Article: RevengeRAT and AysncRAT target aerospace and travel sectors - published almost 3 years ago.
Content: American Airlines flight 718, a Boeing 737 Max, is seen parked at its gate at Miami International Airport as passengers board for a flight to New York on December 29, 2020 in Miami, Florida. A campaign of remote access trojans is targeting the aerospace and travel industries. (Photo by Joe Raedle/Getty Images) Microsoft Security Intelligence earlier this...
Copy Link: https://www.scmagazine.com/home/security-news/phishing/revengerat-and-aysncrat-target-aerospace-and-travel-sectors/   
Published: 2021 05 14 22:10:40
Received: 2021 05 14 23:00:23
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: In executive order, federal security provides impetus for far reaching cyber implications - published almost 3 years ago.
Content: Cyber warfare operators configure a threat intelligence feed for daily watch at Warfield Air National Guard Base, Middle River, Md. The Biden Administration has focused a lot of efforts on security federal systems, but many of the efforts have potential for trickle down impact.(U.S. Air Force photo by J.M. Eddins Jr.) Pitched as a response to SolarWinds...
Copy Link: https://www.scmagazine.com/home/government/in-eo-federal-security-provides-impetus-for-far-reaching-cyber-implications/   
Published: 2021 05 14 21:59:40
Received: 2021 05 14 22:00:23
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Arkose Labs looks to hit cybercriminals where it hurts with $70 million cash infusion - published almost 3 years ago.
Content: Arkose Labs CEO Kevin Gosschalk described the company’s end game as incentivizing cybercriminals to “get a job that’s legitimate.” His words come as the online fraud and abuse prevention technology company announced this week $70 million in Series C funding, led by SoftBank Vision Fund 2. Wells Fargo Strategic Capital, as well as previous investors in M1...
Copy Link: https://www.scmagazine.com/home/security-news/arkose-labs-looks-to-hit-cybercriminals-where-it-hurts-with-70-million-cash-infusion/   
Published: 2021 05 14 20:04:36
Received: 2021 05 14 21:00:24
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Biden’s executive order aims to improve threat sharing by revising language in federal contracts - published almost 3 years ago.
Content: President Biden last February speaks publicly prior to signing an executive order on the economy. Three months later, he would sign yet another EO designed to improve the nation’s cyber posture. (Photo by Doug Mills-Pool/Getty Images) President Joe Biden’s Executive Order on Improving the Nation’s Cybersecurity proposes many ambitious goals, but among th...
Copy Link: https://www.scmagazine.com/home/government/bidens-executive-order-aims-to-improve-threat-sharing-by-revising-language-in-federal-contracts/   
Published: 2021 05 14 20:45:08
Received: 2021 05 14 21:00:24
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Colonial Pipeline paying the ransom shows that only better security can stop this vicious cycle - published almost 3 years ago.
Content: Today’s special columnist, Lior Div of Cybereason, says Colonial Pipeline reportedly paying a $5 million ransom could up the ransomware game with even more attacks on networks and higher ransom demands. peripathetic CreativeCommons CC BY-NC-SA 2.0 Getting hit with ransomware puts every company in a tough spot – and there are no clear cut best practices t...
Copy Link: https://www.scmagazine.com/perspectives/what-colonial-pipeline-paying-the-ransom-means-moving-forward/   
Published: 2021 05 14 15:40:00
Received: 2021 05 14 16:00:27
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: BluBracket raises $12 million to expand operations and support a shift left in code testing - published almost 3 years ago.
Content: BluBracket got a congratulations by NASDAQ after its Series A funding, which the company will use to expand operations. (BlueBracket) Code automation company BluBracket on Thursday said it raised $12 million in Series A funding so it can continue to work with DevSecOps teams to build security into products from the start and shift code development left. ...
Copy Link: https://www.scmagazine.com/home/security-news/blubracket-raises-12-million-to-expand-operations-and-support-a-shift-left-in-code-testing/   
Published: 2021 05 14 12:33:25
Received: 2021 05 14 13:00:23
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: The Mayo Clinic’s team approach saved my life; now I use it to build great software - published almost 3 years ago.
Content: Today’s columnist, Keith Ibarguen of Cofense, drew from the lifesaving cancer treatment he received at the Mayo Clinic to go on and apply the multidisciplinary approach used by the medical staff at Mayo to his work as a security software developer. alasam CreativeCommons CC BY-NC-ND 2.0 In 2017 I was diagnosed with liver cancer. I’ll spare you all the de...
Copy Link: https://www.scmagazine.com/perspectives/multidisciplinary-teams-saved-my-life-now-i-use-them-to-build-great-software/   
Published: 2021 05 14 10:00:00
Received: 2021 05 14 11:00:04
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Developers knowingly push flawed code, doubt build environments are secure - published almost 3 years ago.
