Some welcome good news on the COVID-19 front: Microsoft Corporation said it is stepping up its efforts to protect hospitals and other critical services from opportunistic cyberattacks, while Mozilla has founded a new fund to support open-source projects that help fight the pandemic. In a company blog post, Microsoft said that it identified dozens of…
Resilience is more than a buzzword, so is trust. Both are essential to developing a strong security postures, says Unisys Chief Trust Officer Tom Patterson, who also serves on the Cybersecurity Moonshot subcommittee. Please listen to Tom discuss resilience with SC Executive Editor Teri Robinson.
Patch management was challenging enough before the world was upended by a rapidly spreading pandemic. But with security teams working remotely, and employee-operated devices dispersed across large distances, quickly prioritizing and fixing critical vulnerabilities has become both more difficult and more important. As the 2017 Equifax breach showed, delays in patching can result in a…
The town of Jupiter, located in an area of Florida hard hit by Coronavirus, is continuing to recover from a late March ransomware attack. Town officials reported last week that its email, utility payment and planning submissions systems were all down. The attack took place on March 23 with town officials notifying residents two days…
A misconfigured Amazon Web Services S3 bucket has exposed the data of about 14 million users of the popular Key Ring app that includes some payment and medical card information. The database was discovered by vpnMentor’s Noam Rotem and Ran Locar who found 44 million records were open to public viewing. Key Ring is generally…
Just as legitimate businesses have had to make major adjustments to the realities of COVID-19, the cybercriminal underground economy has also had to stay nimble. Indeed, a new dark web report from Digital Shadows’ Photo Research Team shows that some hacking forum members are in a struggle to keep their cybercriminal operations afloat, while others…
Of the nearly 10 million Americans who recently have filed for unemployment insurance – 6.6 million this week and 3.3 million the week before – as the coronavirus pandemics shut down businesses and the economy, the cybersecurity workforce seemingly has been spared. But experts warned that widespread layoffs in the future could leave organizations vulnerable.…
Google yesterday issued a stable channel update for the desktop version of its Chrome browser for Windows, Mac and Linux, fixing eight vulnerabilities in the process. The patched bugs included at least three high-level bugs, including two use-after-free flaw in WebAudio (CVE-2020-6450 and CVE-2020-6451), and a head buffer overflow in media (CVE-2020-6452). The two WebAudio…
This month, SC reviewed several Security Information and Event Management (SIEM) solutions. Although we have tested these products before, we are impressed with the development and innovation that occurs year after year. SIEM capabilities have expanded well beyond security and event management. They drive threat detection and response with auto-remediation and guided responses based on…
The Affordacare Urgent Care Clinic, a network of medical providers based in Texas, has officially confirmed a combination data breach-ransomware attack that exposed sensitive information. The company is claiming that social security numbers were not impacted in the incident, despite security experts having demonstrated that the attackers have published stolen documents containing patients’ and employees’…
