Category Archives: Featured
SonicWall network attacked via zero days in its VPN and secure access solutions
Cybersecurity firm SonicWall disclosed Friday night that hackers attacked the company’s internal networks by first exploiting zero-day vulnerabilities in its very own secure remote access products. SC Media received an anonymous tip Friday that SonicWall had suffered an attack, but did not get confirmation ahead of the disclosure by the company. SonicWall, whose product line…
The post SonicWall network attacked via zero days in its VPN and secure access solutions appeared first on SC Media.
Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs
Joe Slowik, senior security researcher at DomainTools, spoke to SC Media about how the SolarWind attackers remained undetected for so long, and how domain data could be used to weaponize network observables against sophisticated attackers.
The post Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs appeared first on SC Media.
Hackers hijacked cloud accounts of high-tech and aviation firms, hid in systems for years
The effectiveness of this operation serves as a reminder of the risks of openly sharing and storing plain-text network credentials or sensitive network access instructions on internet-accessible apps or servers.
The post Hackers hijacked cloud accounts of high-tech and aviation firms, hid in systems for years appeared first on SC Media.
Look for GDPR fines to increase, extend beyond breaches
So far, U.S. companies have felt the brunt of regulators’ displeasure. The highest GDPR fine so far – $57 million – was imposed on Google by French regulators, though Marriott may have to pony up $123 million.
The post Look for GDPR fines to increase, extend beyond breaches appeared first on SC Media.
Last-minute Trump order adds new security regulation to cloud providers
An eleventh-hour executive order will require infrastructure-as-a-service providers to log the identity of foreign clients. The executive order will stand, unless specifically repealed by new President Joe Biden.
The post Last-minute Trump order adds new security regulation to cloud providers appeared first on SC Media.
With all eyes on the inauguration, lessons in the convergence of physical and digital security emerge
Washington, D.C. is on high alert, extending a special designation for security that always applies to inaugurations to Jan. 21, and calling in the National Guard. But in the wake of the attack on the Capitol, protection of digital assets is paramount.
The post With all eyes on the inauguration, lessons in the convergence of physical and digital security emerge appeared first on SC Media.
SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach
Tactics expose the need for organizations to develop cohesive playbooks for breaches affecting hybrid environments.
The post SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach appeared first on SC Media.
Free cyber career training coursework emerges as a perk in tough times
New complimentary offerings are helping current, aspiring and unemployed infosec professionals gain an upper hand in a down economy, while aiding an industry facing a growing skills gap.
The post Free cyber career training coursework emerges as a perk in tough times appeared first on SC Media.
Intel unveils ransomware-fighting CPUs
The capability is an easy win for CISOs, which can benefit with limited tweaks to machines.
The post Intel unveils ransomware-fighting CPUs appeared first on SC Media.