Content: Apple CEO Tim Cook delivers the keynote address during the 2019 Apple Worldwide Developer Conference (WWDC) at the San Jose Convention Center on June 03, 2019 in San Jose, California. New research found that most development teams, 81%, had knowingly pushed flawed code live.(Photo by Justin Sullivan/Getty Images) Overwhelmed and resource-starved app deve...
Copy Link: https://www.scmagazine.com/application-security/developers-knowingly-push-flawed-code-doubt-build-environments-are-secure/   
Published: 2021 05 14 00:08:44
Received: 2021 05 14 01:00:05
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Rapid7: Attackers got ‘limited access’ to source code, customer data after Codecov breach - published almost 3 years ago.
Content: A view of the entrance into the Rapid7 offices. The company confirmed that “a small subset” of its source code repositories and some customer credentials and other data were accessed by an unauthorized party. (Rapid7) Security vendor Rapid7 confirmed that “a small subset” of its source code repositories and some customer credentials and other data were a...
Copy Link: https://www.scmagazine.com/home/security-news/data-breach/rapid7-attackers-got-limited-access-to-source-code-customer-data-after-codecov-breach/   
Published: 2021 05 13 21:25:58
Received: 2021 05 13 22:00:13
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Biden signs massive cyber order, using federal buying power to influence broader private sector practices - published almost 3 years ago.
Content: President Joe Biden salutes as he walks along the Colonnade of the White House on Friday, March 12, 2021, en route to the Oval Office. (Official White House Photo by Adam Schultz) Dating back to SolarWinds — the fallout to which started a few months before his administration — and continuing through the Microsoft Exchange hacking and the Colonial Pipelin...
Copy Link: https://www.scmagazine.com/home/government/biden-signs-massive-order-on-cybersecurity/   
Published: 2021 05 12 23:27:26
Received: 2021 05 13 15:00:05
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: What we’ve learned from the Colonial Pipeline cyberattack, and what to do about it - published almost 3 years ago.
Content: Today’s columnist, Grant Geyer of Claroty, offers some actionable advice in the wake of the Colonial Pipeline cyberattack. OrbitalJoe CreativeCommons CC BY-NC-ND 2.0 Last year a friend was preparing for a cybersecurity roundtable and asked me a thought-provoking question: What “black swan” event will make the world take stock of cybersecurity as an exist...
Copy Link: https://www.scmagazine.com/perspectives/what-weve-learned-from-the-colonial-pipeline-cyberattack-and-what-to-do-about-it/   
Published: 2021 05 13 10:00:00
Received: 2021 05 13 15:00:05
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: H&R Block seeks out open-source expertise to stock up on SOC talent - published almost 3 years ago.
Content: An H&R Block location in Gillette, Wyoming. (Mr. Satterly, CC0, via Wikimedia Commons) College graduates and cert-holders certainly make for valuable hiring candidates. But dig a little deeper and you’ll find that contributors to open source projects constitute an overlooked pool of talent who can bring diversity of thought and experience to your sec...
Copy Link: https://www.scmagazine.com/home/security-news/network-security/hr-block-seeks-out-open-source-expertise-to-stock-up-on-soc-talent/   
Published: 2021 05 13 11:00:00
Received: 2021 05 13 15:00:05
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Publishing exploits early doesn’t encourage patching or help defense, data shows - published almost 3 years ago.
Content: Inside New York City’s Cyber Command. Despite debate in the threat intel community, a new study finds that publishing exploits before patches are available does more harm than good. (New York University) A new study quantifying the benefits and dangers to security when exploits are published before patches found a lot of the latter and little of the form...
Copy Link: https://www.scmagazine.com/home/patch-management/publishing-exploits-early-doesnt-encourage-patching-or-help-defense-data-shows/   
Published: 2021 05 13 12:00:00
Received: 2021 05 13 15:00:05
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: SMBs increasingly face same cyber threats as large enterprises - published almost 3 years ago.
Content: For the first time since the Verizon Data Breach Investigations Report began tracking cyberattack techniques, threat patterns affecting small and medium businesses began to closely align with the patterns affecting large firms. (Photo by Scott Olson/Getty Images) For the first time since the Verizon Data Breach Investigations Report began tracking cybera...
Copy Link: https://www.scmagazine.com/home/security-news/network-security/smbs-increasingly-face-same-cyber-threats-as-large-enterprises/   
Published: 2021 05 13 04:01:00
Received: 2021 05 13 05:00:16
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Microsoft fixes four critical vulnerabilities that pose risk to both data and infrastructure - published almost 3 years ago.
