Users of AWS Aurora, DocumentDB, and RDS databases must download and install a fresh certificate and rotate the certificate authority. Amazon Web Services has issued an “important” warning to users of its Amazon Aurora, Amazon Relational Database Service (RDS), and Amazon DocumentDB (with MongoDB compatibility) databases, urging them to update their certificates by January 14,
External Key Manager and Key Access Justification are intended to give organizations greater visibility into requests for data access. Google Cloud today debuted new capabilities, External Key Manager and Key Access Justifications, to give customers greater visibility into who requests access to their information and the reasoning behind these requests. They also have the ability
Midwestern U.S. retailer Hy-Vee disclosed investigation findings this week from a data breach announced in mid-August impacting millions of customers utilizing its food and service point-of-sale (PoS) transaction machines. The investigation identified the operation of malware designed to access payment card data from cards used on PoS devices at certain Hy-Vee fuel pumps, drive-thru coffee
With the new era of Windows as a service, Microsoft is rolling out changes to the operating system twice a year. Many of those changes will allow you to improve your security posture and offer more security choices. You no longer have to wait for a new operating system to deploy new security features. Below
A new attack is found that uses MySQL as part of the attack chain in a GandCrab ransomware infection. A new type of attack by the pervasive GandCrab ransomware could open the door to more juicy targets — database servers. Researchers at Sophos Labs discovered a new attack using GandCrab against one of its honeypots.
More fallout from the compromise of Asus’s automated software update. When a platform is attacked, there are well-practiced tools and strategies for response. When servers that provide software and firmware updates get hit as in the recent ShadowHammer attack that hit Asus and its customers, remediation can be much more of a challenge technologically and behaviorally.
ShadowHammer campaign latest to highlight dangers of supply chain attacks.
Taiwanese computer maker ASUS may have inadvertently distributed malware to over 1 million users of its systems worldwide after attackers compromised software update servers at the company last year, Kaspersky Lab said in a report Monday. Available telemetry shows the attackers planted the malware,