Meet Jeremy Leasher, Security Solutions Architect at Axellio. Leasher believes the IT security industry is undergoing a serious skills crisis, threatening to undermine the security of commercial and government organizations. Here, we talk to Leasher about the best approach to solving this skills crisis.
SAP systems running outdated or misconfigured software are exposed to increased risks of malicious attacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned. SAP applications help organizations manage critical business processes—such as enterprise resource planning, product lifecycle management, customer relationship management, and supply chain management.
eSentire is warning enterprises and individuals that cybercriminals are spearphishing business professionals on LinkedIn with fake job offers in an effort to infect them with a sophisticated backdoor Trojan. Backdoor trojans, according to eSentire, give threat actors remote control over a victim's computer, allowing them to send, receive, launch and delete files.
Billions of searches take place on the surface web every day. Synonymous with Google, this part of the web is indexed by search engines. Try searching your name and you’ll likely be met with thousands if not millions of results, a few of which are familiar to you – your social media profiles, bio on your employer’s website, mentions in the news. The surface, or “clear” web, is only the tip of the iceberg, as vast as it may seem. In fact, it makes up only 4% of the entire World Wide Web. A much larger chunk of the web, the deep web, lies beneath the surface and is not indexed by search engines – but it is still just as important for security professionals to monitor.
CISA has issued supplemental direction to Emergency Directive (ED) 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities providing additional forensic triage and server hardening, requirements for federal agencies. Specifically, this update directs federal departments and agencies to run newly developed tools —Microsoft’s Test-ProxyLogon.ps1 script and Safety Scanner MSER—to investigate whether their Microsoft Exchange Servers have been compromised.
Sharecare announced the expansion of its executive team with David Guthrie joining as chief information officer (CIO) and chief information security officer (CISO).
Cybrary, and MITRE Engenuity announced a partnership to offer MITRE ATT&CK Defender (MAD), a new online training and certification solution designed to enable defenders to gain the advantage over cyber adversaries.
Today, open-source code is everywhere. In fact, 99% of all codebases contain open-source code, and anywhere from 85% to 97% of enterprise codebases come from open-source. What does that mean, exactly? It means that the vast majority of our applications consist of code we did not write.
March 31st is World Backup Day 2021, the 10th anniversary of the inaugural World Backup Day in 2011. Though the day serves as a reminder to backup your data, this process should be done frequently to offset the risk of data loss - or the intentional or unintentional destruction of information, which may be caused by people or processes from within or outside of an organization.
The Awake Security division of Arista Networks has discovered evidence linking the Hades ransomware gang to Hafnium, the state-sponsored threat actor operating from China that Microsoft says is behind the recent Exchange hacks.
