Security

The US Managed Service Provider CompuCom Confirms Ongoing Outage Following Malware Incident | IT Security News Sponsors Endpoint Cybersecurity www.endpoint-cybersecurity.com – Consulting in building your security products– Employee awareness training– Security tests for applications and pentesting… and more. Daily Summary Patreon Categories CategoriesSelect Category(ISC)2 Blog  (323)(ISC)2 Blog infosec  (13)(ISC)² Blog  (320)2020-12-08 – Files for an ISC diary (recent…

3rd Party Risk Management , Breach Notification , Critical Infrastructure Security Microsoft, FireEye Find Additional Payloads Used During Supply Chain Attack Scott Ferguson (Ferguson_Writes) • March 4, 2021     Researchers with Microsoft and FireEye are disclosing additional malware used by the hacking group that targeted SolarWinds in December 2020, according to a pair of…

3rd Party Risk Management , Breach Notification , Critical Infrastructure Security Microsoft, FireEye Find Additional Payloads Used During Supply Chain Attack Scott Ferguson (Ferguson_Writes) • March 4, 2021     Researchers with Microsoft and FireEye are disclosing additional malware used by the hacking group that targeted SolarWinds in December 2020, according to a pair of…

SUNNYVALE, Calif.–(BUSINESS WIRE)–Cloud Data Lifecycle Security startup Dasera announced today that it has been named a winner of the Globee Awards 17th Annual Cyber Security Global Excellence Awards® for demonstrating extraordinary innovation and leadership in information security. Accolades include a Gold Award for Structured Data Security and a Silver Award for Startup of the Year….

China-based government hackers have exploited a bug in Microsoft’s email server software to target U.S. organizations, the company said Tuesday. Microsoft said that a “highly skilled and sophisticated” state-sponsored group operating from China has been trying to steal information from a number of American targets, including universities, defence contractors, law firms and infectious-disease researchers. Microsoft…

Microsoft has warned its customers against a new sophisticated nation-state cyber attack that has its origin in China and is primarily targeting on-premises ‘Exchange Server’ software of the tech giant. Called “Hafnium,” it operates from China and is attacking infectious disease researchers, law firms, higher education institutions, defence contractors, policy…

FOSTER CITY, Calif., March 3, 2021 /PRNewswire/ — Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based IT, security, and compliance solutions, today issued an update on the security incident regarding the Accellion FTA file transfer solution. Qualys received new information about a previously identified zero-day exploit in a third-party solution, Accellion FTA that Qualys deployed to…

Identity & Access Management , Privileged Access Management , Security Operations In Other M&A Activity, TPG Capital to Acquire Thycotic; KnowBe4 Buys MediaPRO Doug Olenick (DougOlenick) • March 4, 2021     The security firm Okta shook up the identity and access management market Wednesday by announcing a $6.5 billion deal to acquire the customer…

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has posted a new emergency directive calling on federal agencies to immediately patch or disconnect Microsoft Exchange servers. The alert follows a recent warning from Microsoft about major zero-day attacks on email servers, according to a recent posting by the tech giant. The zero-day…

Zero-day vulnerabilities in Microsoft Exchange Server | IT Security News 4. March 2021 The four vulnerabilities inside Microsoft Exchange Server allow an attacker to compromise a vulnerable server. As a result, an attacker will gain access to all registered email accounts, or be able to execute arbitrary code (remote code execution or RCE) within the…