SAP systems running outdated or misconfigured software are exposed to increased risks of malicious attacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned. SAP applications help organizations manage critical business processes—such as enterprise resource planning, product lifecycle management, customer relationship management, and supply chain management.
A 2019 S&P Global study found that public companies with women at the helm were more profitable compared to those with men in the CEO and CFO seats. Women are also making big inroads in other fields including science and medicine. Yet in the tech and cybersecurity industries women still lag behind. It’s certainly not because of a lack of jobs. Though the talent shortage did ease last year, the industry as a whole is struggling to fill vacancies. There are a few reasons that women aren’t filling those seats.
The Pentagon’s Cyber Crime Center and bug bounty vendor HackerOne have launched the Defense Industrial Base Vulnerability Disclosure Program (DIB-VDP), an effort to share vulnerability data and boost digital hygiene within the defense industrial base. According to HackerOne, any information submitted to the DIB-VDP under this program will be used for defensive purposes – to mitigate or remediate vulnerabilities in DoD contractor information systems, networks, or applications.
eSentire is warning enterprises and individuals that cybercriminals are spearphishing business professionals on LinkedIn with fake job offers in an effort to infect them with a sophisticated backdoor Trojan. Backdoor trojans, according to eSentire, give threat actors remote control over a victim's computer, allowing them to send, receive, launch and delete files.
The personal data and phone numbers of hundreds of millions of Facebook users were posted for free in a hacking forum over the weekend. The data includes personal information of 533 million Facebook users from 106 countries, including more than 32 million records on users in the U.S. 11 million on users in the U.K., and 6 million on users in India.
Those on the cyber threat frontlines may view the entire FireEye-SolarWinds catastrophe through a very different lens. It’s a mile-high view that proves a thesis: why data must be smart and able to protect itself from cybercriminals – no matter where it goes, where it’s stored or who has it.
Sophos published a new report on a recently uncovered connection between the Mount Locker ransomware group and a new group, called “Astro Locker Team.”
Take a look at CISO of DoorDash Justin Grudzien’s career in data privacy and security from building security teams from the ground up at Orbitz to solidifying best practices at DoorDash. Security talks to Grudzien about how he views security roles within the enterprise, how to avoid burnout, and how other security leaders can earn a seat at the C-Suite table.
Kroll has announced that the firm has promoted 18 colleagues to the managing director level in the United States, with a total of 31 practitioners promoted globally.
Billions of searches take place on the surface web every day. Synonymous with Google, this part of the web is indexed by search engines. Try searching your name and you’ll likely be met with thousands if not millions of results, a few of which are familiar to you – your social media profiles, bio on your employer’s website, mentions in the news. The surface, or “clear” web, is only the tip of the iceberg, as vast as it may seem. In fact, it makes up only 4% of the entire World Wide Web. A much larger chunk of the web, the deep web, lies beneath the surface and is not indexed by search engines – but it is still just as important for security professionals to monitor.