Content: Products affected by the Microsoft vulnerabilities include Hyper-V, Internet Explorer, Windows Server, and Windows 10. (Microsoft) Microsoft fixed four critical vulnerabilities Tuesday, none of which to date are being exploited in the wild. Products affected by the Microsoft vulnerabilities include Hyper-V, Internet Explorer, Windows Server, and Windo...
Copy Link: https://www.scmagazine.com/home/security-news/vulnerabilities/microsoft-fixes-four-critical-vulnerabilities-that-pose-risk-to-both-data-and-infrastructure/   
Published: 2021 05 13 01:32:34
Received: 2021 05 13 02:00:26
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Biden signs massive order on cybersecurity - published almost 3 years ago.
Content: President Joe Biden salutes as he walks along the Colonnade of the White House on Friday, March 12, 2021, en route to the Oval Office. (Official White House Photo by Adam Schultz) Dating back to SolarWinds — the fallout to which started a few months before his administration — and continuing through the Microsoft Exchange hacking and the Colonial Pipelin...
Copy Link: https://www.scmagazine.com/home/government/biden-signs-massive-order-on-cybersecurity/   
Published: 2021 05 12 23:27:26
Received: 2021 05 13 00:00:14
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Issues with configuration of AWS service lead to exposure of 5 million records - published almost 3 years ago.
Content: Visitors arrive at the cloud pavilion of Amazon Web Services at the 2016 CeBIT digital technology trade fair in Hanover, Germany. AWS System Manager (SSM) misconfigurations led to the potential exposure of more than 5 million documents with personally identifiable information and credit card transactions on more than 3,000 SSM documents. (Photo by Sean Gal...
Copy Link: https://www.scmagazine.com/home/security-news/cloud-security/aws-configuration-issues-lead-to-exposure-of-5-million-records/   
Published: 2021 05 11 22:18:08
Received: 2021 05 12 22:00:27
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: 167 counterfeit apps used for financial scams against Android and iOS users - published almost 3 years ago.
Content: A pedestrian uses his cell phone by a sign outside of the JPMorgan Chase headquarters in New York City. Researchers found 167 counterfeit Android and iOS apps that attackers used to steal money from victims who believed they installed a financial trading, banking or cryptocurrency app. (Photo by Justin Sullivan/Getty Images) Researchers on Wednesday rep...
Copy Link: https://www.scmagazine.com/home/security-news/mobile-security/167-counterfeit-apps-used-for-financial-scams-against-android-and-ios-users/   
Published: 2021 05 12 21:33:23
Received: 2021 05 12 22:00:27
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Report finds old misconfiguration woes continue to hammer corporate clouds - published almost 3 years ago.
Content: Visitors crowd a cloud computing presentation at the CeBIT technology trade fair on March 2, 2011 in Hanover, Germany. Misconfigured buckets and leaky APIs continue to be the biggest and most impactful cloud security holes for businesses. (Sean Gallup/Getty Images) Misconfigured buckets and leaky APIs continue to be the biggest and most impactful cloud s...
Copy Link: https://www.scmagazine.com/home/security-news/cloud-security/report-finds-old-misconfiguration-woes-continue-to-hammer-corporate-clouds/   
Published: 2021 05 12 21:48:12
Received: 2021 05 12 22:00:27
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Microvirtualization at the heart of new HP hardware line - published almost 3 years ago.
Content: The Hewlett Packard (HP) logo is displayed in front of the office complex on October 04, 2019 in Palo Alto, California. HP announced Wolf Security, its new line of PCs, printers and a consolidated security platform that takes a hardware-centric approach to endpoint security. (Photo by Justin Sullivan/Getty Images) Shifts to enable remote working amid the...
Copy Link: https://www.scmagazine.com/virtualization/microvirtualization-at-the-heart-of-new-hp-hardware-line/   
Published: 2021 05 12 17:17:36
Received: 2021 05 12 18:00:16
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Embracing mainframe pen tests in the new normal - published almost 3 years ago.
Content: Today’s columnist, Mark Wilson of BMC Mainframe Services, writes about how the pandemic has finally shifted the culture and remote pen tests on mainframes are now acceptable. Agiorgio CreativeCommons CC BY-SA 4.0 Until recently, mainframe penetration testing was performed onsite for no other reason than “it’s a mainframe.” Yet the majority of non-mainfr...
Copy Link: https://www.scmagazine.com/perspectives/embracing-mainframe-pen-tests-in-the-new-normal/   
Published: 2021 05 12 15:30:00
Received: 2021 05 12 16:00:23
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: ‘Everyone had to rethink security’: What Microsoft learned from a chaotic year - published almost 3 years ago.
