Written by Tim Starks
Written by Tim Starks
Google announces upgrades to Google Meet, Amazon is bringing its palm scanner to Whole Foods and Microsoft looks at the effect of video calls on our brains. This is your Daily Crunch for April 21, 2021.
cwick (Chadwick Matlin, deputy editor): Well, a few days and several tons of schadenfreude later, the European Super League is officially dead. If it ever really lived. I’ve asked three of our finest soccer thinkers to join me to discuss what went wrong, and what it tells us about the state of global soccer. Ryan, Grace, Tony, you’re the only ones I want to form a breakaway league with. Tell me what was going through your mind when you first heard the full details of the Super League. (The main highlight for readers: 15 charter teams that would never be relegated from the league and five more that would get in based on performance.)
April 21, 2021 |
2 minute read
Three zero-day vulnerabilities helped an attacker install a backdoor, access files and emails, and move laterally into a target network.
Written by Shannon Vavra
Students and staff at Stanford University, the University of California, the University of Colorado, and other institutions were warned to be on alert after a widespread security breach compromised personal data files during a nationwide cyberattack on the schools’ computer systems.
Amazon Web Services (AWS) has released a new whitepaper, Classic intrusion analysis frameworks for AWS environments, to help organizations plan and implement a classic intrusion analysis framework for AWS environments. This whitepaper provides context that will help you understand how such frameworks are used and shows you, in detail, how to mitigate advanced attack tactics and techniques by using the AWS Cloud platform. The appendix in this paper contains a detailed example of how AWS services, features, functionality, and AWS Partner offerings can be used together to safeguard your organization’s data and cloud infrastructure by using a classic intrusion analysis framework. This will save you time and effort by providing you with a comprehensive AWS security control mapping to each phase of advanced attacks.
Written by Steve Caimi
Pulse Secure has alerted customers to the existence of an exploitable chain of attack against its Pulse Connect Secure (PCS) appliances. PCS provides Virtual Private Network (VPN) facilities to businesses, which use them to prevent unauthorized access to their networks and services.
One of the most pressing challenges government entities and the public sector face is how to maintain existing and outdated IT systems without the budgetary, labor or infrastructure resources required to upgrade them. Hiring freezes, layoffs, talent loss and shortages, as well as up-skilling and infrastructure modernization initiatives are made even more complicated due to the ongoing impacts of COVID-19 and remote work.
A worker wearing a protective face mask talks on a mobile phone as he waits for customers in the gold market in Gaza City, Gaza, on Tuesday, Jan. 19, 2020. Image: Ahmad Salem/Bloomberg via Getty Image
Image: JACK GUEZ/AFP via Getty Images)
Hacking. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reporting on the dark underbelly of the internet.
Google has released Chrome 90.0.4430.85 to address an actively exploited zero-day and four other high severity security vulnerabilities impacting today’s most popular web browser.
Hopefully, you won’t ever have to hire a lawyer to defend yourself against a government regulator. So what happens when the Federal Trade Commission or other powerful body baselessly accuses your company of wrongdoing where a data breach is concerned?
For a few hours this past weekend, it seemed like the Utah Jazz’s chances of winning the NBA title (which FiveThirtyEight’s RAPTOR-based predictions model pegs at 15 percent) might have evaporated. Donovan Mitchell’s ankle injury looked plenty scary in the moment, but an MRI revealed no structural damage, and Mitchell is merely expected to miss “several games,” according to ESPN’s Adrian Wojnarowski, as opposed to the rest of the season.
For the third year in a row, Microsoft successfully demonstrated industry-leading defense capabilities in the independent MITRE Engenuity ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Evaluations.