Business Security Having knowledgeable leaders at the helm is crucial for protecting the organization and securing the best possible cyber insurance coverage 07 Aug 2024 • , 4 min. read The board does not understand cybersecurity – that’s not so anymore. Prior to the pandemic, the CISO and cybersecurity team were seen as the geeks…
Read More
Gambling blockchain Ronin Network suffered a security incident yesterday when white hat hackers exploited an undocumented vulnerability on the Ronin bridge to withdraw 4,000 ETH and 2 million USDC, totaling $12 million. This figure corresponds to the maximum amount of ETH and USDC that can be withdrawn from the bridge via a single transaction, so…
Read More
The SEC has concluded its investigation into Progress Software’s handling of the widespread exploitation of a MOVEit Transfer zero-day flaw that exposed data of over 95 million people. In a new FORM 8-K filing with the SEC, Progress Software says that the SEC’s Division of Enforcement will not recommend any enforcement action regarding the security incident.…
Read More
In addition to major product launches, cybersecurity vendors also announced fundings, acquisitions and key hires this week in Las Vegas. Big Moves At Black Hat Along with an abundance of product launches this week in Las Vegas, numerous cybersecurity vendors have announced other major moves in connection with the Black Hat 2024 conference. Security giant…
Read More
CISA and the FBI confirmed today that the Royal ransomware rebranded to BlackSuit and has demanded over $500 million from victims since it emerged more than two years ago. This new information was shared as an update to a joint advisory published in March 2023, which says the BlackSuit gang has been active since September…
Read More
A new self-spreading worm named ‘CMoon,’ capable of stealing account credentials and other data, has been distributed in Russia since early July 2024 via a compromised gas supply company website. According to Kaspersky researchers who discovered the campaign, CMoon can perform a broad range of functions, including loading additional payloads, snapping screenshots, and launching distributed…
Read More
Solution provider silver and gold benefits “remain in effect for one year after your last purchase or renewal, but they will not undergo the January 2025 update,” Microsoft said. Microsoft revealed that it plans to no longer sell its Action Pack, Learning Action Pack or legacy silver and gold benefits starting Jan. 22 – and…
Read More
Researchers have demonstrated a method to bypass an anti-phishing measure in Microsoft 365 (formerly Office 365), elevating the risk of users opening malicious emails. Specifically, the anti-phishing measure that can be hidden is the ‘First Contact Safety Tip,’ which warns email recipients on Outlook when they receive a message from an unfamiliar address. Certitude analysts who…
Read More
A new eBook by Cynomi, “What does it take to be a full-fledged Virtual CISO?” lays out exactly how service providers can easily, rapidly, and economically expand their vCISO service offerings to cover the entire range of duties. The Chief Information Security Officer (CISO) position has risen to prominence in recent years due to the risk posed by rampant…
Read More
Apple’s macOS Sequoia, now in beta testing, will make it harder to bypass Gatekeeper warnings and add system alerts for potential stalkerware threats. Gatekeeper is a security feature that checks all apps downloaded from the Internet to see if they’re developer-signed (approved by Apple) and notarized by checking an extended attribute named com.apple.quarantine that is…
Read More