Security News

Moldova's "Court of Accounts" has suffered a cyberattack leading to the agency's public databases and audits being destroyed. Court of Accounts of Moldova is a government authority that performs audits of public financial resources and government agencies to comply with international standards.

The US Cybersecurity and Infrastructure Security Agency has released the Ransomware Readiness Assessment, a new module for its Cyber Security Evaluation Tool. RRA is a security audit self-assessment tool for organizations that want to understand better how well they are equipped to defend against and recover from ransomware attacks targeting their information technology, operational technology, or industrial control system assets.

Really interesting two part analysis of the audit conducted after the 2020 election in Windham, New Hampshire. Based on preliminary reports published by the team of experts that New Hampshire...

In early March, a Boston-based vote-counting firm called Clear Ballot Group sent a bid to Arizona's state Senate to audit the 2020 presidential election results in Maricopa County. Instead, the state Senate hired a small Florida-based cybersecurity firm known as Cyber Ninjas that had not placed a formal bid for the contract and had no experience with election audits.

How far the company, Colonial Pipeline, went to address the vulnerabilities isn't clear. Colonial said it initiated the restart of pipeline operations on Wednesday afternoon and that it would take several days for supply delivery to return to normal.

Adlumin announced that its platform will now integrate directly with Google Workspace, giving customers the ability to ingest crucial audit logs from their Google Workspace domains. Google Workspace is a suite of secure, cloud-native collaboration and productivity apps powered by Google AI and has become a viable competitor to Office365.

With the announcement today, Sysdig launched the first runtime security detection and response solution for AWS Fargate that provides detailed audit logs to respond to incidents. Sysdig's runtime detection for AWS Fargate is based on open source Falco, the runtime security tool created by Sysdig and contributed to the Cloud Native Computing Foundation.

85% of companies completed their audits as planned or with an extension, and 60% had no change to audit timing. Organizations conduct multiple audits as disjointed, redundant projects.

Docker Bench for Security is a simple way of checking for common best practices around your Docker deployments in production. One such tool is a pre-built container, called Docker Bench for Security-it does a great job of auditing your container host and the currently running deployments.

The open-source SecureDrop Workstation has undergone a security makeover after a third-party security audit flagged multiple problems, including a high-risk bug that could allow an attacker to plant files on target machines. The SecureDrop Workstation audit, conducted by Trail of Bits and financed by the New York Times, warned that the high-risk directory traversal bug could be leveraged for code execution attacks.