Content: Corporate Vice President of Security, Compliance and Identity Vasu Jakkal spoke to SC Media about lessons from a tumultuous year. (Microsoft) The last year brought rapid growth shifts to remote work, combined with a frantic pace of mega-vulnerabilities that called into question fundamental approaches to supply chain and patch management. This added ...
Copy Link: https://www.scmagazine.com/remote-access/everyone-had-to-rethink-how-they-think-about-security-what-microsoft-learned-from-a-chaotic-year/   
Published: 2021 05 12 10:00:00
Received: 2021 05 12 10:00:16
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Colonial Pipeline attack underscores the need for vigilance - published almost 3 years ago.
Content: Today’s special columnist, Scott Register of Keysight Technologies, says government and industry must come together to secure the nation’s critical infrastructure in the wake of the Colonial Pipeline hack. Credit: Colonial Pipeline For the past several days the cyberworld has focused on the May 7 ransomware attack on Colonial Pipeline that shut down t...
Copy Link: https://www.scmagazine.com/perspectives/colonial-pipeline-attack-underscores-the-need-for-vigilance/   
Published: 2021 05 12 01:18:25
Received: 2021 05 12 02:00:27
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: AWS configuration issues lead to exposure of 5 million records - published almost 3 years ago.
Content: Visitors arrive at the cloud pavilion of Amazon Web Services at the 2016 CeBIT digital technology trade fair in Hanover, Germany. AWS System Manager (SSM) misconfigurations led to the potential exposure of more than 5 million documents with personally identifiable information and credit card transactions on more than 3,000 SSM documents. (Photo by Sean Gal...
Copy Link: https://www.scmagazine.com/home/security-news/cloud-security/aws-configuration-issues-lead-to-exposure-of-5-million-records/   
Published: 2021 05 11 22:18:08
Received: 2021 05 11 23:00:19
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Listen: Cybercrime investigator turned CISO, Petri Kuivala, talks evolution of security culture - published almost 3 years ago.
Content: Petri Kuivala got his start in cybersecurity on the force. He joined to do normal police work, never imagining that he’d end up in cybersecurity. Yet, after a few years, he joined a team that was among one of the first to develop IT-based crime analysis. Today, Kuivala is the CISO at NXP Conductors based in Eindhoven, Holland but working remotely fro...
Copy Link: https://www.scmagazine.com/home/from-the-collaborative/listen-cybercrime-investigator-turned-ciso-petri-kuivala-talks-evolution-of-security-culture/   
Published: 2021 05 11 19:14:17
Received: 2021 05 11 20:00:20
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Zix tricks: Phishing campaign creates false illusion that emails are safe - published almost 3 years ago.
Content: An Office 365 retail pack. (Raysonho @ Open Grid Scheduler / Grid Engine, CC0, via Wikimedia Commons) Researchers last week spotted a phishing campaign that they say was designed to exploit users’ trust in Zix’s online email authentication solution, in hopes that potential victims would be lulled into a false sense of security. The attack reached 5,00...
Copy Link: https://www.scmagazine.com/home/email-security/zix-tricks-phishing-campaign-creates-false-illusion-that-emails-are-safe/   
Published: 2021 05 11 19:54:36
Received: 2021 05 11 20:00:20
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: WATCH: FBI cyber division chief details support for businesses in the ransomware battle - published almost 3 years ago.
Content: As Colonial Pipeline struggles to return to operations amid a crippling ransomware attack, public and private sector alike want to know how law enforcement is leveraging technology, partnership with industry, and policy to manage the threat. During a SC Media eSummit on ransomware at the end of 2020, Herb Stapleton, cyber division section chief at the F...
Copy Link: https://www.scmagazine.com/home/security-news/ransomware/watch-fbi-cyber-division-chief-details-how-his-team-will-support-businesses-in-the-ransomware-battle/   
Published: 2021 05 11 15:40:56
Received: 2021 05 11 17:00:09
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: WATCH: FBI cyber division chief details how his team will support businesses in the ransomware battle - published almost 3 years ago.
Content: As Colonial Pipeline struggles to return to operations amid a crippling ransomware attack, public and private sector alike want to know how law enforcement is leveraging technology, partnership with industry, and policy to manage the threat. During a SC Media eSummit on ransomware at the end of 2020, Herb Stapleton, cyber division section chief at the F...
Copy Link: https://www.scmagazine.com/home/security-news/ransomware/watch-fbi-cyber-division-chief-details-how-his-team-will-support-businesses-in-the-ransomware-battle/   
Published: 2021 05 11 15:40:56
Received: 2021 05 11 16:00:12
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Vulnerability attacks weakness in Microsoft Azure virtual machine extensions - published almost 3 years ago.
