Adversarial AI Attacks Highlight Fundamental Security Issues Read More »

Review – 5 Advisories and 3 Updates Published – 11-22-22

Today, CISA’s NCCIC-ICS published five control system security advisories for products from Moxa, GE, Phoenix Contact, Digital Alert Systems, and AVEVA. They updated two control system advisories for products from Moxa and one medical device security advisory for products from Hillrom. Security Advisories Moxa Advisory – This advisory describes an execution with unnecessary privilege vulnerability …

Review – 5 Advisories and 3 Updates Published – 11-22-22 Read More »

Security Features Online Sportsbooks Are Utilizing To Protect Customers

We all practically breathe technology nowadays, but at the same time, we are not even aware of it. The use of the internet for almost everything has become so natural. You can find a desktop or mobile app for anything—banking, shopping, exercise, entertainment, you name it—and get what you need.  The importance of security has …

Security Features Online Sportsbooks Are Utilizing To Protect Customers Read More »