Blog

Cloud Security Alliance opens registration for the CSA Summit at RSAC 2023

The Cloud Security Alliance (CSA) has announced that registration has opened for the CSA Summit 2023: Mission Critical (San Francisco, April 24) held in conjunction with the RSA Conference. Tima Soni, Chief and Head of the Valencia office of the United Nations International Computing Centre’s (UNICC) Cybersecurity division, and New York State’s Chief Cyber Officer Colin Ahern will share their wealth of expertise in two keynote addresses. The event will also feature a special keynote … More → The post Cloud Security Alliance opens registration for the CSA Summit at RSAC 2023 appeared first on Help Net Security.
http://news.poseidon-us.com/SmPD0B

Kodi forum breach: User data, encrypted passwords grabbed

The developers of Kodi, the widely used open-source media player app, have revealed a data breach of its user forum. What happened? The breach did not happen due to a vulnerability. Instead, an unknown attacker used the account of a legitimate but inactive member of the forum admin team to access the MyBB admin console on two occasions: February 16 and 21, 2023. The attacker was able to create backups of databases, which they then … More → The post Kodi forum breach: User data, encrypted passwords grabbed appeared first on Help Net Security.
http://news.poseidon-us.com/SmMTNt

How Microsoft’s Shared Key authorization can be abused and how to fix it

When many of us moved our server and application needs to the cloud, we rejoiced that we no longer had to worry about the drudgery of patching. We didn’t have to monitor servers and their Patch Tuesday deployments; it was all in Microsoft’s hands. But as often occurs with cloud deployments, a solution that means you no longer have to worry about one area can create security issues in others.   Time and again in the handling of any cloud deployment, how we manage identity and authentication needs to be reviewed on a scheduled basis to ensure that the security of cloud assets is being handled according to the latest recommended guidance. In the worst-case scenario, the attackers find out first and don’t inform us to take action. In the best case, researchers find a flaw and work with the vendors to help us all make better security decisions — Orca Security recently pointed out just such a flaw. To read this article in full, please click here
http://news.poseidon-us.com/SmMBcH

Threat hunting programs can save organizations from costly security breaches

Cybersecurity threats to organizations are only increasing, not only in number but in scope, according to Team Cymru. The true cost of cyber breaches Proactive threat hunting helps organizations save money by preventing security breaches and reducing the impact of attacks. For example, a study by IBM found that the average total cost of a breach is $4.35 million. To better understand the perspective of threat hunters who are in the trenches defending their organizations … More → The post Threat hunting programs can save organizations from costly security breaches appeared first on Help Net Security.
http://news.poseidon-us.com/SmLdVL

CISA’s updated zero trust model aims to help agencies walk before they run

The new roadmap gives agencies some easier first steps toward meeting the mandate of a “zero trust” security architecture.
http://news.poseidon-us.com/SmL90K

CISA’s updated zero trust model aims to help agencies walk before they run

The new roadmap gives agencies some easier first steps toward meeting the mandate of a “zero trust” security architecture.
http://news.poseidon-us.com/SmL8Tp

Leftover data lurks in the enterprise, creating business risk

When an organization has little data visibility, it becomes even more vulnerable to leaks and breaches — as well as insider and external threats. 
http://news.poseidon-us.com/SmJV5B

New Knowledge Articles for ESXi, VCenter, Automation Operations, vCF, and vCD for March, 2023 

Tweet Attention VMware customers! There have been some new Knowledge Base (KB) articles created in March that you should be aware of.  Our curated solutions are available 24/7 through VMware KB Articles. Make sure to also check our other resources:    The post New Knowledge Articles for ESXi, VCenter, Automation Operations, vCF, and vCD for March, 2023  appeared first on VMware Support Insider.
http://news.poseidon-us.com/SmJDVJ

Consumers take data control into their own hands amid rising privacy concerns

Data Subject Requests (DSRs), which are formal requests made by individuals to access, modify, or delete their personal data held by a company, increased by 72% from 2021 to 2022. The increase was primarily driven by deletion and access requests, according to DataGrail. In fact, the number of deletion requests more than doubled while access requests grew fivefold. These numbers will continue to increase as new data privacy laws, like those in Virginia and Colorado, … More → The post Consumers take data control into their own hands amid rising privacy concerns appeared first on Help Net Security.
http://news.poseidon-us.com/SmHcR2

USPS reform law sought to ease financial burdens. A year later, what’s changed?

Perspectives are mixed on whether the Postal Service Reform Act has put USPS on a path to leave its long-term financial woes in the past.
http://news.poseidon-us.com/SmHD3z