Content: Researchers at Intezer released details behind a previously undisclosed vulnerability that could allow Microsoft Azure users with low-level privileges to leak private data from any virtual machine extension plugged into their cloud environment. (Photo by Jeenah Moon/Getty Images) Researchers at Intezer released details behind a previously undisclosed vul...
Copy Link: https://www.scmagazine.com/home/security-news/cloud-security/vulnerability-attacks-weakness-in-microsoft-azure-virtual-machine-extensions/   
Published: 2021 05 11 14:00:00
Received: 2021 05 11 14:00:20
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: How to find, fund and fix cyber risk blind spots - published almost 3 years ago.
Content: Today’s columnist, Sean McDermott of RedMonocle, says that companies should use the NIST 800-53 security and privacy controls to help find cyber risk blind spots. After that, companies need to fund and then fix the security gaps. Credit: NIST The FBI Internet Crime Complaint Center reports that cybercrime has risen 300% in the last 12 months and concerns...
Copy Link: https://www.scmagazine.com/perspectives/how-to-find-fund-and-fix-cyber-risk-blind-spots/   
Published: 2021 05 11 10:00:00
Received: 2021 05 11 10:00:26
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Why companies need a chief product security officer - published almost 3 years ago.
Content: Digital transformation has changed the way companies do business, which has in turn changed the way consumers interact with the products and services companies provide. Where once the concept of product security was a niche feature of paramount importance to those companies that had a tangible product, the world has changed. As a result, the need to secure t...
Copy Link: https://www.scmagazine.com/perspectives/why-companies-need-a-chief-product-security-officer/   
Published: 2021 05 10 10:00:00
Received: 2021 05 11 02:00:09
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Colonial Pipeline attack: What government can do to deter critical infrastructure cybercriminals - published almost 3 years ago.
Content: An aerial view of a Colonial Pipeline tank farm. A cyberattack that forced company to pause operations has cybersecurity experts questioning what tactics the U.S. government can take to deter cybercriminals. (Colonial Pipeline) The cyberattack on the Colonial Pipeline spurred a clear message from the White House Monday that the onus lies with critical in...
Copy Link: https://www.scmagazine.com/home/security-news/ransomware/the-colonial-pipeline-attack-what-government-can-do-to-deter-critical-infrastructure-attacks/   
Published: 2021 05 11 00:55:35
Received: 2021 05 11 02:00:09
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: The Colonial Pipeline attack: What government can do to deter critical infrastructure attacks - published almost 3 years ago.
Content: An aerial view of a Colonial Pipeline tank farm. A cyberattack that forced company to pause operations has cybersecurity experts questioning what tactics the U.S. government can take to deter cybercriminals. (Colonial Pipeline) The cyberattack on the Colonial Pipeline spurred a clear message from the White House Monday that the onus lies with critical in...
Copy Link: https://www.scmagazine.com/home/security-news/ransomware/the-colonial-pipeline-attack-what-government-can-do-to-deter-critical-infrastructure-attacks/   
Published: 2021 05 11 00:55:35
Received: 2021 05 11 01:00:33
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: CrowdStrike, Google partnership aims to deliver defense-in-depth for hybrid cloud environments - published almost 3 years ago.
Content: Urs Holzle, Senior Vice President for Technical Infrastructure at Google, speaks on the Google Cloud Platform during a Google I/O Developers Conference in San Francisco, California. CrowdStrike and Google Cloud announced a series of product integrations. (Photo by Stephen Lam/Getty Images) CrowdStrike and Google Cloud on Monday announced a series of prod...
Copy Link: https://www.scmagazine.com/home/security-news/cloud-security/crowdstrike-google-partnership-aims-to-deliver-defense-in-depth-for-hybrid-cloud-environments/   
Published: 2021 05 10 21:06:31
Received: 2021 05 10 22:00:19
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Colonial Pipeline attack spotlights risks of geographically dispersed networks in an industry that is ‘far behind’ - published almost 3 years ago.
Content: Fuel holding tanks are seen at Colonial Pipeline’s Linden Junction Tank Farm on May 10, 2021 in Woodbridge, New Jersey. Alpharetta, Georgia-based Colonial Pipeline, which has the largest fuel pipeline, was forced to shut down its oil and gas pipeline system on Friday after a ransomware attack that has slowed down the transportation of oil in the eastern U.S...
Copy Link: https://www.scmagazine.com/home/security-news/ransomware/colonial-pipeline-attack-spotlights-risks-of-geographically-dispersed-networks/   
Published: 2021 05 10 18:46:46
Received: 2021 05 10 19:00:19
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: White House: Colonial should be its own ‘first line of defense’ against attacks - published almost 3 years ago.
