Risk management - Articles - Page 181

Cybercriminals targeting unpatched Exchange servers by installing cryptojacking malware

April 14, 2021

Cybercriminals continue to exploit unpatched Microsoft Exchange servers. Cybersecurity researchers at Sophos report an unknown attacked has been attempting to leverage the ProxyLogon exploit to unload malicious Monero cryptominer onto Exchange servers, with the payload being hosted on a compromised Exchange server.

Cybersecurity training lags, while hackers capitalize on the pandemic

April 14, 2021

Recently, TalentLMS partnered with Kenna Security to survey 1,200 employees on their cybersecurity habits, knowledge of best practices, and ability to recognize security threats. Here are some of the staggering results that offer some explanation as to why cybercrime has grown into such a lucrative business:

Zero trust visibility

Greg Copeland

April 14, 2021

Zero Trust Architecture (ZTA) is a trendy term touted by cybersecurity vendors. But there isn’t a single ZTA solution. The architecture is composed of numerous components, that when taken together, form a new paradigm for dealing with cybersecurity that is appropriate in a modern world where corporate enterprises are no longer confined to a well-defined and trustworthy perimeter such as remote working and cloud environments. For reference, the National Institute of Standards and Technology (NIST) has created a very detailed ZTA publication

New England College of Optometry implements contact-tracing wearables to boost COVID-response and enable in-person learning

The New England College of Optometry (NECO) formed a COVID-19 Task Force and began exploring ideas to enable in-person learning at the school in a safe, effective and well-planned manner. One of the solutions that NECO implemented is a contact-tracing tool that allows the school to respond immediately to report of an infection, accurately and effectively, without relying on a sign-in sheet or a person’s recollection of their previous contacts.

Maggie Shein

April 13, 2021

The New England College of Optometry (NECO) formed a COVID-19 Task Force and began exploring ideas to enable in-person learning at the school in a safe, effective and well-planned manner. One of the solutions that NECO implemented is a contact-tracing tool that allows the school to respond immediately to report of an infection, accurately and effectively, without relying on a sign-in sheet or a person’s recollection of their previous contacts.

The process of future-proofing a secured entrance post-pandemic

Kurt J. Measom

April 13, 2021

From the initial secured entrance to the overarching access control system, the emphasis is currently on contactless access control and door entry solutions. A myriad of technologies from NFC and smart mobile devices to facial biometrics will help play a vital role in what are now COVID-driven essentials. An integrated strategy for access control, along with tailgating mitigation options including turnstiles, revolving doors and mantrap portals enables building security to implement even more comprehensive control and prioritized security while making use of touchless credentials.

Mitigating risk with perimeter protection

John Feeney

April 13, 2021

Keeping unauthorized intruders from entering a business location is a critical part of protecting corporate assets. Perimeters are the first line of defense but do not conform to a ‘one-size-fits-all’ safeguarding solution. Selection criteria for the most suitable Perimeter Intrusion Detection System (PIDS) must take into consideration perimeter length, topography, environmental conditions, and future site expansion plans.

First-ever ‘Identity Management Day’ is April 13, 2021

April 13, 2021

The National Cybersecurity Alliance and the Identity Defined Security Alliance (IDSA), present the first ‘Identity Management Day,’ an annual awareness event which will take place on the second Tuesday in April each year. The inaugural Identity Management Day will be held on April 13, 2021.

Clubhouse API allows everyone to scrape public user data

April 13, 2021

Recently, an SQL database containing data of 1.3 million Clubhouse users was posted on a hacker forum for anyone to access. The data included names, user IDs, social media profile names and other details about clubhouse users.

April is National Supply Chain Integrity Month

April 12, 2021

In recognition of National Supply Chain Integrity Month, the Cybersecurity and Infrastructure Security Agency (CISA) is partnering with the Office of the Director of National Intelligence (ODNI), the Department of Defense, and other government and industry partners to promote a call to action for a unified effort by organizations across the country to strengthen global supply chains.

500m LinkedIn accounts leaked

April 12, 2021

An individual is selling the data of 500 million LinkedIn profiles on a popular cybercriminal forum, according to news reports. The leaked files contain information about the LinkedIn users whose data has been allegedly scraped by the threat actor, including their full names, email addresses, phone numbers, workplace information, and more, according to CyberNews.