Intezer researchers discovered a new vulnerability in Azure Functions, which would allow an attacker to escalate privileges and escape the Azure Functions Docker container to the Docker host.
A new whitepaper report from Dataminr and Forrester Consulting has found that 40% of global risk and compliance decision-makers are improvising risk management. Titled Risk In A Real-Time World, the study surveyed 410 global risk and compliance decision-makers across the U.S., U.K., Australia and New Zealand to evaluate current risk management priorities and practices, and how real-time information is used in risk management and crisis response.
Data Privacy Day is a global effort — taking place annually on January 28th — that generates awareness about the importance of privacy, highlights easy ways to protect personal information and reminds organizations that privacy is good for business. Here, Security magazine compiled advice, tips and best practices for safeguarding data from many security executives.
Law enforcement and judicial authorities worldwide have this week disrupted one of most significant botnets of the past decade: EMOTET. Investigators have now taken control of its infrastructure in an international coordinated action.
Virginia becomes the first state in the U.S. to permanently enact COVID-19 workplace safety and health standards. In addition to requiring all public-facing employees to wear masks, the standards ensure ready access to hand sanitizer and the regular cleaning of common work spaces. Employers must train employees on COVID-19 safety and to develop infectious disease and preparedness response plans. The new permanent regulations include guidelines for returning to work and communicating about employees who test positive and potential exposures.
The Sophos Rapid Response team published findings from its investigations into recent ransomware attacks that reveal a failure to keep close tabs on “ghost” account credentials of recently deceased employees can give cybercriminals a discreet foothold to launch an attack.
Pro-Vigil published a research report indicating that a significant number of companies have updated their security strategies in the wake of the COVID-19 pandemic. These updates coincide with 20% of survey respondents reporting an increase in physical security incidents since the start of the pandemic, and the perception among one-third of respondents that 2021 will bring an increase in these types of incidents.
As businesses continue to reopen and plan for the future, a new study conducted by Purdue University finds that an elevator ride, with the proper precautions, is safer than outdoor dining.
Google has announced that a North Korean government hacking group has targeted members of the cybersecurity community engaging in vulnerability research. The attacks have been spotted by the Google Threat Analysis Group (TAG), a Google security team specialized in hunting advanced persistent threat (APT) groups.
The 16th edition of the World Economic Forum’s Global Risks Report analyses the risks from societal fractures—manifested through persistent and emerging risks to human health, rising unemployment, widening digital divides, youth disillusionment, and geopolitical fragmentation. Among the highest impact risks of the next decade, infectious diseases are in the top spot, followed by climate action failure and other environmental risks; as well as weapons of mass destruction, livelihood crises, debt crises and IT infrastructure breakdown, the World Economic Forum says.
The report also ranked cybersecurity failure as a critical threat to the world.