Hackers spreading fake news to induce fight between the US and Poland

According to Lt. General Chris G Cavoli of the United States, some polish websites came under the influence of cyberattacks aimed at Damaging Poland’s military alliance with North America. Gen. Cavoli said that the servers of national and regional polish websites were being influenced by some state-funded hackers who were trying to spread misinformation by posting articles on the news websites without the knowledge of the owners and shaming the efficacy and vigilance of Polish Soldiers and their warfare related equipment. Showing a doctored sentence...

Read More

Minnesota has witnessed a surge in Cyber Attacks

Minnesota is witnessing a surge in cyberattacks as hackers are trying to induce political unrest and pressure on the law enforcement after the death of George Floyd on May 25th, 2020.   But Minnesota’s Security Operations Center says that all the attacks launched on the government infrastructure of the state have been thwarted or neutralized after they learned that the hackers were targeting the government servers with DDoS- distributed denial of service attacks.   A source from the MNIT, a state Information Technology Agency say that...

Read More

What You Need to Know About Reverse Proxy

Cloud access security brokers (CASBs) are the go-to solutions for securing the use of cloud-based tools. Whether it’s major software-as-a-service apps, niche or long-tail SaaS apps, custom apps built on IaaS platforms, or something else entirely, CASBs are used to protect data wherever it goes. However, not all CASBs are created equal. In this blog we will review the different...

Read More

Russia hacked Exim Email Server program says NSA

US National Security Agency aka NSA has issued a press update yesterday that hackers funded by Russian military agency have launched a malicious malware campaign to exploit the Exim Internet Email Server program since Aug’19.   And the news is out that the hacking group which was previously involved in hacking the US Elections 2016 has achieved the feat by exploiting the vulnerability in Exim Mail Transfer Agent which operates on the UNIX Operating system.   Precisely, Exim is a message transfer agent that was developed by the University...

Read More

Ransomware attack on New Mexico County and Intl Fisheries in Halifax

Ransomware menace seems to be a never-ending saga and the latest victim happens to be New Mexico County and International Fisheries Organizations of Halifax. Going with the first, servers related to Rio Arriba County were discovered to be having encrypted files and databases as a result of Ransomware attack early this week. And the bad news is that those spreading the file-encrypting malware have also managed to lock down the county’s backup servers from access. Thomas Campos the manager of the County was not ready to issue a press update on this...

Read More

C-Level Executives are vulnerable to mobile-based cyber attacks

According to a study conducted by MobileIron, C-Level executives are most vulnerable to mobile-based cyber attacks as hackers target them as soft targets to infiltrate a corporate network. “Trouble at the Top” report compiled by MobileIron has made its analysis based on the response given by over 300 enterprises IT decision makers which includes those from France, Benelux, Germany, UK, and United States and have included the responses of over 50 C-Level executives from developed nations such as UK and US. The highlight in the findings is the fact...

Read More

How To Catalog Vendors With Access to Your Network

Working with vendors, business partners, and other third parties is a fact of life for most organizations. However, once vendors are selected, vetted, and onboarded, they will often be given remote access to your network, and that’s where problems can arise. Even one vendor can increase the risk that your network might be compromised; when the number of vendors grows into the dozens or hundreds, the risk increases exponentially. This leads to an ongoing tug of war: the need to give each approved vendor access to your network in order to get to...

Read More

Gartner: 5 Things You Must Absolutely Get Right for Secure IaaS and PaaS

Cloud adoption has revolutionized the way that businesses share and access information. It has stretched across all industries, including those that are regulated or highly security conscious. Today, infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) solutions provide extensive flexibility and productivity gains to enterprises around the world. The post Gartner:...

Read More

Bitglass and the Rise of the Remote Workforce

Organizations across all industries are struggling to shift gears and acclimate to the changes brought forth by the recent events around the globe. Due to these worldwide developments, enterprises have had to shift from the familiar, primarily on-premises way of doing things to a highly remote, cloud-first workforce. As such, Bitglass, the Next-Gen Cloud Security Company,...

Read More

IoT Masters: What you need to know before you get started in the Internet of Things

Smart devices and internet-enabled products can increasingly be found in all walks of life as our previously unconnected cities and towns are transformed into versatile and evolving digital hubs. Such is the universality of these devices, that the term the ‘Internet of Things’ has transitioned from being a phrase reserved solely for technology enthusiasts to a household term in just a handful of years. This boom has, in term, acted as a catalyst for the widespread development of connected products. Yet this enthusiasm for smart technologies hasn’t...

Read More

Michigan University Ransomware Attack and Microsoft PonyFinal Ransomware attack

Hackers gang spreading NetWalker Ransomware has targeted Michigan State University which is one of the oldest educational institutes in the United States. And they have reportedly given 7 days to the university officials to pay the ransom or they have threatened to release some stolen files via a website on the dark web. To support their claims NetWalker ransomware spreading gang has already released a portion of data that they accessed before locking down the servers from being accessed by the university authorities. Although the staff of the...

