Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cornwall Council is warning residents about a new scam that is making the rounds on text messages. Fraudsters are sending scam messages that appear to be from the Cornwall Council, telling people that they need to isolate themselves due to being in contact with those with COVID19. They are being asked to click on a link for more information and to book a test. The text is being sent from mobile phone numbers, so it’s important to be wary of any links you receive from unknown senders.

This week we’ve added new Kotlin & Swift Courses to the Security Labs catalog! The update includes 4-5 Kotlin (Android) labs and 4 Swift (iOS) labs that cover common mobile security topics such as secret storage, authorization, and custom URL handling.

Recently, we have seen several malware campaigns attacking Ukrainian organizations — Operation Bleeding Bear is a recent one of note. Elastic Security researchers recently verified a data wiper malware campaign that is targeting Ukrainian systems. As this malware campaign is new, with more information being uncovered hourly, it is being referred to as HERMETICWIPER.

On Tuesday, February 8, 2022, SAP patched a critical memory corruption vulnerability (CVE-2022-22536) in the SAP Internet Communication Manager (ICM) component that could lead to full system takeover without authentication or user interaction. The ICM component is present in most SAP products and is an important component in SAP NetWeaver application servers.

In a fiercely competitive industry, user experience (UX) is one area where retailers can differentiate themselves and win customer loyalty. UX design is a means to reducing friction between users and what they want to do (or more accurately, what the business wants them to do). UX is thus vital to influencing metrics like conversion rate, time on site, page views and basket size.

It’s been more than two years since the first stories of COVID-19 hit the news, and so much about how we live and work has changed during that time. The global pandemic affected every area of business in economies the world over, resulting in financial losses and closures, especially for small enterprises and start-ups.

Leading a cybersecurity program across multiple subsidiaries, geographies, or regulatory jurisdictions is incredibly complex. In the second installment of our 'What's On Your Security Roadmap for 2022' series, the Chief Information Security Officer (CISO) of a global provider of data, technology, and market infrastructure shares why automation, hiring, and cloud tooling are his top priorities to help his team stay ahead of cyber threats.

The Gramm-Leach-Bliley Act, known as the GLBA, was passed in 1999 under President Clinton. The goal of the GLBA was to update and modernize the financial industry. Today, it’s primarily used to protect customer and consumer information, with steep penalties for financial institutions that violate its privacy rules. Here’s what you need to know about the GLBA and its regulations.

Russian hackers are attempting to broadly penetrate Ukrainian infrastructure to disrupt critical services such as electricity, transportation, finance, and telecommunications. US Government urges US Critical Infrastructure owners to harden their systems and implement a “shields up” strategy. As tensions escalate, Russian cyberattacks could seek to disrupt US electricity, gas, and other systems, warn the FBI and Department of Homeland Security.