CISA: Election Security Still Under Threat at Cyber and Physical Level
Federal cyber leadership doubled down on the need to continue to fortify election security at both the local and national level as threats from foreign and domestic actors will still be a problem ahead of the 2024 presidential election."We face continuing threats from a growing number of foreign state sponsored threat actors intent on targeting our election infrastructure and voters through cyber activity and malign foreign influence operations," Kim Wyman, the senior advisor for election security at the Cybersecurity and Infrastructure Security Agency said during a panel discussion hosted by the University of California, Los Angeles, on Friday.
Shouldering the Increasingly Heavy Cloud Shared-Responsibility Model
As business and the world in general grow more complex, the shared responsibility between cloud customer and cloud provider becomes, well, cloudier.This is especially true when it comes to security and compliance.Moving applications and infrastructure to the cloud frees up resources and increases flexibility and scalability, but does not free organizations from ensuring their regulatory and security responsibilities are being met.
First Dero cryptojacking campaign targets unprotected Kubernetes instances
Learn how this cryptocurrency campaign operates and its scope.Then, get tips on protecting vulnerable Kubernetes instances from this cybersecurity threat.The cybersecurity company CrowdStrike has observed the first-ever Dero cryptojacking campaign.The attack targets Kubernetes clusters that were accessible on the internet and allowed anonymous access to the Kubernetes API.
Running WordPress on Azure for secure, fast and global content delivery
Learn about Microsoft's WordPress on Azure App Service, as well as an interesting alternative from WP Engine.Twenty years old this year, WordPress remains one of the most popular content management tools.Running a WordPress instance requires a web server and a database, an ideal combination for moving to a virtual infrastructure running in the cloud, either using platform services or bringing your own infrastructure.
NBA Notifying Individuals of Data Breach at Mailing Services Provider
The National Basketball Association (NBA) is notifying individuals that their personal data was stolen in a data breach at a third-party service provider.Last week, the NBA started sending out notification emails to an unknown number of individuals, to inform them that their information was compromised in a data breach at a third-party provider of newsletter services.
Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
Sustainable energy giant Hitachi Energy has blamed a data breach affecting employees on the exploitation of a recently disclosed zero-day vulnerability in Fortra's GoAnywhere managed file transfer (MFT) software.In a press release published on Friday, Hitachi Energy said the Cl0p ransomware gang targeted the GoAnywhere product and may have gained unauthorized access to employee data in some countries.
Red alert warning to anyone who uses Gmail or Microsoft Outlook
Cyber security experts found phishing scams targeting Gmail and Outlook users had increased 240 per cent (Image: Getty) Billions of Outlook and Gmail users have been issued a red alert warning over a huge increase in email scams.A report, from cyber defence company BlueVoyant, has found a 240% increase in email scams targeting users, with phishing scams that are often hard to spot.