Security News
Dutch fishing supply specialist Raven Hengelsport left details of around 246,000 customers visible to anyone on a misconfigured Microsoft Azure cloud server for months. "Sadly, actually getting Raven, also known as Raven Fishing, to do anything about the issue proved challenging."We immediately tried to get in touch with Raven once we discovered the open database, but did not receive a response from Raven regarding the breach," SafetyDetectives' researchers noted.
The new version builds on the MITRE ATT&CK framework to reflect the iterative approach of attackers and the likelihood of attacking any point or multiple points of an organization's attack surface. With this new capability, all files hosted within AWS storage will be delivered to the Votiro Secure File Gateway.
A new initiative aims to make it easier to report personal abuse and harassment within the information security industry - without the involvement of social media mobs. Respect in Security, launched today with support from Trend Micro's veep of security research Rik Ferguson, Lisa Forte, a partner at Red Goat Cyber Security and other notable folk from the UK infosec scene, aims to set up a "Vulnerability style" reporting scheme for infosec professionals to flag up harassment and abuse to abusers' employers.
A new initiative aims to make it easier to report personal abuse and harassment within the information security industry - without the involvement of social media mobs. Respect in Security, launched today with support from Trend Micro's veep of security research Rik Ferguson, Lisa Forte, a partner at Red Goat Cyber Security and other notable folk from the UK infosec scene, aims to set up a "Vulnerability style" reporting scheme for infosec professionals to flag up harassment and abuse to abusers' employers.
ThreatQuotient releases ThreatQ Data Exchange to simplify bidirectional sharing of intelligence data. ThreatQ Data Exchange provides the ability to granularly define data collections for sharing, and easily connect and monitor a network of external systems with which to share data.
We stand in front of rooms full of people - or, more recently, sit in front of laptop cameras trying to remember what rooms full of people look like - and say: hey, if you fall for a phishing campaign, or you inadvertently delete a directory, or you lose your laptop, get in touch straight away and we'll help you get it sorted. So how do you do something conversational with a bunch of people whose opinions you respect, while retaining a reasonable chance of not blabbing your woes to the public at large? The simplest to make happen is to seek out your peers by going along to local networking events - and even if there aren't any locally run user groups in your field you can also look to professional bodies such as the BCS,2, ISACA and the like, all of which have regional branches or chapters that can be used as a means of meeting the people you'd like to get to know and share with.
The Cyber Security Agency of Singapore today released data revealing that cybercrime accounted for 43 per cent of all crime in the city-state during 2020. Ransomware attacks rose 154 per cent from 35 cases in 2019 to 89 in 2020, shifting from what CSA called "Indiscriminate, opportunistic attacks" to "Big Game Hunting".
Splunk Security Cloud helps customers secure and manage multi-cloud deployments. Splunk Security Cloud brings together security operations solutions that help customers get maximum value from their data.
Deepwatch MOBILE gives cybersecurity experts real-time visibility into their SOC. deepwatch MOBILE provides customers real-time insight into their Security Operations Center and timely threat intelligence delivered to their mobile phone. ShiftLeft allows users to validate the accuracy of ShiftLeft CORE using OWASP Benchmark.
Expel for Microsoft automates security operations across the Microsoft tech stack. Expel for Microsoft automates security operations across the Microsoft tech stack, including Active Directory, AD Identity Protection, Azure, MCAS, Microsoft Defender for Endpoint, Office 365 and Sentinel.