Category: Kamban
As the landscape of modern work changes, with its distributed teams and quickly evolving cloud-based technologies, maintaining access controls is an increasingly Sisyphean task. The process of achieving and maintaining IT compliance certifications is the perfect microcosm of this challenge: The work involved in identifying and designating assets as “in scope” for each regulation has…
Read More
MarineMax, self-described as the world’s largest recreational boat and yacht retailer, is notifying over 123,000 individuals whose personal information was stolen in a March security breach claimed by the Rhysida ransomware gang. The company operates over 130 locations, including 83 dealerships and 66 marinas and storage facilities worldwide. Last year, it reported $2.39 billion in revenue…
Read MoreMarineMax, self-described as the world’s largest recreational boat and yacht retailer, is notifying over 123,000 individuals whose personal information was stolen in a March security breach claimed by the Rhysida ransomware gang. The company operates over 130 locations, including 83 dealerships and 66 marinas and storage facilities worldwide. Last year, it reported $2.39 billion in revenue…
Read More
Kaspersky is offering free security products for six months and tips for staying safe as a parting gift to consumers in the United States. The company decided to close its business and lay off employees in the U.S. after the U.S. government added Kaspersky to the Entity List, a catalog of “foreign individuals, companies, and…
Read More
CISA is warning that a critical GeoServer GeoTools remote code execution flaw tracked as CVE-2024-36401 is being actively exploited in attacks. GeoServer is an open-source server that allows users to share, process, and modify geospatial data. On June 30th, GeoServer disclosed a critical 9.8 severity remote code execution vulnerability in its GeoTools plugin caused by…
Read More
A threat actor has released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January. Trello is an online project management tool owned by Atlassian. Businesses commonly use it to organize data and tasks into boards, cards, and lists. In January, BleepingComputer reported that a threat actor known…
Read More
Microsoft will introduce checkpoint cumulative updates starting in late 2024 for systems running devices running Windows Server 2025 and Windows 11, version 24H2 or later. This new type of update will deliver security fixes and new features via smaller, incremental differentials that include only changes added since the previous checkpoint cumulative update. The goal is…
Read More
The Mozi botnet has been documented as able to conduct HTTP, TCP, UDP, and other attacks. More information can be found in the April 2024 Sensor Intel Series article. [back to top] And Another Step Back: Emerging DDoS Attack Vectors HTTP/2 Abuse The relatively new HTTP/2 protocol (new in internet terms, since the protocol is…
Read More
Image: JJBers (CC BY 2.0)Rite Aid, the third-largest drugstore chain in the United States, says that 2.2 million customers’ personal information was stolen last month in what it described as a “data security incident.” The pharmacy giant employs over 6,000 pharmacists (out of a total workforce of more than 45,000) in 1,700 retail stores across 16 states. In data breach…
Read More
‘We received an investment this year. The idea was to make sure we could expand towards the US and become a global company. We had two main objectives. One was to get into the U.S. market as a global company and establish ourselves here. … And we realized that we needed to establish ourselves as…
Read More