Category Archives: Featured

SonicWall network attacked via zero days in its VPN and secure access solutions

Cybersecurity firm SonicWall disclosed Friday night that hackers attacked the company’s internal networks by first exploiting zero-day vulnerabilities in its very own secure remote access products. SC Media received an anonymous tip Friday that SonicWall had suffered an attack, but did not get confirmation ahead of the disclosure by the company. SonicWall, whose product line…

The post SonicWall network attacked via zero days in its VPN and secure access solutions appeared first on SC Media.

Continue reading

Posted in Breach, Cybercrime, Featured, Ransomware, Security News, Vulnerabilities, Vulnerability Management | Comments Off on SonicWall network attacked via zero days in its VPN and secure access solutions

Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs

Joe Slowik, senior security researcher at DomainTools, spoke to SC Media about how the SolarWind attackers remained undetected for so long, and how domain data could be used to weaponize network observables against sophisticated attackers.

The post Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs appeared first on SC Media.

Continue reading

Posted in APT, APTs/cyberespionage, Featured, Network Security, Security News, SolarWinds hack, Threat intelligence | Comments Off on Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs

Hackers hijacked cloud accounts of high-tech and aviation firms, hid in systems for years

The effectiveness of this operation serves as a reminder of the risks of openly sharing and storing plain-text network credentials or sensitive network access instructions on internet-accessible apps or servers.

The post Hackers hijacked cloud accounts of high-tech and aviation firms, hid in systems for years appeared first on SC Media.

Continue reading

Posted in APTs/cyberespionage, Cloud, Cloud Security, Cyberespionage, Featured, Network Security, Security News | Comments Off on Hackers hijacked cloud accounts of high-tech and aviation firms, hid in systems for years

Look for GDPR fines to increase, extend beyond breaches

So far, U.S. companies have felt the brunt of regulators’ displeasure. The highest GDPR fine so far – $57 million – was imposed on Google by French regulators, though Marriott may have to pony up $123 million.

The post Look for GDPR fines to increase, extend beyond breaches appeared first on SC Media.

Continue reading

Posted in Compliance, Data Breach, Featured, Privacy, Privacy & Compliance, Security News | Comments Off on Look for GDPR fines to increase, extend beyond breaches

Last-minute Trump order adds new security regulation to cloud providers

An eleventh-hour executive order will require infrastructure-as-a-service providers to log the identity of foreign clients. The executive order will stand, unless specifically repealed by new President Joe Biden.

The post Last-minute Trump order adds new security regulation to cloud providers appeared first on SC Media.

Continue reading

Posted in Cloud, Cloud Security, Featured, Regulation, Security News | Comments Off on Last-minute Trump order adds new security regulation to cloud providers

With all eyes on the inauguration, lessons in the convergence of physical and digital security emerge

Washington, D.C. is on high alert, extending a special designation for security that always applies to inaugurations to Jan. 21, and calling in the National Guard. But in the wake of the attack on the Capitol, protection of digital assets is paramount.

The post With all eyes on the inauguration, lessons in the convergence of physical and digital security emerge appeared first on SC Media.

Continue reading

Posted in Breach, Data Breach, Featured, Security News, Security strategy, Vulnerability Management | Comments Off on With all eyes on the inauguration, lessons in the convergence of physical and digital security emerge

SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach

Tactics expose the need for organizations to develop cohesive playbooks for breaches affecting hybrid environments.

The post SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach appeared first on SC Media.

Continue reading

Posted in Breach, Cloud, Cloud Security, Data Breach, Featured, Network Security, Security News, SolarWinds hack | Comments Off on SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach

Free cyber career training coursework emerges as a perk in tough times

New complimentary offerings are helping current, aspiring and unemployed infosec professionals gain an upper hand in a down economy, while aiding an industry facing a growing skills gap.

The post Free cyber career training coursework emerges as a perk in tough times appeared first on SC Media.

Continue reading

Posted in Careers, Featured, Network Security, Security News, Training | Comments Off on Free cyber career training coursework emerges as a perk in tough times

Intel unveils ransomware-fighting CPUs

The capability is an easy win for CISOs, which can benefit with limited tweaks to machines.

The post Intel unveils ransomware-fighting CPUs appeared first on SC Media.

Continue reading

Posted in Featured, Ransomware, Security News, Software and solutions | Comments Off on Intel unveils ransomware-fighting CPUs