Mon.Aug 30, 2021

article thumbnail

Kill SOC Toil, Do SOC Eng

Anton on Security

As you are reading our recent paper “Autonomic Security Operations?—?10X Transformation of the Security Operations Center” , some of you may think “Hey, marketing inserted that 10X thing in there.” Well, 10X thinking is, in fact, an ancient tradition here at Google. We think that it is definitely possible to apply “10X thinking” to many areas of security (at the same link , they say that sometimes it is “easier to make something 10 times better than it is to make it 10 percent better” ).

article thumbnail

Excellent Write-up of the SolarWinds Security Breach

Schneier on Security

Robert Chesney wrote up the Solar Winds story as a case study, and it’s a really good summary.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft 365's new security model: How to use phishing simulations and security mailboxes

Tech Republic Security

Microsoft 365's "secure by default" stance removes some tools used by security teams. Here's how to work around the new restrictions.

Phishing 177
article thumbnail

The 7 best password managers for business

CSO Magazine

Enterprise-class password managers have become one of the easiest and most cost-effective ways to help employees lock down their online accounts. Most of the options were originally designed for individual users. Your organizational needs will differ wildly from security-conscious personal users, but the good news is that the key password management players all have made their solutions suitable for the business world. [ Learn 12 tips for effectively presenting cybersecurity to the board and 6 s

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Paying ransom should be your last resort, cybersecurity expert says

Tech Republic Security

Some organizations can get by without paying in a ransomware attack, but others really have no choice, he says.

article thumbnail

CISA: Don’t use single-factor auth on Internet-exposed systems

Bleeping Computer

Single-factor authentication (SFA) has been added today by the US Cybersecurity and Infrastructure Security Agency (CISA) to a very short list of cybersecurity bad practices it advises against. [.].

Internet 144

More Trending

article thumbnail

Unmanaged SaaS Data Brings Supply Chain Risks

Security Boulevard

When access to software-as-a-service (SaaS) data goes unmanaged, the likelihood of both insider and external threats increases. That’s why a new report from DoControl Inc. is so troubling. After assessing companies with an average of 1,000 employees and data stores with between 500,000 to 10 million assets, the SaaS company found that 40% of all. The post Unmanaged SaaS Data Brings Supply Chain Risks appeared first on Security Boulevard.

Risk 137
article thumbnail

Boston Public Library Hit by Cyberattack

Heimadal Security

The Boston Public Library is used by more than 4 million visitors per year through its central library and twenty-five neighborhood branches, as well as millions more online. According to a statement published on the BPL official website, a systemwide technical outage recently happened caused by a cybersecurity attack. On Wednesday morning, 8/25, the Boston Public Library experienced […].

article thumbnail

Cyber Threat to Glasgow COP26

CyberSecurity Insiders

UN Climate Change Conference, shortly known as COP26, scheduled to be held in between November 1st, 2021 to November 12th, 2021 at Glasgow, Scotland and an alert issued by the Sunday Mail says that the conference that is to be attended by many supreme world leaders including United States Joe Biden and Russian President Vladimir Putin, is likely to be targeted by a sophisticated cyber attack.

article thumbnail

Microsoft Exchange ProxyToken bug can let hackers steal user email

Bleeping Computer

Technical details have emerged on a serious vulnerability in Microsoft Exchange Server dubbed ProxyToken that does not require authentication to access emails from a target account. [.].

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

How secure is Apple iPhone 13 Satellite Connectivity

CyberSecurity Insiders

Apple Inc has made it official that it is going to launch its flagship iPhone 13 in September second week this year and an official statement from the technology giant reveals that the device is going to get an additional feature as Satellite Connectivity support. What that means is that iPhone device users who are in a region where there are no 4G or 5G signals can use the service of Low Earth Orbit (LEO) communication satellites to make calls or to send messages.

article thumbnail

Rethinking Cloud Infrastructure Authentication

Security Boulevard

Hopefully, you’ve moved beyond “p4$$w0r9s” and use secure keys and multifactor authentication (MFA) for all of your cloud infrastructure. However, how many people have access to each little node, piece of software, server or management console? How many keys are scattered around so that scripts can execute? How many trusted IPs are there?

article thumbnail

China's PIPL privacy law imposes new data handling requirements

CSO Magazine

As part of the country's growing scrutiny over the tech sector, China enacted on August 21 a sprawling and comprehensive data privacy law, the Personal Information Protection Law (PIPL), which goes into effect on November 1, 2021. In combination with China's newly enacted and still little-understood Data Protection Law , which goes into effect on September 1, 2021, this law promises to impose a host of new data privacy, security, and protective obligations on all US and global companies doing bu

article thumbnail

Expert: Governments and businesses must come together to combat ransomware threat

Tech Republic Security

Nations have to stop sheltering bad actors in order to stop them, expert says.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

LockFile ransomware uses intermittent encryption to evade detection

CSO Magazine

A new ransomware threat called LockFile has been victimizing enterprises worldwide since July. Key to its success are a few new tricks that make it harder for anti-ransomware solutions to detect it. The threat uses what researchers from antivirus vendor Sophos call “intermittent encryption,” meaning it only encrypts chunks of data inside a file instead of its complete contents.

article thumbnail

Why WAFs Don’t Work According to a Hacker

Security Boulevard

A new article in SDXcentral talks about why WAFs (Web Application Firewalls) are insufficient protection according to a hacker. The topic of WAFs isn't new to K2 and we've covered their failures in this blog article as well as an article on the dissatisfaction with WAFs in the security community, along with an article about the high levels of maintenance needed for WAFs.

