Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

February 2022

datadog

Monitor the security and compliance posture of your Azure environment with Datadog

Governance, risk, and compliance (GRC) management presents some unique challenges for organizations that deploy a myriad of cloud resources, services, and accounts. Simple misconfigurations in any of these assets can lead to a serious data breach, and compliance issues become even more prevalent as organizations try to inventory and manage assets across multiple cloud platforms and security and auditing tools.

Polar Security

7 Essentials Every Data Protection Strategy Requires

Data protection, once a marginalized subsection of the cybersecurity industry, has increasingly become a major concern, especially for companies deploying Cloud based applications. GDPR, CCPA, PIPEDA - The list goes on but they all have one thing in common - A focus by regulators worldwide on addressing the issues presented by the use of digital big data.

Tines

What's on your security roadmap? Cybersecurity forecasting with a Fortune 500 CISO

Leading a cybersecurity program across multiple subsidiaries, geographies, or regulatory jurisdictions is incredibly complex. In the second installment of our 'What's On Your Security Roadmap for 2022' series, the Chief Information Security Officer (CISO) of a global provider of data, technology, and market infrastructure shares why automation, hiring, and cloud tooling are his top priorities to help his team stay ahead of cyber threats.

bulletproof

How is COVID-19 continuing to impact the cyber security sector?

It’s been more than two years since the first stories of COVID-19 hit the news, and so much about how we live and work has changed during that time. The global pandemic affected every area of business in economies the world over, resulting in financial losses and closures, especially for small enterprises and start-ups.

netacea

How to improve user experience without compromising security

In a fiercely competitive industry, user experience (UX) is one area where retailers can differentiate themselves and win customer loyalty. UX design is a means to reducing friction between users and what they want to do (or more accurately, what the business wants them to do). UX is thus vital to influencing metrics like conversion rate, time on site, page views and basket size.

Arctic Wolf

Critical Vulnerability in the SAP Internet Communication Manager Component Could Lead to Full System Takeover, Patch Available

On Tuesday, February 8, 2022, SAP patched a critical memory corruption vulnerability (CVE-2022-22536) in the SAP Internet Communication Manager (ICM) component that could lead to full system takeover without authentication or user interaction. The ICM component is present in most SAP products and is an important component in SAP NetWeaver application servers.

elastic

Elastic protects against data wiper malware targeting Ukraine: HERMETICWIPER

Recently, we have seen several malware campaigns attacking Ukrainian organizations — Operation Bleeding Bear is a recent one of note. Elastic Security researchers recently verified a data wiper malware campaign that is targeting Ukrainian systems. As this malware campaign is new, with more information being uncovered hourly, it is being referred to as HERMETICWIPER.

Pentest People

Cornwall Council Warns of Covid Scam Text Messages

Cornwall Council is warning residents about a new scam that is making the rounds on text messages. Fraudsters are sending scam messages that appear to be from the Cornwall Council, telling people that they need to isolate themselves due to being in contact with those with COVID19. They are being asked to click on a link for more information and to book a test. The text is being sent from mobile phone numbers, so it’s important to be wary of any links you receive from unknown senders.

Corelight

Acting on CISA's advice for detecting Russian cyberattacks

Given that active cyber warfare has broken out alongside Russia’s active invasion of Ukraine - from Russian wiper malware to Anonymous hacking Russian state TV - CISA’s recent “Shields Up” memo is a timely insight into some of the TTPs defenders of critical infrastructure should be keeping an eye out for. Let’s break down the four key areas outlined in the memo and examine ways they can be detected with network data.