Security News > 2022 > May

While the professional association confirmed to The Register it was the victim of a "Cybersecurity incident" that occurred on or around April 21, it did not disclose the nature of the attack. The association also notified federal law enforcement and hired third-party security specialists "To investigate the impact on ADA systems and restore full system functionality," the email said.

SASE hit the lexicon after 2019 took hold as enterprises started to see a possible route in the convergence with software-defined WAN and network security functions for threat protection, zero-trust features, firewall-as-a-service and cloud access security broker, all delivered as a cloud service. What the role of SSE is in the larger network security space is and what it means for the future of SASE are the subjects of some debate in the industry.

Microsoft says that its enterprise-grade endpoint security for small to medium-sized businesses is now generally available as a standalone solution.Known as Microsoft Defender for Business, this product is designed for SMBs with up to 300 employees who need protection against malware, phishing, and ransomware attacks on Windows, macOS, iOS, and Android devices.

Phishing actors abuse Google's SMTP relay service to bypass email security products and successfully deliver malicious emails to targeted users. According to a report from email security firm Avanan, there has been a sudden uptick in threat actors abusing Google's SMTP relay service starting in April 2022.

A newly discovered and uncommonly stealthy Advanced Persistent Threat group is breaching corporate networks to steal Exchange emails from employees involved in corporate transactions such as mergers and acquisitions. Mandiant researchers, who discovered the threat actor and now track it as UNC3524, say the group has demonstrated its "Advanced" capabilities as it maintained access to its victims' environments for more than 18 months.

A newly discovered and uncommonly stealthy Advanced Persistent Threat group is breaching corporate networks to steal Exchange emails from employees involved in corporate transactions such as mergers and acquisitions. "Once UNC3524 successfully obtained privileged credentials to the victim's mail environment, they began making Exchange Web Services API requests to either the on-premises Microsoft Exchange or Microsoft 365 Exchange Online environment," Mandiant said.

Dell is partnering with high-profile cloud-based data analytics vendor Snowflake to enable organizations to take the data they're keeping in their data centers in Dell object storage and run it in Snowflake's Data Cloud while keeping the data on premises or copying it to the public cloud, an important capability for companies with data sovereignty or privacy concerns who can't freely move it around. In another move to bridge the gap between data stored in central data center and in public clouds, Dell at the show is demonstrating how its block and file storage platforms can run in public clouds and how companies can buy the software as a managed service via cloud credits.

Work toward an InfoSec certification with this online training bundle We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. Want to break into the InfoSec field? The 2022 Ultimate Information Security Certification Bundle offers a great first step.

Spain's prime minister and defense minister are the latest elected officials to detect Pegasus spyware on their mobile phones, according to multiple media reports quoting Spanish authorities. During a press conference on Monday, Félix Bolaños, the minister for the presidency, told reporters that cellphones of Spanish prime minister Pedro Sánchez and defense minister Margarita Robles were both infected by NSO's notorious surveillance software last year.

Car rental giant Sixt was hit by a weekend cyberattack causing business disruptions at customer care centers and select branches. Sixt is a German-based vehicle rental, car sharing, and ride-hailing service provider operating about two thousand locations in over 105 countries.