Security News > 2022 > April

Cybersecurity service providers must for licenses to operate in Singapore, under new regulations launched by the country's Cyber Security Agency on Monday. Specifically, concerns were raised over whether service providers may aggregate or use anonymised client data for threat intelligence purposes, leading CSA to limit the scope of its license condition.

Remember the good old days, when the only devices a company had to worry about were the PCs on its own network? Today, security teams must yearn for those times as they struggle to protect endpoint devices everywhere. Darktrace is mirroring the approach it takes to security at the core of the network with an endpoint agent that uses machine learning to protect PCs. "The way we operate our businesses has changed so drastically over the last few years," says Justin Fier, the company's Director of Cyber Intelligence & Analytics.

Remember the good old days, when the only devices a company had to worry about were the PCs on its own network? Today, security teams must yearn for those times as they struggle to protect endpoint devices everywhere. Darktrace is mirroring the approach it takes to security at the core of the network with an endpoint agent that uses machine learning to protect PCs. "The way we operate our businesses has changed so drastically over the last few years," says Justin Fier, the company's Director of Cyber Intelligence & Analytics.

UADAI arranges for collection of the biometrics needed to create an Aadhaar - ten fingerprints, two iris scans, and a facial photograph - through enrollment agencies and registrars and provides authentication-as-a-service using Aadhaar numbers. More than a billion Aadhaar IDs have been issued and over 99 per cent of India adults have enrolled in the scheme.

Researchers have disclosed a previously undocumented local file inclusion vulnerability in Hashnode, a developer-oriented blogging platform, that could be abused to access sensitive data such as SSH keys, server's IP address, and other network information. "The LFI originates in a Bulk Markdown Import feature that can be manipulated to provide attackers with unimpeded ability to download local files from Hashnode's server," Akamai researchers said in a report shared with The Hacker News.

In this video for Help Net Security, Chris Westphal, Cybersecurity Evangelist at Ordr, talks about an alert that came out recently from CISA and the Department of Energy, about potential threats to uninterruptible power supply devices that are connected to the internet. UPS devices are used to provide emergency power, they're usually connected to critical infrastructure.

A recent report from NewVantage Partners reveals 91.7% of IT and business executives out of 94 large companies are looking to increase their investments in big data projects in other data and AI initiatives. As more data is produced, enterprises are implementing data democratization strategies to enable their employees to access these datasets quickly and easily.

The CIS Controls are a set of 18 prioritized actions and 153 defensive measures known as Safeguards. The CIS Community Defense Model v2.0 was created to help answer that and other questions about the value of the Controls based on threat data from leading industry reports.

Identity Management Day was created to spread awareness and educate business leaders, IT decision makers, and the general public about the importance of managing and securing digital identities. As the general public takes on a more intricate digital life, the way the security industry approaches protecting its assets is shifting.

Finding out exactly which assets are put at risk through compromised accounts or breached assets requires mapping potential attack paths across a comprehensive map of all the relationships between assets. Today, mapping potential attack paths is performed with scanning tools such as AzureHound or AWSPX. Those are graph-based tools enabling the visualization of assets and resources relationships within the related cloud service provider.