Author: nlqip
“So once the acquisition closes, our partners will have the opportunity to join Palo Alto Networks’ partner program, if they’re not already part of that, so they will be able to then sell Palo Alto’s Cortex XSIAM,” IBM’s Channel Chief Kate Woolley tells CRN. IBM and Palo Alto Networks are working together to make sure…
Read More
The company says the acquisition of Informer will help with automating the identification of exposed assets. Bugcrowd unveiled the acquisition of a decade-old provider of external attack surface management capabilities, Informer, in the latest in a series of acquisitions in the space. Terms of the acquisition weren’t disclosed. Informer has 15 employees, Bugcrowd told CRN.…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog…
Read MoreRockwell Automation has released guidance encouraging users to remove connectivity on all Industrial Control Systems (ICS) devices connected to the public-facing internet to reduce exposure to unauthorized or malicious cyber activity. Users and administrators are encouraged review the following Rockwell Automation notice for more information: Source link lol
Read More
May 23, 2024NewsroomCyber Espionage / Network Security The China-linked threat actor known as Sharp Panda has expanded their targeting to include governmental organizations in Africa and the Caribbean as part of an ongoing cyber espionage campaign. “The campaign adopts Cobalt Strike Beacon as the payload, enabling backdoor functionalities like C2 communication and command execution while…
Read MoreCISA released one Industrial Control Systems (ICS) advisory on May 23, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. Source link lol
Read More
“This is something that worries, above all, the smaller players who are struggling with how to solve it. Do they have to be staffed 24/7? The larger players who are used to tough regulations cope better,” says Rönn. And even though the time to prepare for DORA is running out, not all technical regulations have…
Read More
Fake code, inflated prices Researchers at CloudSEK analyzed approximately 25,000 posts on Telegram, many of which claimed to sell authentic Pegasus code, the statement added. These posts often followed a common template offering illicit services, with frequent mention of Pegasus and NSO tools. CloudSEK researchers went a step further, engaging with over 150 potential sellers.…
Read More
A scammer has been sentenced to 10 years in prison for laundering over US $4.5 million obtained by targeting businesses and the elderly with Business Email Compromise (BEC) and romance fraud scams. Malachi Mullings, a 31-year-old from Sandy Springs, Georgia, was charged with opening 20 bank accounts in the name of a sham company, The…
Read More
Context is critical in cloud security. In a recent RSA presentation, Tenable’s Shai Morag offered ten tips for end-to-end cloud infrastructure security. At the recent RSA Conference, Shai Morag, SVP and GM of Cloud Security at Tenable, led the session titled “Cloud Security Novice to Native in 10 Steps: A CNAPP Approach,” which delved into…
Read More