Yearly Archives: 2021
CISO lends voice to MSPs and their small-biz clients in ransomware battle
Ryan Weeks is CISO at Datto, a founding member of the Institute for Security and Technology’s new anti-ransomware initiative. He spoke to SC Media about the segment of the business community that he believes to be underserved by efforts to counter ransomware.
The post CISO lends voice to MSPs and their small-biz clients in ransomware battle appeared first on SC Media.
With all eyes on the inauguration, lessons in the convergence of physical and digital security emerge
Washington, D.C. is on high alert, extending a special designation for security that always applies to inaugurations to Jan. 21, and calling in the National Guard. But in the wake of the attack on the Capitol, protection of digital assets is paramount.
The post With all eyes on the inauguration, lessons in the convergence of physical and digital security emerge appeared first on SC Media.
SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach
Tactics expose the need for organizations to develop cohesive playbooks for breaches affecting hybrid environments.
The post SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach appeared first on SC Media.
Fourth SolarWinds malware strain shows diversity of tactics, need to focus on detection, response
Researchers have found a fourth strain of malware – Raindrop – that was used in the SolarWinds supply chain attack, a loader similar to the Teardrop tool. But while Teardrop was delivered by the original Sunburst backdoor in early July 2020, Raindrop was used just under two weeks later for spreading laterally across the victim’s…
The post Fourth SolarWinds malware strain shows diversity of tactics, need to focus on detection, response appeared first on SC Media.
7 vulnerabilities in popular DNS forwarding software open door to range of attacks
Researchers at JSOF have discovered distinct spoofing and buffer overflow vulnerabilities associated with DNSMasq, used in networking devices to cache and forward Domain Name System requests.
The post 7 vulnerabilities in popular DNS forwarding software open door to range of attacks appeared first on SC Media.
Free cyber career training coursework emerges as a perk in tough times
New complimentary offerings are helping current, aspiring and unemployed infosec professionals gain an upper hand in a down economy, while aiding an industry facing a growing skills gap.
The post Free cyber career training coursework emerges as a perk in tough times appeared first on SC Media.
FIN11 e-crime group shifted to CL0P ransomware and big game hunting
FIN11 has increasingly factored CL0P ransomware into its operations, and its clear they also put a substantial amount of effort into each follow-up compromise.
The post FIN11 e-crime group shifted to CL0P ransomware and big game hunting appeared first on SC Media.
Biden to invest in cyber workforce, but without plan to overcome lingering staffing hurdles
President-elect Joe Biden announced funding to modernize secure IT and lure cyber talent to the public sector as part of his plan to stimulate the economy and rebuild in the wake of the pandemic. But cybersecurity experts remain skeptical that the newfound funding focus on cybersecurity will be enough to draw the necessary talent. Noting…
The post Biden to invest in cyber workforce, but without plan to overcome lingering staffing hurdles appeared first on SC Media.
NSA urges use of enterprise resolvers to protect DNS traffic on corporate networks
NSA advises security pros to use designated enterprise DNS resolvers to lock down DoH on corporate networks.
The post NSA urges use of enterprise resolvers to protect DNS traffic on corporate networks appeared first on SC Media.