Doug Olenick SC Media | Page 3 of 220

Doug Olenick

Online Editor

Most recent articles by Doug Olenick

Estonian hacker sentenced

Hy-Vee details 2019 POS data breach incident

Mid-Western supermarket chain Hy-Vee issued an update regarding the POS data breach it reported in August, including when it happened on the locations involved. Hy-Vee said in an October 3 release that unauthorized access was detected on July 29, 2019 and focused on Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants at Hy-Vee Market Grilles,…

SC Media’s 30th anniversary Q&A: Nathan Wenzler

Nathan Wenzler, Senior Director of Cybersecurity at Moss Adams, a Seattle, Wash. based accounting, consulting and wealth management firm: SC: How long have you been in security? Nathan Wenzler: 22 years How has your discipline changed over the years? I think my own discipline has changed as the Information Security discipline changed over the years. Initially,…

Evidence tying Cobalt Group to Magecart Group 4 unveiled

The security firms Malwarebytes and HYAS have strung together several pieces of evidence that they believe tie Magecart Group 4 to the Cobalt Group. The two companies found that the Cobalt Group and Magecart Group 4 have several overarching similarities, such as the use of advanced techniques during their attacks and a history with banking…

Google launches Password Checkup security tool

Google has added a new feature to its password manager that will study a person’s passwords and then inform them on its strength and whether it has been compromised. Password Checkup will not only check a user’s personal choices, but also make personalized recommendations, wrote Andreas Tuerk, product manager for Password Manager. The three primary…

Why most MSPs still need better awareness

General Data Protection Regulations (GDPR) are fully enforceable and hefty financial penalties are hitting those who do not meet the requirements. Yet as a managed service provider (MSP), you may still be unaware of the full implications. Many mistakenly believe that GDPR impacts only consumer internet companies. In reality, any MSP with clients who deal…

Multiple zero-day vulnerabilities found medical IoT devices: CISA

The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory warning of vulnerabilities in several medical IoT devices that could lead to remote code execution. Advisory ICSA-19-274-01, which has a CVSS rating or 9.8, covers the following pieces of equipment: OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, Zebos by IP Infusion, and…

When spreadsheets are enough for risk management

Third-party vendors are crucial to a company’s success, but they inherently create risk and require monitoring to ensure their vulnerabilities don’t develop into a bigger problem like a data breach. Responsible companies monitor their third-party risk, and many do it with a combination of manually-updated spreadsheets. Are spreadsheets enough to manage vendor risk? Smaller operations…

Next post in Executive Insight