Month: June 2024
RMM software developer TeamViewer says a Russian state-sponsored hacking group known as Midnight Blizzard is believed to be behind a breach of their corporate network this week. Yesterday, BleepingComputer reported that TeamViewer had been breached and that cybersecurity experts and healthcare organizations had begun warning customers and organizations to monitor their connections. TeamViewer is widely used…
Read More
Here’s a look at 10 new, expanded and improved big data tools, platforms, systems and services that solution and service providers should be aware of. Big Data, Cool Tools Data management, already of significant importance for operational and business intelligence purposes, has taken on a new level of priority for businesses and organizations as the…
Read More
Geisinger, a prominent healthcare system in Pennsylvania, has announced a data breach involving a former employee of Nuance, an IT services provider contracted by the organization. Geisinger is a non-profit organization that operates 134 care sites, ten hospitals, and the Geisinger Health Plan, serving a total of 1.2 million people. It employs 26,000 staff, including…
Read More
The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has been traced to a common operator, according to researchers. Researchers discovered a public GitHub repository where the purported operators of Polyfill.io had accidentally exposed their Cloudflare secret keys.…
Read More
Check out why memory vulnerabilities are widespread in open source projects. Plus, get the latest on the ransomware attack that’s disrupted car sales in North America. In addition, find out why a majority of organizations grew their cyber budgets this year. And learn how confidential data from U.S. chemical facilities may have been accessed by…
Read More
The modern kill chain is eluding enterprises because they aren’t protecting the infrastructure of modern business: SaaS. SaaS continues to dominate software adoption, and it accounts for the greatest share of public cloud spending. But enterprises and SMBs alike haven’t revised their security programs or adopted security tooling built for SaaS. Security teams keep jamming…
Read More
Jun 28, 2024NewsroomMalware / Cryptocurrency Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. “The threat actor employs fileless execution techniques, using DLL reflective and process injection, allowing the malware code to run solely in memory and avoid…
Read MoreJames Bamford on Section 702 Extension Longtime NSA-watcher James Bamford has a long article on the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act (FISA). Tags: FISA, national security policy, NSA, privacy, surveillance Posted on June 28, 2024 at 7:04 AM • 0 Comments Sidebar photo of Bruce Schneier by Joe MacInnis. Source…
Read More
Jun 28, 2024NewsroomNetwork Security / Data Protection A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as SnailLoad that could be used to remotely infer a user’s web activity. “SnailLoad exploits a bottleneck present on all Internet connections,” the researchers said in a study released this…
Read More
CompTIA Cloud+ Unlike most others on this list, the CompTIA Cloud+ certification provides more general training on the cloud. Still, cloud security features prominently in its curriculum: Candidates will learn vulnerability management, compliance adherence, and security controls. Because CompTIA Cloud+ also provides instruction in cloud architecture, deployment, operations, troubleshooting, and DevOps fundamentals, it may…
Read More