The parent company of women’s fashion site Shein has been fined $1.9 million after being accused of lying about the extent of data breach, and notifying “only a fraction” of affected customers. Read more in my article on the Hot for Security blog.
Cyber News, Cyber Threat TrendsHybrid cloud has become a popular computing model in recent times. Find out all you need to know, including its features, pros and cons. The post What is hybrid cloud? appeared first on TechRepublic.
Cyber News, Cyber Threat TrendsGraham Cluley Security News is sponsored this week by the folks at Kolide. Thanks to the great team there for their support! In 2021, our company went through the SOC 2 Type 1 audit, and we found out just how challenging it can be to prove compliance to a third-party auditor. We also learned firsthand […]
Cyber News, Cyber Threat Trends
ACM.83 Leveraging Resource Policies vs IAM Policies to prevent unintended access to secrets in Cloud Environments This is a continuation of my series of posts on Automating Cybersecurity Metrics. Note that I started working on this diagram but I amend it in a later post for greater accuracy and alignment with our policy objectives. In […]
Cyber News, Cyber Threat Trends
A new ransomware campaign targeted the transportation and logistics sectors in Ukraine and Poland on October 11 with a previously unknown payload dubbed Prestige. “The activity shares victimology with recent Russian state-aligned activity, specifically on affected geographies and countries, and overlaps with previous victims of the FoxBlade malware (also known as HermeticWiper),” the Microsoft
Cyber News, Cyber Threat Trends
The threat actors behind the Black Basta ransomware family have been observed using the Qakbot trojan to deploy the Brute Ratel C4 framework as a second-stage payload in recent attacks. The development marks the first time the nascent adversary simulation software is being delivered via a Qakbot infection, cybersecurity firm Trend Micro said in a technical analysis released last week. The
Cyber News, Cyber Threat TrendsDan Burke is the director of strategy, risk, and compliance for AppDynamics, a company acquired by Cisco in 2017. Burke and his team are a vital part of the Cisco acquisition process in helping acquired companies adhere to a higher level of cybersecurity. This blog is the fourth in a series focused on M&A cybersecurity, […]
Cyber News, Cyber Threat Trends
New research has disclosed what’s being called a security vulnerability in Microsoft 365 that could be exploited to infer message contents due to the use of a broken cryptographic algorithm. “The [Office 365 Message Encryption] messages are encrypted in insecure Electronic Codebook (ECB) mode of operation,” Finnish cybersecurity company WithSecure said in a report published last week. […]
Cyber News, Cyber Threat Trends
Don’t let the ongoing “crypto winter” lull you into a false sense of cybersecurity. Even as cryptocurrencies lose value — and some crypto companies file for bankruptcy — cryptojacking still poses an urgent threat to enterprises across industries, from financial services to healthcare to industry 4.0 and beyond. Broadly speaking, cryptojacking is defined as the unauthorized and illegitimate use
Cyber News, Cyber Threat Trends