Mar 30, 2023Ravie LakshmananSupply Chain / Software Security 3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that's using digitally signed and rigged installers of the popular voice and video conferencing software to target downstream customers. "The … [Read more...] about 3CX Desktop App Supply Chain Attack Leaves Millions at Risk
risk
Mitigate Cyber Risk From Email With the Falcon LogScale and Mimecast Integration
Email is the top initial attack vector, with phishing campaigns responsible for many damaging cyber attacks, including ransomware. Being able to search Mimecast email security logs in CrowdStrike Falcon® LogScale (formerly known as Humio), alongside other log sources such as endpoint, network and authentication data helps cybersecurity teams detect and respond to cyber … [Read more...] about Mitigate Cyber Risk From Email With the Falcon LogScale and Mimecast Integration
Elastic joins AWS Marketplace Vendor Insights to streamline risk assessment and software procurement
Vendor Insights can help you reduce assessment lead time by allowing you to access a vendor’s validated security profile. It can lower the effort of questionnaire population via back-and-forth with vendors from months to hours.Use the Vendor Insights dashboard to reduce assessment timeVendor Insights can ease your procurement process by reducing your assessment time via a … [Read more...] about Elastic joins AWS Marketplace Vendor Insights to streamline risk assessment and software procurement
Secure Email Threat Defense: Providing critical insight into business risk
Attackers specifically craft business email compromise (BEC) and phishing emails using a combination of malicious techniques, expertly selected from an ever-evolving bag of tricks. They’ll use these techniques to impersonate a person or business that’s well-known to the targeted recipient and hide their true intentions, while attempting to avoid detection by security … [Read more...] about Secure Email Threat Defense: Providing critical insight into business risk
U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk
The U.S. Federal Communications Commission (FCC) formally announced it will no longer authorize electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua, deeming them an "unacceptable" national security threat. All these Chinese telecom and video surveillance companies were previously included in the Covered List as of March 12, 2021. "The FCC is committed to … [Read more...] about U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk
Leading financial institutions hedge risk by focusing on these 5 critical SIEM requirements
Digital transformation is expanding the attack surface in financial services. Throughout the pandemic, the accelerated adoption of digital banking, payments, and insurance channels has enabled providers to offer greater levels of service, new financial products, and enhanced journeys to their customers.However, with growing amounts of data and increasingly complex IT … [Read more...] about Leading financial institutions hedge risk by focusing on these 5 critical SIEM requirements
Managing Cybersecurity Risk in M&A
As Technology Audit Director at Cisco, Jacob Bolotin focuses on assessing Cisco’s technology, business, and strategic risk. Providing assurance that residual risk posture falls within business risk tolerance is critical to Cisco’s Audit Committee and executive leadership team, especially during the mergers and acquisitions (M&A) process. Bolotin champions the continued … [Read more...] about Managing Cybersecurity Risk in M&A
Bank BRI mitigates cybercrime and financial risk with Elastic Security
Bank BRI is one of the largest banks in Indonesia and Southeast Asia, providing end-to-end financial solutions to more than 130 million customers. As part of its core mission, the bank has a particular focus on empowering microbusinesses and advancing the financial inclusiveness of the countries it serves.With such a wide range of customers and partners, Bank BRI has created an … [Read more...] about Bank BRI mitigates cybercrime and financial risk with Elastic Security
Stop Putting Your Accounts At Risk, and Start Using a Password Manager
Image via KeeperRight Now, Get 30% Off Keeper, the Most Trusted Name in Password Management. In one way or another, almost every aspect of our lives is online, so it's no surprise that hackers target everything from email accounts to banks to smart home devices, looking for vulnerabilities to exploit. One of the easiest exploits is cracking a weak password. That's why using a … [Read more...] about Stop Putting Your Accounts At Risk, and Start Using a Password Manager
Extremely Critical Log4J Vulnerability Leaves Much of the Internet at Risk
The Apache Software Foundation has released fixes to contain an actively exploited zero-day vulnerability affecting the widely-used Apache Log4j Java-based logging library that could be weaponized to execute malicious code and allow a complete takeover of vulnerable systems. Tracked as CVE-2021-44228 and by the monikers Log4Shell or LogJam, the issue concerns a case of … [Read more...] about Extremely Critical Log4J Vulnerability Leaves Much of the Internet at Risk