Princess Cruises Confirms Data Breach

The cruise liner, forced to shut down operations due to coronavirus, says the incident may have compromised passengers’ personal data. Carnival-owned Princess Cruises — the cruise line forced to suspend operations after two ships became hot spots for coronavirus — reports that a breach may have compromised passenger data. A notice published on the Princess
Read more
1 Comment

Texas Chose to Fight Ransomware and Not Pay. What …

There’s no justice in the world — at least that’s how it must feel for security admins in small towns, school districts, and other local government bodies. Already strapped for cash and operating on shoestring budgets, these organizations and institutions have become the prime target for ransomware hackers. There is little doubt that ransomware has
Read more
No Comments

New Report Shows Breach Costs Continuing to Grow

The costs associated with data breaches climb alongside the amount of data managed by the enterprise according to the latest Global Protection Index Snapshot. Organizations are, on average, managing nearly 40% more data than one year ago. And 80% see that data having value. Unfortunately, 81% don’t think their cybersecurity is up to future challenges.
Read more
No Comments

Microsoft Patches Leaked Remote Code Execution Flaw

A vulnerability in Microsoft’s Server Message Block protocol prompted concerns of wormable exploits when it was disclosed this week. Microsoft has patched a critical remote code execution vulnerability in its Server Message Block (SMBv3) protocol and is urging organizations to deploy updates for the flaw as soon as possible. CVE-2020-0796 exists in the way SMBv3
Read more
1 Comment

Back to the Future: A Threat Intelligence Journey

Threat intelligence needs the problem solvers, the curious ones, the mission seekers, the analytical minds, the defenders, and the fierce — whatever their gender. “If you could go back in time, what advice would you pass on to your younger self?” When a friend recently asked me this, for a brief moment the question gave
Read more
No Comments

COVID-19 Drives Rush to Remote Work. Is Your …

A rapid transition to remote work puts pressure on security teams to understand and address a wave of potential security risks. Many companies, concerned for employees’ health amid the rapid spread of coronavirus, have begun encouraging them to work from home. The shift, rightly done to protect people from infection, could also potentially expose organizations
Read more
2 Comments

Blacklists Miss 21% of Phishing Attacks, Internet …

Visibility into phishing attacks by content delivery networks and security firms shows many domains fail to be classified as malicious. More than 20% of the sites used for phishing are not detected by current blacklists as malicious, even days after the start of an attack, according to new research published by internet-services firm Akamai. The
Read more
No Comments

Why CSP Isn’t Enough to Stop Magecart-Like Attacks

As Magecart and formjacking attacks become more sophisticated, it’s essential to address not only what services may interact with users, but what that interaction looks like and how to control it. 2019 left enterprises scrambling for security measures to tackle new threats such as formjacking and targeted attacks perpetrated by the group known as Magecart
Read more
2 Comments

3 Tips to Stay Secure When You Lose an Employee

Whether they leave for a better job or get fired, and whether they mean to cause problems or do so out of ignorance, ex-workers can pose a threat to your company. Research indicates that January and February are the most popular job-hunting months, and that one of the main reasons people leave their jobs is
Read more
No Comments

Paradise Ransomware Variant Hides in Office IQY Files

The uncommon Internet Query file format lets attacks slip past defenses to effectively break into target networks. Researchers have detected an attack campaign that leverages Internet Query files (IQY) to bypass enterprise defense systems and deliver a new variant of Paradise ransomware. Paradise has been active since 2017; now, its operators are finding new ways
Read more
2 Comments