Firewall 119
article thumbnail

10 Reasons to Trust Your Enterprise APIs

Cisco Security

Recently one of the big-three consumer credit bureaus fixed an issue that allowed an ordinary user to obtain the credit score of tens of millions of Americans just by providing their name and mailing address. The connective tissue making this data exposure possible was an Application Programming Interface or API. An API enables two pieces of software to communicate with each other.

Software 110
article thumbnail

IronNet’s September Threat Intelligence Brief

Security Boulevard

As we look back on August, ransomware remains the name of the cyber attack game.A new ransomware family called LockFile has surfaced to target victims in various industries around the globe. First seen on the network of a U.S. financial organization on July 20th, LockFile’s latest activity was observed on August 20th. . The post IronNet’s September Threat Intelligence Brief appeared first on Security Boulevard.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Boston Public Library discloses cyberattack

Security Affairs

The Boston Public Library was victim of a cyberattack that crippled its computer network, the library revealed in a statement Friday. The Boston Public Library announced on Friday that it was hit by a cyberattack that compromised its computer network. The affected systems were taken offline to prevent the threat from spreading. At the time of the announcement, the library said that there is no evidence that sensitive employee or patron data has been compromised.

article thumbnail

5 high-profile DDoS attacks that should chill you to the bone

Security Boulevard

Distributed denial of service (DDoS) attacks are malicious attempts to make an online service unavailable to users, usually by temporarily interrupting or suspending the services of its hosting server. Data revealed in the 2021 Imperva DDoS Landscape Report strongly suggests attacks are constantly evolving in size, volume, frequency, and complexity.

DDOS 111
article thumbnail

Microsoft Azure Customers Warned of Critical Bug Found in Cosmos DB

Heimadal Security

Microsoft Azure customers have been informed of a newly found critical bug in Cosmos DB that enables intruders to remotely take control over databases by giving them complete admin access with no authorization requested. Anyone can read, change, or delete databases as they please, according to Microsoft. What Happened? This month, cybersecurity researchers at the […].

article thumbnail

CISA urges enterprises to fix Microsoft Azure Cosmos DB flaw

Security Affairs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert urging enterprises to address the recently disclosed vulnerability in Microsoft Azure Cosmos DB. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert urging organizations to address the recently disclosed vulnerability in Microsoft Azure Cosmos DB (aka ChaosDB) as soon as possible.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

How Does MTA-STS Improve Your Email Security?

The Hacker News

Simple Mail Transfer Protocol or SMTP has easily exploitable security loopholes. Email routing protocols were designed in a time when cryptographic technology was at a nascent stage (e.g., the de-facto protocol for email transfer, SMTP, is nearly 40 years old now), and therefore security was not an important consideration.

article thumbnail

Hacking IoT Security with Aaron Guzman

Security Boulevard

Sources and Sinks interviews car hacker and IoT security expert, Aaron Guzman. Photo by Hiroyoshi Urushima on Unsplash. Information security is no longer staying on our laptops and in our browsers. As our devices become increasingly interconnected too, we have to start thinking about the security of our IoT devices. Today on sources and sinks, we talk to IoT hacker Aaron Guzman about his work in IoT security, his experience hacking Subaru cars, and how we can improve IoT security through regula

IoT 105
article thumbnail

CISA Adds Single-Factor Authentication to the List of Bad Practices

The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added single-factor authentication to the short list of "exceptionally risky" cybersecurity practices that could expose critical infrastructure as well as government and the private sector entities to devastating cyberattacks.

article thumbnail

Employee Password Security in the Healthcare Sector

Security Boulevard

The healthcare industry sector is increasingly the target of cybercriminals. According to the Health Insurance Portability and Accountability Act (HIPAA) Journal, over the past eleven years (2009-2020) there have been more than 3,705 healthcare data breaches impacting more than 268 million medical records. Why is this happening, and what can we do to address it?

article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

QNAP works on patches for OpenSSL bugs impacting its NAS devices

Bleeping Computer

Network-attached storage (NAS) maker QNAP is investigating and working on security updates to address remote code execution (RCE) and denial-of-service (DoS) vulnerabilities patched by OpenSSL last week. [.].

117
117
article thumbnail

New Microsoft Exchange 'ProxyToken' Flaw Lets Attackers Reconfigure Mailboxes

The Hacker News

Details have emerged about a now-patched security vulnerability impacting Microsoft Exchange Server that could be weaponized by an unauthenticated attacker to modify server configurations, thus leading to the disclosure of Personally Identifiable Information (PII). The issue, tracked as CVE-2021-33766 (CVSS score: 7.

100
100
article thumbnail

Canada accepted 7,300 more immigration applications due to technical bug

Bleeping Computer

A bug in the Canadian immigration system led to the government accepting an additional 7,307 immigration applications, surpassing the imposed limit. This comprised files from international graduate stream applicants aspiring to change their temporary visa status to permanent residency. [.].

article thumbnail

Five Key Points When Preventing Cybersecurity Attacks in a World of Hybrid Working

Security Boulevard

Language. English. Tags: . <a href='/blog?tag=Endpoint Protection'>Endpoint Protection</a> <a href='/blog?tag=Data Loss Prevention'>Data Loss Prevention</a> <a href='/blog?tag=File Transfers'>File Transfers</a> <a href='/blog?tag=Advanced Threat Protection'>Advanced Threat Protection</a> On 19 July, the UK will finally lift the final social distancing measures that were put in place during the pandemic.

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.