Content: Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger and Homeland Security Advisor and Deputy National Security Advisor Dr. Elizabeth Sherwood-Randall speak about the Colonial Pipeline cyber attack during the daily press briefing at the White House on May 10, 2021 in Washington, DC. According to news reports, a criminal group f...
Copy Link: https://www.scmagazine.com/home/security-news/white-house-colonial-should-be-its-own-first-line-of-defense-against-attacks/   
Published: 2021 05 10 18:53:22
Received: 2021 05 10 19:00:19
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Why companies need a Chief Product Security Officer - published almost 3 years ago.
Content: Digital transformation has changed the way companies do business, which has in turn changed the way consumers interact with the products and services companies provide. Where once the concept of product security was a niche feature of paramount importance to those companies that had a tangible product, the world has changed. As a result, the need to secure t...
Copy Link: https://www.scmagazine.com/perspectives/why-companies-need-a-chief-product-security-officer/   
Published: 2021 05 10 10:00:00
Received: 2021 05 10 10:00:13
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Small and medium businesses need their own federal cyber policy, say advocates - published about 3 years ago.
Content: A woman works in a coffee shop in New York’s Chinatown on February 13, 2020 in New York City. Small and medium businesses often have distinct challenges tied to cybersecurity. (Photo by Spencer Platt/Getty Images) Small to medium-sized businesses have drastically different cybersecurity preparedness, capacity and overall posture than their king-sized bre...
Copy Link: https://www.scmagazine.com/home/government/small-and-medium-businesses-need-their-own-federal-cyber-policy-say-advocates/   
Published: 2021 05 07 22:12:35
Received: 2021 05 07 23:00:22
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Beware the gold rush: The risk of a cyber investment surge - published about 3 years ago.
Content: Co-founder and CEO at Cloudflare Matthew Prince, center right, shares the stage with venture capital leaders at TechCrunch Disrupt Berlin 2019. Investment in cyber companies is booming after a year of cyber wake-up calls. (Photo by Noam Galai/Getty Images for TechCrunch) During a May interview, veteran cyber executive Dave Dewalt threw some big numbers m...
Copy Link: https://www.scmagazine.com/home/editorial/beware-the-gold-rush-the-risk-of-a-cyber-investment-surge/   
Published: 2021 05 07 21:36:49
Received: 2021 05 07 22:00:25
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Security researchers applaud Google’s move towards multi-factor authentication - published about 3 years ago.
Content: A sign is displayed at the Google outdoor booth during exhibitor setups for CES 2020 at the Las Vegas Convention Center in Las Vegas, Nevada. Google announced that it will automatically enroll users in multifactor authentication – what they are calling two-step verification. (Photo by Mario Tama/Getty Images) Google took an important step on Thursday by ...
Copy Link: https://www.scmagazine.com/password-management/security-researchers-applaud-googles-move-towards-multi-factor-authentication/   
Published: 2021 05 07 19:34:32
Received: 2021 05 07 20:00:24
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Buer malware rewritten in Rust language to curb detection - published about 3 years ago.
Content: Ferris, the Rust mascot Developers of the malicious downloader Buer have taken the unusual step of rewriting the malware in a lesser-known Rust programming language, presumably to avoid detection while also potentially slowing down investigative analysis. While it’s fairly common to find malware written in C, C+, Python and Java, threat actors have a...
Copy Link: https://www.scmagazine.com/home/security-news/malware/buer-malware-rewritten-in-rust-language-to-curb-detection/   
Published: 2021 05 07 18:00:39
Received: 2021 05 07 19:00:26
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Jumpstart your adoption of Zero Trust with these three steps - published about 3 years ago.
Content: Today’s columnist, Michael Covington of Wandera, says many companies start on their Zero Trust journey by focusing on SaaS apps first. Cerillium CreativeCommons CC BY 2.0 Zero Trust requires that all users are authenticated, authorized, and continuously assessed for risk to access corporate applications and data. Many organizations begin their Zero Tr...
Copy Link: https://www.scmagazine.com/perspectives/jumpstart-your-adoption-of-zero-trust-with-these-three-steps/   
Published: 2021 05 07 10:00:00
Received: 2021 05 07 11:00:26
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Financial sector saw a 125% increase in mobile phishing attacks during 2020 - published about 3 years ago.
Content: Finance is among the sectors that has struggled most in compliance with a standard for storing and transmitting credit card information. (Uris at English Wikipedia/CC BY-SA 3.0) Researchers on Thursday reported that despite a 50% increase in mobile device management (MDM) adoption during the past year, average quarterly exposure to phishing attacks on mo...
Copy Link: https://www.scmagazine.com/home/security-news/mobile-security/financial-sector-saw-a-125-increase-in-mobile-phishing-attacks-during-2020/   
Published: 2021 05 06 22:14:12
Received: 2021 05 06 23:00:26
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: The business of cyber: How security defines (or derails) success - published about 3 years ago.
