Doug Olenick SC Media | Page 3 of 193

Doug Olenick

Online Editor

Most recent articles by Doug Olenick

Spirit AeroSystems confirms ASCO Industries cyberattack

Reports that Belgian aerospace manufacturer ASCO Industries has shuttered several factories due to a ransomware attack on June 7 is certainly news, but what is causing even more raised eyebrows is the company’s almost complete silence on the issue. ASCO, which is in the process of being acquired by Wichita, Kan.-based Spirit AeroSystems, reportedly confirmed…

Lake City recovering from ransomware attack

Lake City, Fla. has started to recover from a June 10 ransomware attack that knocked out its email and online payment systems. Lake City was hit with TripleThreat ransomware, City Manager Joe Helfenberger said in a statement posted to Facebook. Cloud cybersecurity company AppRiver reported on TripleThreat last January, but at the time only mentioned it…

Securing multi-cloud environments: assurance through consistency

Meeting the security and compliance needs across different cloud service providers (CSP), and an organization’s own data center, remains a thorny challenge. Today, many enterprises are migrating business-critical workloads to the cloud, or have done so recently. Others are taking a ‘lift-and-shift’ approach for select applications, leveraging new integrations for legacy systems. This journey may…

Intel joins Patch Tuesday with 11 security updates

Intel rolled out 11 software, firmware and hardware security updates on Jun 11, several of which could lead to an escalation of privilege situation if exploited. The three most critical patches, all rated “high”, cover three product categories, Intel Accelerated Storage Manager in Intel Rapid Storage Technology Enterprise, Intel NUC PC and Intel Raid Web…

Why vendors who achieve ISO 27001 are important for audio/video buyers

Accreditations may seem like promotional mechanisms that appear on a vendor’s marketing material. Think again and take a closer look. As data compliance impacts organizations, enterprise leaders need to take vendors more seriously when standardizing on video conferencing solutions. It’s time to start conducting some thorough checks. ISO what? Data protection is the bastion of…

Microsoft patches 22 critical flaws, four zero days on June Patch Tuesday

Microsoft’s June Patch Tuesday release covered 88 CVE, including 22 rated as critical and four that covered previously announced zero-day vulnerabilities. The zero-day issues, all are elevation of privilege issues, were tagged as top priority patches of the month by several cybersecurity executives, although the good news is none of the zero days, or other…

Exterro picks up privacy firm Jordan Lawrence

Information governance software maker Exterro has acquired the data privacy and information management software firm Jordan Lawrence. Bobby Balachandran, CEO at Exterro, said the move was made to help his firm more effectively manage the new and evolving data privacy and security regulations, such as CCPA and GDPR while addressing e-discovery needs under the Federal…

Patch Tuesday

Adobe Patch Tuesday: Critical issues across Flash Player, ColdFusion and Campaign

Adobe June’s Patch Tuesday included patches for critical-rated arbitrary code execution flaws in Flash Player, ColdFusion and Campaign. The Flash Player vulnerability, CVE-2019-7845, affects Windows, macOS, Linux and Chrome OS and if exploited could lead to arbitrary code execution in the context of the current user.  The issue can be fixed by updating to the latest version…

A sleeping security threat: How to protect against container compromise

Container technology makes it possible to independently package and run software across computing environments, improving software development efficiency and IT operations. Recent advances make it easier than ever to use, but security can’t be overlooked. Similar to the adoption of DevOps and cloud technologies, the introduction of containers expands an organization’s attack surface.  Attackers are…

APT10

MuddyWater, Fin8 and Platinum threat actors back in action

Researchers have spotted the MuddyWater, Fin8 and Platinum cybergangs all making an unwanted comeback following an observed increase in malicious activity over the last few weeks. Trend Micro came across several campaigns its researchers believe contain the hallmarks of MuddyWater. But this time around the group apparently deployed a new multi-stage PowerShell-based backdoor called POWERSTATS…

Next post in APTs/cyberespionage