Microsoft Concludes Internal Investigation into Solorigate Breach

The software giant found no evidence that attackers gained extensive access to services or customer data. Microsoft, which calls the SolarWinds supply chain attack a "moment of reckoning," declared on Thursday it had completed an internal investigation of its own compromised network. It advises companies to strengthen security by adopting a zero trust mindset and … Continue reading Microsoft Concludes Internal Investigation into Solorigate Breach

Data Risk, Intelligence and Insider Threats

When it comes to securing networks in today’s business environment, the single biggest challenge firms must contend with is that of the insider threat. While the term is typically associated with corporate espionage or perhaps disgruntled workers, this threat is mostly not caused by malicious actors. The insider threat simply refers to the damage caused … Continue reading Data Risk, Intelligence and Insider Threats

Hackers Exploit IT Monitoring Tool Centreon to Target Several French Entities

Russia-linked state-sponsored threat actor known as Sandworm has been linked to a three-year-long stealthy operation to hack targets by exploiting an IT monitoring tool called Centreon. The intrusion campaign — which breached "several French entities" — is said to have started in late 2017 and lasted until 2020, with the attacks particularly impacting web-hosting providers, … Continue reading Hackers Exploit IT Monitoring Tool Centreon to Target Several French Entities

North Korean Malicious Cyber Activity: AppleJeus

CISA, the Federal Bureau of Investigation, and the Department of the Treasury have released a Joint Cybersecurity Advisory and seven Malware Analysis Reports (MARs) on the North Korean government’s dissemination of malware that facilitates the theft of cryptocurrency—referred to by the U.S. Government as “AppleJeus.” The U.S. Government refers to malicious cyber activity by the … Continue reading North Korean Malicious Cyber Activity: AppleJeus

How Neurodiversity Can Strengthen Cybersecurity Defense

Team members from different backgrounds, genders, ethnicities, and neurological abilities are best equipped to tackle today's security challenges. The cybersecurity skills shortage and workforce gap continue to be of concern to organizations. As they seek to protect digital assets by finding professionals with the right skills, demand remains higher than supply. With recent surveys suggesting … Continue reading How Neurodiversity Can Strengthen Cybersecurity Defense