Read More

NHS Corona Virus Tracking app, not safe say, users

NHS which released a COVID 19 tracking app in early May this year for testing purposes is back in news for all wrong reasons. More than 50% of users using the NSHX COVID 19 Tracking app say that they do not trust the fact that the government of the UK will keep the data safe from hackers and state-funded snooping eyes.   Technically, NHS released the app to slow down the spread of the Coronavirus by tracking down COVID 19 contacts and its objective is to stop the spread of the virus warning the people as soon as they come into the vicinity...

Read More

McAfee says corporate cloud networks being targeted with Cyber Attacks

As corporate companies across the world have initiated their employees to work from home, the pressure on corporate cloud networks is said to have increased immensely. And according to a report released by Cybersecurity firm McAfee a spike in external hacks by 600% is being observed from the past few weeks.   McAfee reached the said estimate after analyzing the data from over 30 million users visiting its MVision Cloud service and concludes that the security delivery models need to be changed on a fundamental note to cater to the needs of...

Read More

How malware mimics the spread of COVID-19

It’s a weird time to be alive. Millions of people globally are living under government lockdowns, as we collectively endure the COVID-19 pandemic. COVID-19 has brought to light some fundamental truths about humanity, including our deep-seated need for social interactions. It has also highlighted how reliant we are on critical infrastructure like our healthcare systems and...

Read More

The Bitglass Blog

With an ever changing, and increasingly more perilous, threat landscape, real-time data protection has become an imperative. Malware, specifically, presents a unique hazard to SaaS data, as malicious programs rapidly change with both an increase in complexity and scope of attack surface. Traditional methods of prevention, sandboxing or signature-based detection, no longer serve as an effective means of protection. With this in mind, Bitglass, the leader in advanced threat protection,  has engaged in a best-of-breed partnership with Antivirus...

Read More

Cyber Attack on easyJet will fetch £18 Billion compensation to customers

The Cyber Attack which took place on the EasyJet database in January 2020 might fetch the customers of the airline services provider £2000 as compensation. Highly placed sources suggest that over 9 million customers who were impacted by the data breach might get the financial compensation if all goes well as per the law and through proper channels.   Cybersecurity Insiders learned that the London based budget airliner identified the cyber incident in the first month of this year and notified it to the Information Commissioner’s Office at that...

Read More

American Chemical Facilities are Vulnerable to Cyber Attacks

According to a report compiled by the Government Accountability Office (GAO), most of the chemical facilities are vulnerable to cyber attacks as they are either using obsolete hardware out of date software which is against the federal training guidelines.   The Federal Watchdog says that most of the 3,300 chemical facilities are running against the Cybersecurity standards outlined by the Department of Homeland Security Chemical Facilities Anti Terrorism Standards (CFATS) program.   “ A strike of a cyber attack on chemical facilities could...

Read More

NSA has been secretly recording phone calls of American Populace

Barton Gellman, a journalist by profession and the man who shared NSA contractor Edward Snowden’s classified documents to the world has revealed in his book that the National Security Agency has been recording phone calls of the American populace for years and has created a database which could create a profile of a person based on the calls they made with just a push of a button.   Gellman claimed in his book named ‘Dark Mirror’ that NSA’s tool named ‘Mainway’ secretly records billions of phone records a day and has been doing so from the...

Read More

Stories from the SOC – System compromise with lateral movement

Executive Summary Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Malicious network traffic from foreign IPs was observed trying to establish communication to a compromised internal system. The internal...

Read More

Don’t Shoot the Messenger – Securing Communication Apps

In today‘s world, workers use messaging applications to communicate more than ever, regardless of the industry they work under. With bring your own device (BYOD) at about 85% adoption, and with many people working remotely, messaging tools enable employees‘ productivity to be unbothered by this modern...

Read More

Secure Remote Work for Contractors

Securing contract employees is a challenge even in ordinary times.  Harder yet during a pandemic lockdown. Bitglass to the rescue. The post Secure Remote Work for Contractors appeared first on Cybersecurity Insiders. May 27, 2020 at 09:09...

Read More

Securing Remote Work Part 3: Web Traffic, SWG, & a Smarter Digital Edge

Enterprises are embracing digital transformation and moving their applications and data to the cloud. This is accelerated by today’s expansion of the remote workforce. Despite the obvious benefits of embracing a modern cloud environment, many organizations still...

Read More

Bitglass Security Spotlight: Pharmaceutical Giant Is the Latest Victim of Ransomware Attack

Here are the top stories of recent weeks: Ransomware Attack Results in Pharmaceutical Data Leak Chegg Suffers Breach for the Third Time Since 2018 Fitness App Exposes Over 42 Million User Records Over Two Million Card Transaction Records Exposed in Leaky Server  With Over 160k Compromised Accounts, Nintendo Shuts Down Portal The post Bitglass Security Spotlight: Pharmaceutical...

Read More

Bitglass adds South Asia & ANZ Local Edge Data Centers

May 13, 2020, Bangalore: Bitglass is pleased to announce Local Edge Data centers in Bangalore, Chennai, Hyderabad, Mumbai, and New Delhi, India; Melbourne and Perth, Australia. The post Bitglass adds South Asia & ANZ Local Edge Data Centers appeared first on Cybersecurity Insiders. May 27, 2020 at 09:09...

