Three UK telco bug has customers receiving and making random calls

Customers of the Three UK telco company are panicking as they receive a series of random phone calls due to an ongoing issue. Likewise, outbound calls from customers are being routed to random strangers. Three is the fourth-largest British telecom giant and Internet Service Provider (ISP) with 13.3 million subscribers as of 2020. Three telecom … Continue reading Three UK telco bug has customers receiving and making random calls

Accidental Insider Leaks Prove Major Source of Risk

Accidental Insider Leaks Prove Major Source of Risk Research reports highlight growing concerns around insider negligence that leads to data breaches. While malicious insiders often make headlines, most enterprise data leaks are accidental — caused by end users who fail to follow corporate security policy or try to work around it. The "2020 Cost of … Continue reading Accidental Insider Leaks Prove Major Source of Risk

Kconfig-Hardened-Check – A Tool For Checking The Hardening Options In The Linux Kernel Config

Motivation There are plenty of Linux kernel hardening config options. A lot of them are not enabled by the major distros. We have to enable these options ourselves to make our systems more secure. But nobody likes checking configs manually. So let the computers do their job! kconfig-hardened-check.py helps me to check the Linux kernel … Continue reading Kconfig-Hardened-Check – A Tool For Checking The Hardening Options In The Linux Kernel Config

Cisco Secure: Supporting NIST Cybersecurity Framework

Extending the alignment to include more Cisco products Why should you care? With so many security frameworks, it can be difficult to know where to start from. While many organizations are challenged with managing and improving their cybersecurity programs against the dynamic threat landscape, it’s not easy to pick one framework over another. So where … Continue reading Cisco Secure: Supporting NIST Cybersecurity Framework

[eBook] 7 Signs You Might Need a New Detection and Response Tool

It's natural to get complacent with the status quo when things seem to be working. The familiar is comfortable, and even if something better comes along, it brings with it many unknowns. In cybersecurity, this tendency is countered by the fast pace of innovation and how quickly technology becomes obsolete, often overnight. This combination usually … Continue reading [eBook] 7 Signs You Might Need a New Detection and Response Tool

Announcing SecureX Academy

SecureX has changed the way our customers do the work of securing their environments. We have been able to bring together the Cisco Secure portfolio, 3rd party tools and data sources, and a robust platform architecture into which these technologies can be plugged, in a way that saves organizations time and money and increases their … Continue reading Announcing SecureX Academy

Manage the Cloud Permissions Gap to Achieve Zero Trust

The Cloud Permissions Gap exposes organizations to highly exploitable risk combined with the inability to implement and manage Zero Trust policies. By Raj Mallempati, CloudKnox Security COO In 2020, when organizations were prioritizing digital transformation so they could pivot to remote work on an unprecedented scale, Gartner added a new category to its 2020 Hype … Continue reading Manage the Cloud Permissions Gap to Achieve Zero Trust

First American Financial Pays Farcical $500K Fine

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. [NYSE:FAF] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. This week, the U.S. Securities and Exchange Commission settled its investigation into the … Continue reading First American Financial Pays Farcical $500K Fine

Insider Versus Outsider: Navigating Top Data Loss Threats

It’s no surprise that cloud adoption has increased considerably in the last year, as organizations sought to adapt to the rapid transition to remote work amid the pandemic. However, what’s shocking is that despite the many advantages cloud and software-as-a-service (SaaS) applications provide organizations, they frequently fall short when it comes to averting data loss. … Continue reading Insider Versus Outsider: Navigating Top Data Loss Threats

Attackers Find New Way to Exploit Google Docs for Phishing

Attackers Find New Way to Exploit Google Docs for Phishing Tactic continues recent trend by attackers to use trusted cloud services to send and host malicious content. Researchers spotted what they describe as a new method that attackers appear to be using to lure victims to malicious phishing websites via Google Docs. The attack chain … Continue reading Attackers Find New Way to Exploit Google Docs for Phishing