Security News

Reporting directly to the Chief Product and Technology Officer, you will oversee all aspects of information security, including cloud security, DevSecOps, security operations, and security strategy. You'll conduct risk analyses, develop policies, and enhance cybersecurity architecture, making information security a measurable, integral part of our clients' organizations.

As the April 15, 2024 tax filing deadline approaches in the US, some old and some new tax-related scams targeting both taxpayers and tax professionals. The IRS has warned tax professionals about a "New client" scam where cybercriminals pose as potential clients via email, seemingly seeking assistance with tax preparation.

With no sign of regulations slowing down, enterprises struggle to keep pace with the rapid changes. According to a recent NTT Data survey of business executives, 3 in 4 organizations can't keep up with data regulations, holding them back from successfully using their data for innovation and digital transformation.

While 70% of organizations feel their current security stacks are effective against image-based and QR code phishing attacks, 76% were still compromised in the last 12 months, according to IRONSCALES and Osterman Research. 76% of organizations were still compromised by image-based and QR code phishing attacks over the past 12 months.

The Biden administration and US lawmakers are turning up the pressure on UnitedHealth group to ease medical providers' pain after the ransomware attack on Change Healthcare, by expediting payments to hospitals, physicians and pharmacists - among other tactics. In a letter addressed to "Health care leaders" on Sunday, the heads of both the US Department of Health and Human Services and the US Department of Labor called on UnitedHealth Group to "Take responsibility to ensure no provider is compromised by their cash flow challenges" following the cyber attack, and expedite funds to all impacted providers.

The Kremlin has accused the United States of meddling in Russia's upcoming presidential election, and even accused Uncle Sam of planning a cyberattack on the country's online voting system. Putin, who controls the SVR and the election process, will undoubtedly win the vote.

Tuta Mail has announced TutaCrypt, a new post-quantum encryption protocol to secure communications from powerful and anticipated decryption attacks. Tuta Mail is an open-source end-to-end encrypted email service with ten million users.

Microsoft announced today that it would end support for Windows 10 21H2 in June when the Enterprise and Education editions reach the end of service. "Customers who contact Microsoft Support after this date will be directed to update their device to the latest version of Windows 10 or upgrade to Windows 11 to remain supported."

Okta denies that its company data was leaked after a threat actor shared files allegedly stolen during an October 2023 cyberattack on a hacker forum. The leaked data includes user IDs, full names, company names, office addresses, phone numbers, email addresses, positions/roles, and other information.

Security researchers have created a knowledge base repository for attack and defense techniques based on improperly setting up Microsoft's Configuration Manager, which could allow an attacker to execute payloads or become a domain controller. At the SO-CON security conference today, SpecterOps researchers Chris Thompson and Duane Michael announced the release of Misconfiguration Manager, a repository with attacks based on faulty MCM configurations that also provides resources for defenders to harden their security stance.