Information Security newsfeed from around the world in English and French. Find it all in one place… here.
COVID-19 Distractions May Have Delayed Patching, Experts SayAlmost eight months after Microsoft warned of a critical vulnerability in Windows called SMBGhost, more than 100,000 unpatched devices remain vulnerable, according to security researchers. The COVID-19 pandemic and ensuing rush to move workers into home offices may have led to delays in applying the fix. Source: Bank […]
Continue Reading
‘Turla’ Recently Targeted a European Government Agency for EspionageTurla, a hacking group based in Russia, is deploying a revamped set of customized tools to target potential victims, including a European government agency, for its espionage campaigns, according to Accenture. Source: Bank Info Security Russian Hacking Group Upgrades Malicious Toolset
Continue Reading
Fraudsters Used Doctored Invoices to Steal Cash Earmarked for Trump’s CampaignThe Republic Party of Wisconsin says fraudsters used phishing emails and doctored invoices to steal $2.3 million earmarked for President Donald Trump’s reelection campaign. The FBI is investigating. Source: Bank Info Security Phishing Scam Costs Wisconsin GOP .3 Million
Continue Reading
2 Experts Discuss Selecting the Right TechnologiesValidating identity across every digital channel is essential to track money movement information and help control P2P payment fraud, two fraud-fighting experts say. Source: Bank Info Security How to Mitigate P2P Payment Fraud
Continue Reading
In 2017, we already published a guest diary[1] about "CAA" or "Certification Authority Authorization". I was curious about the status of this technique and the adoption level in 2020. Has it been adopted massively since this diary? The initial RFC describing CAA has been issued in 2013 (RFC6844[2]). Since 2019, it is obsolete and has been replaced […]
Continue ReadingCloud adoption was already strong heading into 2020. According to a study by O’Reilly, 88% of businesses were using the cloud in some form in January 2020. The global pandemic just accelerated the move to SaaS tools. This seismic shift where businesses live day-to-day means a massive amount of business data is making its way […]
Continue ReadingConfluera 2.0: Enhanced autonomous detection and response capabilities to protect cloud infrastructure Confluera XDR delivers a purpose-built cloud workload detection and response solution with the unique ability to deterministically track threats progressing through the environment. Confluera holistically integrates security signals from the environment to provide a complete attack narrative of a cyberattack in real-time, as […]
Continue ReadingThe number of records exposed has increased to a staggering 36 billion. There were 2,935 publicly reported breaches in the first three quarters of 2020, with the three months of Q3 adding an additional 8.3 billion records to what was already the “worst year on record,” Risk Based Security reveals. “The quagmire that formed in […]
Continue ReadingFederal IT leaders across the country voiced the importance of network visibility in managing and securing their agencies’ increasingly complex and hybrid networks, according to Riverbed. Of 200 participating federal government IT decision makers and influencers, 90 percent consider their networks to be moderately-to-highly complex, and 32 percent say that increasing network complexity is the […]
Continue ReadingThe virtual edition of the HITBCyberWeek 2020 security conference starts on November 15. For four days, attendees will be able to hear keynotes and presentations from experts such as Bruce Schneier, Paul Vixie, and many others. Simultaneously (and as per usual), those in search for specific cyber security knowledge and effective exercises can opt for […]
Continue Reading