Content: Is cyber a hurdle to success, or might it be an enabler? In this SC Awards Winners Circle roundtable, cybersecurity leaders, and award recipients, share how organizations can shift the mindset and understand how a culture of security may be good for business. SC Media senior reporter Joe Uchill is joined for the discussion by Sounil Yu, chief informatio...
Copy Link: https://www.scmagazine.com/scawards/the-business-of-cyber-how-security-defines-or-derails-success/   
Published: 2021 05 06 21:10:37
Received: 2021 05 06 22:00:28
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Here’s the breakdown of cybersecurity stats only law firms usually see - published about 3 years ago.
Content: Image of the Washington, D.C. office of law firm BakerHostetler. In a field where every contractor releases an annual infosec report, BakerHostetler’s is unique. BakerHostetler, a law firm with a massive data and privacy presence, compiles data from their client’s experiences to offer a rare lawyer’s perspective on cyber statistics. No amount of vendor ...
Copy Link: https://www.scmagazine.com/home/security-news/legal-security-news/heres-the-breakdown-of-cybersecurity-stats-only-law-firms-usually-see/   
Published: 2021 05 06 21:38:24
Received: 2021 05 06 22:00:27
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Vulnerability in Qualcomm chips lets an attacker snoop on calls and texts - published about 3 years ago.
Content: Seen here, Qualcomm CEO Steve Mollenkopf (Qualcomm) Checkpoint researchers shed new light this week on a vulnerability affecting a cellular chip embedded in 40% of the world’s smartphones that allows attackers to inject malware and snoop on text and voice conversations. Back in August 2020, the company unveiled research around 400 different vulnerable...
Copy Link: https://www.scmagazine.com/home/security-news/mobile-security/vulnerability-in-qualcomm-chips-lets-an-attacker-snoop-on-calls-and-texts/   
Published: 2021 05 06 20:34:35
Received: 2021 05 06 21:00:19
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: SolarWinds hires CISO from within, enabling a quicker security transformation - published about 3 years ago.
Content: SolarWinds this week announced that its vice president of security Tim Brown has taken on the additional title of CISO, as part of the company’s ongoing efforts to institute a secure-by-design posture. (“SolarWinds letters” by sfoskett at is licensed under CC BY-NC-SA 2.0) SolarWinds this week announced that its vice president of security Tim Brown has ...
Copy Link: https://www.scmagazine.com/home/security-news/solarwinds-hires-ciso-from-within-enabling-a-quicker-security-transformation/   
Published: 2021 05 06 18:49:34
Received: 2021 05 06 19:00:16
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Software developers warm up to automated testing as security, cloud rise in importance - published about 3 years ago.
Content: A GitLab employee workstation. The company recently released an annual survey on software development trends. (GitLab’s website) Developers are frustrated about the sluggish pace of testing code for security and functionality and are increasingly incorporating automation and machine learning to ease workloads, according to results from an annual survey o...
Copy Link: https://www.scmagazine.com/home/security-news/cloud-security/software-developers-warm-up-to-automated-testing-as-security-cloud-rise-in-importance/   
Published: 2021 05 04 20:40:59
Received: 2021 05 06 16:49:16
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Choose Your Own Adventure game animates security awareness training - published about 3 years ago.
Content: Infosec’s Choose Your Own Adventure training game “Deep Space Danger” tests employees on their knowledge of social engineering. The employees at your organization are badly in need of security awareness training. What do you do? A. Bore them with dull content that feels like a lecture.B. Engage them with gamified, interactive lessons. “B” is obviou...
Copy Link: https://www.scmagazine.com/home/security-news/phishing/choose-your-own-adventure-game-animates-security-awareness-training/   
Published: 2021 05 04 23:32:26
Received: 2021 05 06 16:49:16
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: 21 vulnerabilities in Exim mail server leave web, cloud operations exposed - published about 3 years ago.
Content: Promotional item put out by the Digital Equipment Corporation to promote the UNIX operating system. Twenty-one vulnerabilities were discovered in Exim Internet Mailer, a popular mail transfer agent (MTA) that’s available for major Unix-like operating systems. (KHanger/CC BY 3.0/https://commons.wikimedia.org/wiki/File:UNIX-Licence-Plate.JPG) Researchers ...
Copy Link: https://www.scmagazine.com/home/security-news/vulnerabilities/21-vulnerabilities-in-exim-mail-server-leave-web-cloud-operations-exposed/   
Published: 2021 05 05 01:16:59
Received: 2021 05 06 16:49:16
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Five takeaways from the FBI 2020 Internet Crime Report - published about 3 years ago.
