University of Salford secures its network and devices with Tanium and its strategic partners
University of Salford gains complete visibility and a single source of the truth with Tanium, Microsoft Sentinel and ServiceNow.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
CISA Discovers Spear Phishing and Valid Account Compromise Are the Most Common Attack Vectors
The US Cybersecurity and Infrastructure Security Agency (CISA) has found that compromise of valid accounts and spear phishing attacks were the two most common vectors of initial access in 2022, Decipher reports. Valid accounts were compromised in 54% of successful attacks. “Valid accounts can be former employee accounts that have not been removed from the active directory or default administrator accounts,” CISA said.
Amazon Sends Email to Customers on Common Scam Tactics
We've reported on several Amazon scams, but for once, there is positive news. Amazon sent an email Thursday morning highlighting the top scams your users should watch out for: Prime Membership Scams Per Amazon, "These are unexpected calls/texts/emails that refer to a costly membership fee or an issue with your membership and ask you to confirm or cancel the charge.
Government Programs Exposed to Data Loss Because of Maximus Federal Services Breach
Maximus Federal Services is a significant government contractor that helps administrate many different US government programs. The company manages programs like local healthcare, student loan servicing, and many federal services. With more than 34,300 people employed by the company and a revenue that reaches more than $4.25 billion annually, the company manages a vast store of data that includes personal and health-related data for millions of Americans.
July Release Rollup: AI Document Summarization, Smart Cache and More
This month's release rollup includes Egnyte's AI-driven document summarization, project dashboard for Android, and Smart Cache file download improvements. Below is an overview of these and other new releases. Visit the linked articles for more details.
The SEC's new cybersecurity disclosure rules - are you ready?
The U.S. Securities and Exchange Commission (SEC) announced new regulations for public companies requiring them to disclose a “material cybersecurity incident” via formal report due four business days after a company determines that a cybersecurity incident is material. This is creating a lot of buzz, with companies worried if they will be prepared.
The 443 Podcast - Episode 252 - Qakbot Qacktivity
This week on the podcast, we cover the latest evolutions of the decade-old Qakbot malware including changes in how attackers deliver it. After that, we give an update on the SEC's new rules around mandatory security disclosure. We then end by reviewing CISA's analysis of Risk and Vulnerability Assessments they completed for their constituents in 2022.
Getting Started with Persistent Volumes
This is the first of our series on Velero – the open source Kubernetes backup and recovery tool. While it’s powerful and flexible, the initial setup can be daunting to a beginner. Persistent Volumes also require CSI configuration, which varies from provider to provider. In this webinar, we will present all the information you need to get started with Velero. We will walk through the following configuration accompanied by a live demonstration.
Automating least privilege access in the cloud
In today's digital landscape, where data breaches and security threats are a constant concern, ensuring least privilege access is of utmost importance for companies operating in the cloud. Granting the principle of least privilege to employees helps minimize the risk of unauthorized access, accidental misuse, and insider threats. However, achieving and maintaining least privilege access can be challenging, often resulting in manual processes, delays, and potential security gaps.
Securing Voice Authentication in the Deepfake Era
Voice authentication is a biometric security method that verifies individuals based on their unique vocal characteristics. It has become increasingly popular in various applications, ranging from phone banking to smart home devices. However, the rise of deepfake technology poses a significant threat to the integrity of voice authentication systems. Deepfakes are highly realistic artificial audio clips that can be used to impersonate someone else’s voice.