Bradley Barth

January 29, 2021

As SolarWinds spooks tech firms into rechecking code, some won’t like what they find

If more attacks are uncovered, end-user organizations must apply lessons learned from SolarWinds and take decisive action.

The post As SolarWinds spooks tech firms into rechecking code, some won’t like what they find appeared first on SC Media.

January 27, 2021

Even dead employees pose a security risk when their accounts are still active

Ransomware attackers compromised deceased employee's account to access a domain admin account. The incident is a sad reminder of some cyber hygiene standards too often overlooked.

The post Even dead employees pose a security risk when their accounts are still active appeared first on SC Media.

January 27, 2021

Phishing scheme shows CEOs may be ‘most valuable asset,’ and ‘greatest vulnerability’

Cybercriminals have been using a phishing kit featuring fake Office 365 password alerts as a lure to target the credentials of chief executives, business owners and other high-level corporate leaders – often companies' biggest security liabilities.

The post Phishing scheme shows CEOs may be ‘most valuable asset,’ and ‘greatest vulnerability’ appeared first on SC Media.

January 26, 2021

The cyber ‘journeymen’: Apprentices may be the solution to the skills gap

Aspiring infosec professionals have the opportunity to hone their craft as companies develop talent from within, potentially with government funding, and chip away at the diversity problem.

The post The cyber ‘journeymen’: Apprentices may be the solution to the skills gap appeared first on SC Media.

January 23, 2021

SonicWall network attacked via zero days in its VPN and secure access solutions

Cybersecurity firm SonicWall disclosed Friday night that hackers attacked the company’s internal networks by first exploiting zero-day vulnerabilities in its very own secure remote access products. SC Media received an anonymous tip Friday that SonicWall had suffered an attack, but did not get confirmation ahead of the disclosure by the company. SonicWall, whose product line…

The post SonicWall network attacked via zero days in its VPN and secure access solutions appeared first on SC Media.

January 22, 2021

New cyber council tackles infosec challenges from a tech perspective

Cybercrime is a plague on all industries, but a technology-borne problem at its core. So it makes sense that leading IT experts and infosec solution providers would step up to provide key advice to the tech community on how to protect customers from prevalent cyberthreats. To that end, the nonprofit IT trade association CompTIA this month officially…

The post New cyber council tackles infosec challenges from a tech perspective appeared first on SC Media.

January 22, 2021

Hackers hijacked cloud accounts of high-tech and aviation firms, hid in systems for years

The effectiveness of this operation serves as a reminder of the risks of openly sharing and storing plain-text network credentials or sensitive network access instructions on internet-accessible apps or servers.

The post Hackers hijacked cloud accounts of high-tech and aviation firms, hid in systems for years appeared first on SC Media.

January 20, 2021

CISO lends voice to MSPs and their small-biz clients in ransomware battle

Ryan Weeks is CISO at Datto, a founding member of the Institute for Security and Technology's new anti-ransomware initiative. He spoke to SC Media about the segment of the business community that he believes to be underserved by efforts to counter ransomware.

The post CISO lends voice to MSPs and their small-biz clients in ransomware battle appeared first on SC Media.

January 20, 2021

SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach

Tactics expose the need for organizations to develop cohesive playbooks for breaches affecting hybrid environments.

The post SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach appeared first on SC Media.