Security News

Vietnam's Ministry of Information and Communications has admitted the nation has a vast shortfall of infosec pros. Hải Anh, deputy head of Vietnam's Information Security Authority, an agency of the ministry, said data trading activities were typically conducted within closed social media groups.

Microsoft has explained why it seemingly took its time to fix a flaw reported to it by infosec intelligence vendor Tenable. On July 10, Tenable again contacted Microsoft to reports its findings on what it regarded as a dangerously incomplete fix.

Fidelis Cybersecurity released the new Fidelis Active Directory Intercept, a capability that combines network detection and response, deception technology, and Active Directory security, as part of their Fidelis Network and Deception 9.6.1 product release. Tenable Cloud Security agentless container scanning enables security teams to prioritize and prevent container OS vulnerabilities and other risks in multi-cloud environments using a single user interface.

Sachkov faces 14-year stretch after 'unreasonably rushed trial' A Russian court has sentenced Ilya Sachkov, the founder of security research house Group-IB, to 14 years in a maximum-security...

A criminal crew with a history of deploying malware to harvest credentials from Amazon Web Services accounts may expand its attention to organizations using Microsoft Azure and Google Cloud Platform. The crooks used to target primarily AWS users, and now seem to be looking for ways into Azure and Google Cloud accounts.

Zilla Security introduces new suite of identity security SaaS solutions. Zilla Security announced Zilla Secure and Segregation of Duties, two SaaS solutions that enable enterprise-wide identity security for cloud-based applications and infrastructure, SaaS, and legacy applications.

In late September 2021, staff at Taiwanese threat intelligence company TeamT5 noticed something very nasty: a fake news report accusing it of conducting phishing attacks against Japan's government and local tech companies. "We can't keep off the internet, even when on holiday. The attackers weren't counting on that," threat intelligence analyst Che-Cheng Chang told The Reg when we dropped in to TeamT5's Taipei offices last week during the Computex conference.

Veza has unveiled Veza for SaaS Apps, a solution to deliver access security and governance across SaaS applications, including Salesforce, JIRA, Coupa, Netsuite, GitHub, Gitlab, Slack, and Bitbucket. The solution allows customers to automate access reviews, find and fix privilege access violations, trim privilege sprawl, and prevent SaaS misconfigurations.

Abnormal Security expands its platform and launches new products. Abnormal Security launched three new products focused on expanding security detection for Slack, Microsoft Teams and Zoom.

In the complex and fast-moving world of cybersecurity-meets-regulations, working with third parties requires diligent third-party risk management oversight to monitor data management and processes. Improving InfoSec risk management can provide insights into how data is handled, the security safeguards in place to protect that data, potential security weaknesses, and better adherence to the multitude of data, security, and privacy regulations.