Akamai outage was caused by an issue with its Prolexic DDoS protection service

An outage suffered by CDN, cybersecurity and cloud services provider Akamai was caused by an issue with its Prolexic DDoS attack protection service. CDN, cybersecurity and cloud services provider Akamai revealed that the recent outage suffered by the company was caused by a problem with its Prolexic DDoS attack protection service. The Prolexic Routed DDoS … Continue reading Akamai outage was caused by an issue with its Prolexic DDoS protection service

US supermarket chain Wegmans notifies customers of data breach

Wegmans Food Markets notified customers that some of their information was exposed after the company became aware that two of its databases were publicly accessible on the Internet because of a configuration issue. Wegmans is a 106-store major regional supermarket chain with stores in the mid-Atlantic and Northeastern regions (i.e., New York, Pennsylvania, New Jersey, … Continue reading US supermarket chain Wegmans notifies customers of data breach

Manage the Cloud Permissions Gap to Achieve Zero Trust

The Cloud Permissions Gap exposes organizations to highly exploitable risk combined with the inability to implement and manage Zero Trust policies. By Raj Mallempati, CloudKnox Security COO In 2020, when organizations were prioritizing digital transformation so they could pivot to remote work on an unprecedented scale, Gartner added a new category to its 2020 Hype … Continue reading Manage the Cloud Permissions Gap to Achieve Zero Trust

Insider Versus Outsider: Navigating Top Data Loss Threats

It’s no surprise that cloud adoption has increased considerably in the last year, as organizations sought to adapt to the rapid transition to remote work amid the pandemic. However, what’s shocking is that despite the many advantages cloud and software-as-a-service (SaaS) applications provide organizations, they frequently fall short when it comes to averting data loss. … Continue reading Insider Versus Outsider: Navigating Top Data Loss Threats

Attackers Find New Way to Exploit Google Docs for Phishing

Attackers Find New Way to Exploit Google Docs for Phishing Tactic continues recent trend by attackers to use trusted cloud services to send and host malicious content. Researchers spotted what they describe as a new method that attackers appear to be using to lure victims to malicious phishing websites via Google Docs. The attack chain … Continue reading Attackers Find New Way to Exploit Google Docs for Phishing

Why XDR is Not Enough

By Guy Rosefelt, Security CMO, Sangfor Technologies What is XDR? One of the latest trends in cybersecurity is Extended Detection and Response, more commonly known as XDR. Although originally defined by Palo Alto Networks as a key capability, other security vendors have released some type of XDR functionality and of course all define and approach … Continue reading Why XDR is Not Enough

‘Oddball’ Malware Blocks Access to Pirated Software

Rather than steal credentials or hold data for ransom, a recent campaign observed by Sophos prevents people from visiting sites that offer illegal downloads. The objective of most malware is some kind of gain — financial or otherwise — for the attackers who use it. However, researchers recently observed a unique malware with a single … Continue reading ‘Oddball’ Malware Blocks Access to Pirated Software

Microsofts new security tool will discover firmware vulnerabilities, and more, in PCs and IoT devices

Devices have multiple OSs and firmware running, and most organisations don't know what they have or if it's secure. Microsoft will use ReFirm to make it easier to find out without being an expert. Image: Microsoft As operating systems become more secure, attackers are increasingly shifting their attention to firmware, which is less visible, more … Continue reading Microsofts new security tool will discover firmware vulnerabilities, and more, in PCs and IoT devices

Deloitte Buys Terbium Labs to Expand Threat Intel Capabilities

Deloitte Buys Terbium Labs to Expand Threat Intel Capabilities Terbium Labs' products and services will become part of Deloitte's Detect & Respond lineup, the company confirms. Deloitte has announced its acquisition of "substantially all of the assets of" digital risk protection firm Terbium Labs, marking its third security deal this year. Terms of the deal … Continue reading Deloitte Buys Terbium Labs to Expand Threat Intel Capabilities

Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments

A Middle Eastern advanced persistent threat (APT) group has resurfaced after a two-month hiatus to target government institutions in the Middle East and global government entities associated with geopolitics in the region in a rash of new campaigns observed earlier this month. Sunnyvale-based enterprise security firm Proofpoint attributed the activity to a politically motivated threat … Continue reading Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments