Aug 12, 2023THNServer Security / Cyber Threat Multiple security vulnerabilities impacting CyberPower's PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe's iBoot Power Distribution Unit (PDU) could be potentially exploited to gain unauthenticated access to these systems and inflict catastrophic damage in target environments. The nine … [Read more...] about Multiple Flaws in CyberPower and Dataprobe Products Put Data Centers at Risk
risk
Encryption Flaws in Popular Chinese Language App Put Users’ Typed Data at Risk
Aug 10, 2023THNPrivacy / Encryption A widely used Chinese language input app for Windows and Android has been found vulnerable to serious security flaws that could allow a malicious interloper to decipher the text typed by users. The findings from the University of Toronto's Citizen Lab, which carried out an analysis of the encryption mechanism used in Tencent's Sogou Input … [Read more...] about Encryption Flaws in Popular Chinese Language App Put Users’ Typed Data at Risk
High risk but low funding: How UK universities can do cybersecurity on a budget
According to recent research from the Department of Science, Innovation and Technology, over the past year, 85% of UK higher education institutions reported finding a cyber breach. This number is significantly higher compared to UK businesses — of which only 32% reported breaches. Perhaps what’s even more worrying is the frequency of higher ed breaches: half of higher ed … [Read more...] about High risk but low funding: How UK universities can do cybersecurity on a budget
3CX Desktop App Supply Chain Attack Leaves Millions at Risk
Mar 30, 2023Ravie LakshmananSupply Chain / Software Security 3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that's using digitally signed and rigged installers of the popular voice and video conferencing software to target downstream customers. "The … [Read more...] about 3CX Desktop App Supply Chain Attack Leaves Millions at Risk
Mitigate Cyber Risk From Email With the Falcon LogScale and Mimecast Integration
Email is the top initial attack vector, with phishing campaigns responsible for many damaging cyber attacks, including ransomware. Being able to search Mimecast email security logs in CrowdStrike Falcon® LogScale (formerly known as Humio), alongside other log sources such as endpoint, network and authentication data helps cybersecurity teams detect and respond to cyber … [Read more...] about Mitigate Cyber Risk From Email With the Falcon LogScale and Mimecast Integration
Elastic joins AWS Marketplace Vendor Insights to streamline risk assessment and software procurement
Vendor Insights can help you reduce assessment lead time by allowing you to access a vendor’s validated security profile. It can lower the effort of questionnaire population via back-and-forth with vendors from months to hours.Use the Vendor Insights dashboard to reduce assessment timeVendor Insights can ease your procurement process by reducing your assessment time via a … [Read more...] about Elastic joins AWS Marketplace Vendor Insights to streamline risk assessment and software procurement
Secure Email Threat Defense: Providing critical insight into business risk
Attackers specifically craft business email compromise (BEC) and phishing emails using a combination of malicious techniques, expertly selected from an ever-evolving bag of tricks. They’ll use these techniques to impersonate a person or business that’s well-known to the targeted recipient and hide their true intentions, while attempting to avoid detection by security … [Read more...] about Secure Email Threat Defense: Providing critical insight into business risk
U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk
The U.S. Federal Communications Commission (FCC) formally announced it will no longer authorize electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua, deeming them an "unacceptable" national security threat. All these Chinese telecom and video surveillance companies were previously included in the Covered List as of March 12, 2021. "The FCC is committed to … [Read more...] about U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk
Leading financial institutions hedge risk by focusing on these 5 critical SIEM requirements
Digital transformation is expanding the attack surface in financial services. Throughout the pandemic, the accelerated adoption of digital banking, payments, and insurance channels has enabled providers to offer greater levels of service, new financial products, and enhanced journeys to their customers.However, with growing amounts of data and increasingly complex IT … [Read more...] about Leading financial institutions hedge risk by focusing on these 5 critical SIEM requirements
Managing Cybersecurity Risk in M&A
As Technology Audit Director at Cisco, Jacob Bolotin focuses on assessing Cisco’s technology, business, and strategic risk. Providing assurance that residual risk posture falls within business risk tolerance is critical to Cisco’s Audit Committee and executive leadership team, especially during the mergers and acquisitions (M&A) process. Bolotin champions the continued … [Read more...] about Managing Cybersecurity Risk in M&A