Read More

Beware of Counterfeits

May 14, 2020, Campell, CA: Beware of competitors distributing counterfeit Bitglass product brochures to confuse customers. The post Beware of Counterfeits appeared first on Cybersecurity Insiders. May 27, 2020 at 09:09...

Read More

Securing Remote Work Part 4: ZTNA

My colleagues Wayne Phillips and Jonathan Andresen recently delivered a webcast titled, “Who moved my VPN and why should I care?” It covers a host of topics related to securing today’s remote workforce, but the title does raise a valid question: are VPNs still relevant?   The post Securing Remote Work Part 4: ZTNA appeared first on Cybersecurity Insiders. May 27, 2020...

Read More

Bitglass and CrowdStrike for Agentless ATP in the Cloud

With an ever changing, and increasingly more perilous, threat landscape, real-time data protection has become an imperative. Malware, specifically, presents a unique hazard to SaaS data, as malicious programs rapidly change with both an increase in complexity and scope of attack surface. Traditional methods of prevention, sandboxing or signature-based detection, no longer...

Read More

Stories from the SOC – System compromise with ateral movement

Executive Summary Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Malicious network traffic from foreign IPs was observed trying to establish communication to a compromised internal system. The internal...

Read More

Please end Medical Cyber Attacks says Red Cross

Hackers who are launching cyber attacks on medical facilities such as Universities researching COVID 19 Vaccine and hospitals treating patients are being urged to stop cyber-attacks on medical facilities.    In an open letter signed by some prominent personalities like foreign ministers, ex-Presidents, and seven Nobel laureates the signees’ are urging the government and United Nations (UN) to help thwart cyber attacks that are targeting medical and research facilities during the coronavirus spread.   The letter which is being led...

Read More

Samsung offers Hardware Chip and Software for utmost Mobile Security

Samsung Electronics which happens to be a world-renowned electronics giant has introduced a turnkey mobile security solution in the form of a hardware chip and related software. And the newly developed hardware has also succeeded in obtaining Common Criteria Evaluation Assurance Level (CC EAL) 6+ which happens to be the high-security level obtained by any mobile component.   Technically speaking, the silicon chip dubbed as Secure Element (SE) Chip (S3FV9RR) is hardware that offers the utmost protection for tasks such as mobile payments, isolated...

Read More

Apple iOS 14 leaked on iPhone 11 in China Gray market

In what qualifies as a technological embarrassment to Apple Inc, hackers seem to have reportedly got a hands-on on the next version of Apple’s operating system i.e iOS 14. News is out that the gray market in China is selling iPhone 11 devices loaded with the latest iOS 14 operating systems which were scheduled to release as a beta version in June 2020 and as the commercial version from mid-September 2020.   What is amazing in this OS leak is that some iPads and iPhones sold in China are also seen loaded with the latest version of iOS giving...

Read More

Ransomware news trending on Google

In Sport a New South Wales (NSW), Australia based retailer has released a press statement yesterday that the servers at its head office were impacted by REvil or Sodinokibi ransomware attack which has resulted in some data loss which includes email addresses, shipping addresses, and contact numbers. However, the sports equipment dealer has assured that most of the data was recovered and no information on its Shopify cart was compromised in the cyber incident which could have taken place on Saturday May 16. Meanwhile, in other news related to ransomware,...

Read More

Born In the Cloud acquired by Open Systems

Born in the Cloud, a Cyber Threat Detection firm also recognized as a security partner of Microsoft Azure was acquired by Open Systems last week for a formidable amount which is yet to be disclosed. Trade analysts argue that the new acquisition will technically help Open Systems ability to serve businesses that are looking for cloud automation, strategy and migration goals as Born in the cloud has expert engineers in Cybersecurity, Microsoft Security Stack, Cloud Automation, Artificial Intelligence, data science, and DevOps. “Born in the Cloud...

Read More

A vulnerability in Google Cloud earns $31k

A security researcher from South America was awarded $31,337 as a bug bounty reward for finding a bug in the Google Cloud. And the researcher’s name is being reported as Ezequiel Pereira who has found a remote code execution vulnerability in Google Cloud Deployment Manager. Cybersecurity Insiders has learned that the Uruguayan computer science student discovered the flaw when he managed to infiltrate the secure APIs such as issuetracker.corp.googleapis.com using the gslbTarget parameter. The web search giant appreciated the find by paying the security...

Read More

What’s the cost of not implementing a vendor management platform

Regularly the conversation around any sort of platform revolves around what the costs are: what is the base cost, if there are any add ons, and if you have to pay for support. However, sometimes it makes more sense to think about what the costs are if you forgo to implement a software platform. And what’s harder is that usually the task of optimizing security and efficiency is too often a paradoxical relationship. When you boost one, you end up compromising the other. Especially when it comes to managing your vendors, this balancing act between...

Read More