Content: FBI Director Christopher Wray speaks in Washington, D.C. Today’s columnist, Brian Johnson of Armorblox, offers five takeaways from the FBI’s 2020 Internet Crime Report. Credit: FBI The FBI Internet Crime Complaint Center (IC3) in March released its 2020 Internet Crime Report with updated statistics on Business Email Compromise (BEC), Email Account Compro...
Copy Link: https://www.scmagazine.com/perspectives/five-takeaways-from-the-fbi-2020-internet-crime-report/   
Published: 2021 05 05 10:00:00
Received: 2021 05 06 16:49:16
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Next gen tech: Most promising areas of emerging technology and innovation in cyber - published about 3 years ago.
Content: As adversaries evolve their technique, so must the cyber industry. In this SC Awards Winners Circle roundtable discussion, SC Media speaks to cybersecurity leaders, and SC Award recipients, about the most compelling areas of technology for ensuring the protection of sensitive data and networks. Joining SC Media’s Derek Johnson for the discussion is TJ J...
Copy Link: https://www.scmagazine.com/scawards/next-gen-tech-most-promising-areas-of-emerging-technology-and-innovation-in-cyber/   
Published: 2021 05 05 12:28:52
Received: 2021 05 06 16:49:16
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: IP or just generic tech? Palo Alto argues Centripetal patent claims are overly broad - published about 3 years ago.
Content: Signage with logo at the Silicon Valley headquarters of computer security and firewall company Palo Alto Networks, Santa Clara, California, August 17, 2017. Palo Alto Networks asked a Virginia judge to dismiss a patent lawsuit filed against them by Centripetal Networks. (Photo via Smith Collection/Gado/Getty Images). Palo Alto Networks asked a Virginia j...
Copy Link: https://www.scmagazine.com/firewalls-ipsec-vpns/ip-or-just-generic-tech-palo-alto-argues-centripetal-patent-claims-are-overly-broad/   
Published: 2021 05 05 20:57:30
Received: 2021 05 06 16:49:16
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: 180+ OAuth 2.0 cloud malware apps detected - published about 3 years ago.
Content: Proofpoint offices in Toronto, Canada. (Raysonho @ Open Grid Scheduler / Scalable Grid Engine, CC0, via Wikimedia Commons) Researchers issued a warning on Wednesday to any company running cloud apps, reporting that in 2020 they detected more than 180 different malicious open authorization (OAuth) applications attacking 55% of their customers with a succe...
Copy Link: https://www.scmagazine.com/home/security-news/cloud-security/180-oauth-2-0-cloud-malware-apps-detected/   
Published: 2021 05 05 21:04:47
Received: 2021 05 06 16:49:16
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: BazarBackdoor phishing campaign eschews links and files to avoid raising red flags - published about 3 years ago.
Content: A pair of related phishing campaigns this year took the unusual step of intentionally avoiding malicious links or attachments in its emails  – a sign that threat actors may recognize the need to come up with new tactics. Here, workers prepare a presentation the day before the CeBIT 2012 technology trade fair. (Sean Gallup/Getty Images) A pair of related ...
Copy Link: https://www.scmagazine.com/home/security-news/phishing/bazarbackdoor-phishing-campaign-eschews-links-and-files-to-avoid-raising-red-flags/   
Published: 2021 05 05 21:37:01
Received: 2021 05 06 16:49:16
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Chart a course to the passwordless future on World Password Day - published about 3 years ago.
Content: Today’s columnist, Jasson Casey of Beyond Identity, offers a path for security teams to move off shared secrets and embrace a passwordless world. WorldsDirection CreativeCommons CCO 1.0 It’s World Password Day, do the company’s users still rely on passwords? Has the security team replaced them? Passwords are no longer considered a secure way to log in, s...
Copy Link: https://www.scmagazine.com/perspectives/chart-a-course-to-the-passwordless-future-on-world-password-day/   
Published: 2021 05 06 10:00:00
Received: 2021 05 06 16:49:16
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security

Article: Listen: CEO of Novel Security, Lee Parrish, on why compliance is not security - published about 3 years ago.
Content: In an article for CISO Compass, CEO and CISO, Lee Parrish, deftly uses a colonoscopy metaphor to illustrate the difference between security and compliance. This isn’t his first foray into thinking outside the box to explain cybersecurity. Parrish has published numerous articles and even written a children’s book on security, entitled, “Cyber Sam, Th...
Copy Link: https://www.scmagazine.com/home/from-the-collaborative/listen-ceo-of-novel-security-lee-parrish-on-why-compliance-is-not-security/   
Published: 2021 05 06 16:25:05
Received: 2021 05 06 16:49:16
Feed: SC Magazine
Source: SC Media
Category: News
Topic: Cyber Security