CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-34102 Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability CVE-2024-28995 SolarWinds Serv-U Path Traversal Vulnerability CVE-2022-22948 VMware vCenter Server Incorrect Default File Permissions Vulnerability These types of vulnerabilities are frequent attack…
Read More
AWS, UiPath, Microsoft, Nvidia, SAP and SoftwareOne were among the tech companies making key executive hires and moves in June 2024. New CEOs at Amazon Web Services and UiPath plus a chief artificial intelligence officer at Microsoft. Matt Garman, an 18-year AWS veteran; Daniel Dines, UiPath’s co-founder; and Vassili Patrikis, previously with Amazon, were some…
Read More
What’s happened? A new strain of the HardBit ransomware has emerged in the wild. It contains a protection mechanism in an attempt to prevent analysis from security researchers. HardBit? I think I’ve heard of that before. Quite possibly. HardBit first emerged in late 2022, and quickly made a name for itself as it attempted to…
Read More
Cloud networking standout Aviatrix hires Google Cloud’s director of Anthos and Google Kubernetes Enterprise as its new CTO. Cloud networking standout Aviatrix has hired former Google Kubernetes and VMware NSX all-star engineer Anirban Sengupta as its new CTO and senior vice president of engineering. Sengupta was previously Google Cloud’s senior director for Anthos and Google…
Read More
As the landscape of modern work changes, with its distributed teams and quickly evolving cloud-based technologies, maintaining access controls is an increasingly Sisyphean task. The process of achieving and maintaining IT compliance certifications is the perfect microcosm of this challenge: The work involved in identifying and designating assets as “in scope” for each regulation has…
Read More
MarineMax, self-described as the world’s largest recreational boat and yacht retailer, is notifying over 123,000 individuals whose personal information was stolen in a March security breach claimed by the Rhysida ransomware gang. The company operates over 130 locations, including 83 dealerships and 66 marinas and storage facilities worldwide. Last year, it reported $2.39 billion in revenue…
Read MoreMarineMax, self-described as the world’s largest recreational boat and yacht retailer, is notifying over 123,000 individuals whose personal information was stolen in a March security breach claimed by the Rhysida ransomware gang. The company operates over 130 locations, including 83 dealerships and 66 marinas and storage facilities worldwide. Last year, it reported $2.39 billion in revenue…
Read More
‘You want AI to understand the conditions of the data and to act according to the data they provide. So this creates a big opportunity for connecting existing data platforms into AI systems and serving them with all the permission sets and all that. That’s the premise of the data intelligence service that we are…
Read More
While blue teams defend, red teams attack. They share a common goal, however – help identify and address gaps in organizations’ defenses before these weaknesses can be exploited by malicious actors. The blue/red team exercises provide invaluable insights across the technical, procedural and human sides of security and can ultimately help organizations fend off actual…
Read More
“Most SaaS providers don’t provide multi-tenant data protection and choose to rely on data at rest encryption for all of their customers’ data,” Ho explained. “They have avoided this highly effective security control because of the overhead of implementing the code changes to encrypt data for each of their customers separately and the complexity of…
Read More