MonthApril 2019

Financial Data for Multiple Companies Dumped Online in Failed Extortion Bid

Potential victims reportedly include Oracle, Volkswagen, Airbus and Porsche.

Financial Data for Multiple Companies Dumped Online in Failed Extortion Bid

Potential victims reportedly include Oracle, Volkswagen, Airbus and Porsche.

Database Leaks, Network Traffic Top Data Exfiltration Methods

Intellectual property and personally identifiable information tie for the type of data IT practitioners are worried about losing.

Database Leaks, Network Traffic Top Data Exfiltration Methods

Intellectual property and personally identifiable information tie for the type of data IT practitioners are worried about losing.

Confluence Vulnerability Opens Door to GandCrab

An exploit of the vulnerability offers attackers a ransomware surface that doesn't need email.

California Consumer Privacy Act: 4 Compliance Best Practices

Companies that get ahead of the January 2020 data privacy deadline can minimize the risk of sanctions and also gain a competitive advantage in the marketplace.

Microsoft 365 Updated with New Compliance, Encryption, Privacy Controls

New tools, such as Compliance Manager and Advanced Message Encryption, aim to give businesses more options for data privacy.

Researchers Explore Remote Code Injection in macOS

Deep Instinct analysts test three code injection methods and a custom-built Mach-O loader to load malicious files from memory.

Microsoft tells IT admins to nix ‘obsolete’ password reset practice

Microsoft last week recommended that organizations no longer force employees to come up with new passwords every 60 days.

The company called the practice - once a cornerstone of enterprise identity management - "ancient and obsolete" as it told IT administrators that other approaches are much more effective in keeping users safe.

"Periodic password expiration is an ancient and obsolete mitigation of very low value, and we don't believe it's worthwhile for our baseline to enforce any specific value," Aaron Margosis, a principal consultant for Microsoft, wrote in a post to a company blog.

To read this article in full, please click here

Black Hat USA Offers an Inside Look at Intel’s Security Engine

Come to the August event and learn how Intel's Converged Security and Manageability Engine has been fine-tuned to guard against low-level firmware attacks.