BMO Bank Loses Customer Data in Recent Data Breach Attack

BMO Bank is the 8th largest bank in the United States, employing over 12,000 individuals. The bank manages more than $3 Billion in annual reserves and works with a huge number of customers as it has over 1,000 physical locations across the country. BMO Bank is based in Chicago, Illinois, but has locations throughout the country. If you bank with BMO, your data may be at risk, because the organization was recently hacked and lost a significant amount of customer data.

Coffee Talk with SURGe: 2023-OCT-03 WS_FTP RCE, Exim Scope, ChatGPT, Cybersecurity Awareness Month

Grab a cup of coffee and join Mick Baccio, Ryan Kovar and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan competed in a 60 second charity challenge to share the pros and cons of Cybersecurity Awareness Month.

MMRat: A new banking trojan

Many threat actors tend to gravitate towards using some type of remote access trojan (RAT) in their campaigns. RATs are a type of malware that is designed to allow the attacker to have control over an infected device. RATs are a popular choice for hackers to use due to their many capabilities from reconnaissance and data exfiltration to long-term persistence. Throughout the last couple of months, a new Android banking trojan has been making headlines.

Cognitive Fitness: Cybersecurity Perspective on Complex VUCA Environments

Cybersecurity is a dynamic, ever-evolving space where traditional approaches often fall short. To thrive in this environment, one must cultivate the ability to think differently and harness cognitive skills to a higher degree than in many other fields. Bec McKeown emphasizes cognitive fitness through the lens of the cybersecurity realm's complex VUCA (Volatility, Uncertainty, Complexity, Ambiguity) environment.

Critical WebP 0-day security CVE-2023-4863 impacts wider software ecosystem

This month, Apple Security Engineering and Architecture (SEA) and The Citizen Lab at The University of Toronto's Munk School opened a pair of Critical vulnerabilities relating to maliciously formed WebP images which could be used to exploit the Chrome browser, as well as the webmproject/libwebp library from Google. As of Sep 27th, 2023, the CVEs known to track this libwebp vulnerability actively include.

What We Can Learn from Penn State's Compliance Conundrum

Penn State University is in hot water again for legal and compliance violations. This time, the activities in question are related to the university’s claim to be compliant under NIST SP 800-171, as required by Executive Order 13556 (2019). As a contractor and partner of the U.S. Government, Penn State is required to implement a minimum set of security controls around Controlled Unclassified Information (CUI) it collects, creates, or handles as part of its partnership with the government.

Unlocking Seamless API Security: Revenera's Journey with Wallarm

In today’s digital landscape, ensuring the security of web applications and APIs is paramount. The journey to find the right security solution can be filled with challenges and choices. In this blog post, we’ll dive into the experience of Rob Davies, VP of Engineering and Lead Architect at Revenera, as he navigates the path from identifying the need for enhanced API security to making a decision, implementing the solution, and reaping the benefits.

Automatic Application Protection using Red Hat Advanced Cluster Management with Trilio

See how easy it is to protect a newly deployed application into OpenShift using Red Hat Ansible Automation Platform, followed by an ACM Policy written for Trilio that will auto protect the deployed application (create a backup, according to the policy)