What it does: FAIR provides a model for understanding, analyzing, and quantifying cyber risk and operational risk in financial terms, according to the Fair Institute. It’s unlike risk assessment frameworks that focus their output on qualitative color charts or numerical weighted scales. Instead it builds a foundation for developing a robust approach to information risk…
Read More
Action1’s expertise in patch management aligns well with CrowdStrike’s current need to enhance its update mechanisms. By integrating Action1’s technology into its platform, CrowdStrike could significantly improve the testing and deployment of updates, something it faced widespread criticism for in the months following the Falcon goof-up. Implications for customers The $1 billion valuation is a…
Read More
Aug 09, 2024Ravie LakshmananNational Security / Identity Theft The U.S. Department of Justice (DoJ) on Thursday charged a 38-year-old individual from Nashville, Tennessee, for allegedly running a “laptop farm” to help get North Koreans remote jobs with American and British companies. Matthew Isaac Knoot is charged with conspiracy to cause damage to protected computers, conspiracy…
Read More
Aug 09, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed that threat actors are abusing the legacy Cisco Smart Install (SMI) feature with the aim of accessing sensitive data. The agency said it has seen adversaries “acquire system configuration files by leveraging available protocols or software on devices,…
Read More
Business Security Cyber insurance is not only a safety net, but it can also be a catalyst for advancing security practices and standards 08 Aug 2024 • , 3 min. read If there was ever any doubt about the relationship between cybersecurity and the cyber insurance industry, then Black Hat USA 2024 dispelled it. A…
Read More
CrowdStrike’s ‘apology alone in these circumstances is vastly inadequate,’ Delta’s attorney said in a letter Thursday. Delta Air Lines and CrowdStrike’s war of words over responsibility and compensation concerning the July 19 faulty update that downed about 8.5 million Microsoft Windows machines continues to unfold publicly with well-known attorney David Boies, representing Delta, firing back…
Read More
“This is a massive game changer, providing us for the first time a SOC (Security Operations Center) and high-quality security talent that is 24/7 responding to threats and managing customer cyber environments,” said Fulcrum IT Partners President Kyle Lanzinger. Fulcrum IT Partners, the $1 billion international solution provider behemoth, is adding more security services muscle…
Read More
‘I didn’t make the decision to retire lightly,’ says Kirk Robinson, Ingram Micro executive vice president and president of North America. ‘But I’m beyond excited to spend more quality time with my family and friends, and paddle board on weekdays.’ Ingram Micro Executive Vice President and President of North America Kirk Robinson, a 31-year Ingram…
Read More
The U.S. Justice Department arrested a Nashville man charged with helping North Korean IT workers obtain remote work at companies across the United States and operating a laptop farm they used to pose as U.S.-based individuals. Matthew Isaac Knoot, 38, helped North Koreans use a stolen identity to pose as Andrew M., a U.S. citizen,…
Read More
Cisco is warning of multiple critical remote code execution zero-days in the web-based management interface of the end-of-life Small Business SPA 300 and SPA 500 series IP phones. The vendor has not made fixes available for these devices and shared no mitigation tips, so users of those products will have to move to newer and…
Read More