Category: Fity Feeds

We’d planned a splashy party at Microsoft Inspire to announce our newest Microsoft Intelligent Security Association (MISA) members and introduce them to association members, but given our world today, I am instead picturing you reading this announcement curled up in a chair with a cup of coffee. Almost as satisfying, right?

Written by Shannon Vavra
Jul 14, 2020 | CYBERSCOOP

Written by Sean Lyngaas
Jul 14, 2020 | CYBERSCOOP

Jyoti Bansal was part of the AppDynamics founding team, a company that Cisco bought in 2017 for $3.7 billion. He might have been content to rest on that big win, but instead he went on to launch Harness and a venture capital arm, Unusual Ventures. Today, he announced his newest company called Traceable, which attacks security at the code level.

July 14, 2020 • Insikt Group®

Editor’s Note: The following post is an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.

Shortly after Trump was finally seen in public wearing a mask, the White House has begun provided a new document to media outlets listing all the times that Dr. Fauci has been wrong. From ABC News:

Jeffrey Epstein’s long-time friend and the person who allegedly groomed and enticed young girls for him used a surprising way to try to avoid authorities: she wrapped her cellphone in tinfoil, according to court documents.

Pivotal Group and Trumpf Ventures lead significant investment in AI cybersecurity prediction platform

Remote workers are set up, but endpoint management is still an issue

Setting up a remote workforce during the COVID-19 pandemic presented a huge challenge, especially trying to get so much done in such a short time frame. While getting extra Zoom licenses was likely pretty easy, there are more challenging issues surrounding remote sharing of documents, endpoint updates, setting up and/or adding more VPN licenses, opening up access to previously restricted vectors, and probably most challenging, answering questions for all of your end users that suddenly blew up the help desk! However, there still may be some core challenges that need to be resolved in ensuring that all machines are updated and in the desired state of configuration.

Written by Camille Stewart and Lauren Zabierek
Jul 14, 2020 | CYBERSCOOP

Google Cloud today announced the private beta launch of Assured Workloads for Government, the company’s version of what some of its competitors would call their “government cloud.”

Introduction

Brazil is a well-known country with plenty of banking trojans developed by local crooks. The Brazilian criminal underground is home to some of the world’s busiest and most creative perpetrators of cybercrime. Like their counterparts’ in China and Russia, their cyberattacks have a strong local flavor, and for a long time, they limited their attacks to the customers of local banks. But the time has come when they aggressively expand their attacks and operations abroad, targeting other countries and banks. The Tetrade is our designation for four large banking trojan families created, developed and spread by Brazilian crooks, but now on a global level.

raised the risk of ‘the big one’ hitting Southern California

Guest post by Richard Hahn, Consulting Manager, Sungard Availability Services

Orbital Witness, a U.K.-based legaltech startup developing “AI-powered” software to transform the £4 billion U.K. property due diligence market, has raised £3.3 million in seed funding.

SAP has patched a critical vulnerability impacting the LM Configuration Wizard component in NetWeaver Application Server (AS) Java platform, allowing an unauthenticated attacker to take control of SAP applications.
The bug, dubbed RECON and tracked as CVE-2020-6287, is rated with a maximum CVSS score of 10 out of 10, potentially affecting over 40,000 SAP customers, according to cybersecurity firm Onapsis, which uncovered the flaw.

Data Viper, a security startup that provides access to some 15 billion usernames, passwords and other information exposed in more than 8,000 website breaches, has itself been hacked and its user database posted online. The hackers also claim they are selling on the dark web roughly 2 billion records Data Viper collated from numerous breaches and data leaks, including data from several companies that likely either do not know they have been hacked or have not yet publicly disclosed an intrusion.

The EU’s General Data Privacy Regulation (GDPR) and the California Consumer Privacy Act (CCPA) have greatly expanded consumers’ control over their personal data that is collected by businesses.  As a result, organizations are now required to implement processes for managing subject rights requests (SRRs)/data subject access requests (DSARs) under the new regulations.

While the cloud has been around for a while, countless organizations are still making the transition for digital transformation and attempting to replicate security controls they’ve developed internally within a new architecture. Though cloud providers certainly do a lot to provide strong security measures, many security controls are still up to the user to implement, and as organizations migrate, they tend to pile up a lot of new security debt and potentially introduce critical flaws and vulnerabilities into their environments.