Thursday, May 19, 2022
SC Magazine

Microsoft warns zero-day in SolarWinds Serv-U software being exploited by Chinese threat group

Microsoft said it discovered a damaging zero-day vulnerability affecting SolarWinds software, and they have evidence a hacking group tied to China has been actively exploiting it in the wild. The flaw, which Microsoft said it discovered in Microsoft 365 Defender...
SC Magazine

CMS interoperability rule enacted: How providers should tackle API security

On July 1, the Centers for Medicare and Medicaid Services began the enforcement of its Interoperability and Patient Access final rule, designed to fuel data sharing between providers and to support patients’ rights to access their protected health information,...
SC Magazine

Ransomware captures attention of business leaders, as losses become real

A new Cybereason survey found that more than four out of five respondents from various business sectors – some  81% – said they are “highly” or “very concerned” about the risk of ransomware attacks. The survey’s authors said the response...
SC Magazine

Strata automation tool looks to simplify cloud migration projects

Strata Identity on Wednesday launched Maverics Identity Discovery, a free software tool that automates the manual process of auditing and cataloging on-premises identity environments. In a press release, Strata claims that the tool reduces cloud migration project times from months...
SC Magazine

AWS offers free online training for cloud architects

Amazon Web Services this week launched a new free online training series on Twitch that aims to build up the skills of cloud developers. The new series, the AWS Power Hour: Architecting, kicked off on Monday, July 12 and will...
SC Magazine

Websites repeatedly stalked by fraudulent copycats, say researchers

New research has shed some light on just how constantly corporate brands are bombarded by fraudulent attempts to impersonate their website domains. In its new “Impersonating Domains Report,” researchers at Digital Shadows found that over a four-month span this year,...
SC Magazine

New open data project looks to gauge success, failure of ransomware policy

The FBI notes in its annual IC3 report that ransomware is uniquely underreported, and its statistics can’t really be trusted. Various blockchain analysis groups have the means to compile ransomware statistics, but only for a price. That is unfortunate,...
SC Magazine

Microsoft fixes 117 vulnerabilities, four exploited in the wild

Microsoft on Tuesday picked up the pace on patching for July and released fixes for 117 vulnerabilities, four of which are being actively exploited in the wild.   July represents a dramatic shift from the relatively light releases security researchers have...
SC Magazine

Fashion brand Guess hacked, DarkSide ransomware group the likely culprit

Following news that noted fashion brand Guess suffered a data breach in which personal information may have been stolen, cybersecurity experts on Tuesday said that retailers should take this case as motivation to lock down their cyber defenses. News of...
SC Magazine

Major authentication and encryption weaknesses discovered in Schneider Electric, outdated ICS systems

A major vulnerability in Schneider Electric’s Modicon programmable logic controllers can be chained with others to allow for remote code execution. A comprehensive patch is not expected until fourth quarter, according to the company, which expects to deliver short-term...
SC Magazine

Report: Cyberattacks drive 185% spike in health care data breaches in 2021

More than 22.8 million patients have been impacted by a health care data breach so far in 2021, a whopping 185% increase from the same time period last year where just 7.9 million individuals were affected according to a...
SC Magazine

Non-profit Global Business Alliance launches supply chain subsidiary

The Global Business Alliance, a non-profit devoted to raising foreign investment in U.S. industry, announced Tuesday a subsidiary to help international companies manage supply chain concerns.  GBA Sentinel will assist international companies operating in the U.S. that face a growing understanding...
SC Magazine

Could allowlisting reduce the impact of ransomware, cyberattacks on health care?

A recent IDC report confirmed the health care sector is more vulnerable to the consequences of cyberattacks than other industries and the most likely to suffer application downtime, with 53% of covered entities reporting downtime after an attack. Health care...
SC Magazine

EDR (alone) won’t protect your organization from advanced hacking groups

Endpoint detection and response systems can often serve as a frontline defense for many organizations, collecting and storing telemetry from dispersed employee devices and using it to detect malicious activities or behaviors. However, a recent experiment by academic researchers at the...
SC Magazine

Colorado’s new law ups need for privacy awareness training

Following in the footsteps of California and Virginia, Colorado last week became the third U.S. state to officially pass a comprehensive consumer privacy law. In doing so, the state added yet another layer of complexity for consumer-facing organizations striving...

QuSecure Lauches Quantum-Resilient Encryption Platform

New firm launches to provide the Easy Button for implementing quantum secure encryption The pressure to implement quantum secure encryption is increasing. This isn’t because functioning quantum computers able to crack asymmetric encryption are expected tomorrow, but because of the...
The Register

Iran, China-linked gangs join Putin’s disinformation war online

They're using the invasion 'to take aim at the usual adversaries,' Mandiant told The Reg Pro-Beijing and Iran miscreants are using the war in Ukraine to spread disinformation that supports these countries' political interests — namely, advancing anti-Western narratives...

6 Scary Tactics Used in Mobile App Attacks

Mobile attacks have been going on for many years, but the threat is rapidly evolving as more sophisticated malware families with novel features enter the scene.

LimaCharlie Banks $5.45 Million in Seed Funding

LimaCharlie, a California company supplying tools to run an MSSP or SOC on a pay-as-you-use model, has attracted $5.45 million in seed round financing. read more