Month: May 2024
At the RSA Conference in San Francisco, Google announced the launch of Google Threat Intelligence, a groundbreaking new offering that leverages the company’s vast resources and expertise in cybersecurity to provide actionable threat intelligence at an unprecedented scale. Unparalleled Depth and Breadth of Intelligence This new platform combines the front-line expertise of Mandiant, the global…
Read More
CISOs can protect themselves by making responsibilities clear With cyber incidents becoming more frequent and prominent, the role of CISOs has become a lightning rod. “Historically, the risk calculus was bad stuff happens, I’m going to get fired, I’ll go on to my next job,” said Charles Blauner, partner and CISO in residence at Team8…
Read MoreApply appropriate updates provided by Google to vulnerable systems immediately after appropriate testing. (M1051: Update Software) Safeguard 7.1: Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard. Safeguard 7.4: Perform…
Read More
‘It’s probably one of the biggest announcements that we’ve ever made, or ever will make, because for the first time, Dell now has a cloud storage product to sell. This is hugely important to them because their customers sometimes say, ‘Hey, Dell guys, I don’t really want to buy any more on-prem storage from you…
Read More
St. Louis-based Ascension, which operates 140 hospitals in the U.S., said in its latest update that it did not have a timeline for restoring its system. Ascension, a health system with 140 hospitals and operations in 19 states and Washington, D.C. that said it suffered a data breach this week, said Thursday that its electronic…
Read More
Poland says a state-backed threat group linked to Russia’s military intelligence service (GRU) has been targeting Polish government institutions throughout the week. According to evidence found by CSIRT MON, the country’s Computer Security Incident Response Team (led by the Polish Minister of National Defense) and CERT Polska (the Polish computer emergency response team), Russian APT28…
Read More
Project management platform Monday.com has removed its “Share Update” feature after threat actors abused it in phishing attacks. Monday.com is a cloud-based project management platform that allows teams to organize and manage their work using automated workflows and dashboards. The platform is used by 225,000 customers, including Coca-Cola, Canva, LionsGate, Oxy, Compass, and Zippo. On Tuesday, Monday.com customers…
Read MoreApply appropriate updates provided by F5 to vulnerable systems immediately after appropriate testing. (M1051: Update Software) Safeguard 7.1: Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard. Safeguard 7.4: Perform…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-049 DATE(S) ISSUED: 05/09/2024 OVERVIEW: A vulnerability has been discovered in the Apache OFBiz, which could allow for remote code execution. Apache OFBiz is an open-source product for the automation of enterprise processes. It includes framework components and business applications for ERP, CRM, E-Business/E-Commerce, Supply Chain Management and Manufacturing Resource Planning. Successful…
Read More
Do you know Dmitry Yuryevich Khoroshev? If you do, there’s a chance that you might well on the way to receiving a reward of up to $10 million. Read more in my article on the Exponential-e blog. Source link lol
Read More