Security News
CloudBees CEO: Software delivery is now 'release orchestration'. Way back in the day, software used to work through its development life cycle via one or other development methodologies and end up on a floppy disk or a CD-ROM. Some software application development teams, often known as "Shops," would use the waterfall model to break down a project into linear phases.
Pegasus spyware-maker NSO Group announced on Sunday it will reorganize, replacing its CEO and letting go of around 100 workers. A statement from NSO Group reportedly said the reorg, which reduces the size of the company by around 15 percent, "Will examine all aspects of its business, including streamlining its operations to ensure NSO remains one of the world's leading hi-tech cyber intelligence companies, focusing on NATO-member countries."
MSSPs must find ways to balance the need to please existing customers, add new ones, and deliver high-margin services against their internal budget constraints and the need to maintain high employee morale. This means providing the right tool sets, driving higher efficiency through training, and scaling services to build revenue and margin.
Onur Aksoy, the CEO of a group of dozens of companies, was indicted for allegedly selling more than $1 billion worth of counterfeit Cisco network equipment to customers worldwide, including health, military, and government organizations. These devices were sold as new and genuine Cisco products through dozens of Amazon and eBay storefronts to customers across the United States and overseas, some ending up on the networks of hospitals, schools, government, and military orgs.
Adversaries, motivated by the success of high-profile software supply chain attacks on companies like SolarWinds and Kaseya, are stepping up attacks against software build and distribution environments. "Digital transformation has made every business a software developer. And as a result, software development environments have become huge target for attackers," said Kevin Bocek, VP of threat intelligence and business development for Venafi.
Arkady Volozh, CEO of Russia's biggest internet company Yandex, has resigned after being added to the European Union's list of individuals sanctioned as part of its response to the illegal invasion of Ukraine. Another issue is that Yandex's complex ownership structure means the EU feels Russia's government can veto the company's activities if they are felt to counter the national interest.
The US and its NATO allies should expect a "Long tail of retaliation," in the form of cyberattacks, for the sanctions imposed on Russia, says cloud security shop ExtraHop's CEO Patrick Dennis. CISA's Shields Up alert about the Russian invasion of Ukraine potentially spilling over into cyber-offensives against the US should have served as a wake-up call to organizations to improve their security posture, Dennis said in an interview with The Register.
The company's researchers noted 623.3 million ransomware attacks globally last year, up 105 per cent on 2020 and more than triple 2019's figure. Cryptojacking in 2021 rose 19 per cent to 97.1 million globally and while malware might have dropped by 4 per cent in 2021, it looked very much like things picked up in the latter part of the year, indicating an upward trend on the cards for 2022.
The Federal Bureau of Investigation warned today that US organizations and individuals are being increasingly targeted in BEC attacks on virtual meeting platforms. In a Public Service Announcement issued today, the FBI said it noticed scammers switching to virtual meeting platforms matching the overall trend of businesses moving to remote work during the pandemic.
Threat analysts have observed a new campaign named 'OiVaVoii', targeting company executives and general managers with malicious OAuth apps and custom phishing lures sent from hijacked Office 365 accounts. OAuth is a standard for token-based authentication and authorization, removing the need to enter account passwords.