5 Ways to Fight School Ransomware Attacks

The post lists 5 strategies to combat ransomware attacks on schools.
#ransomware #schools

Microsoft Azure Warns on Killnet's Growing DDoS Onslaught Against Healthcare

Microsoft Azure issues a warning about the increasing DDoS attacks by Killnet against healthcare organizations.
#Microsoft #Azure #Killnet

Previously Undiscovered TeamTNT Payload Recently Surfaced

Sysdigs reported on a client engagement regarding a multi-stage cloud attack resulting in the loss of proprietary data, which involved a complex exploitation chain including credential theft and lateral movement. Cado Security recently discovered a previously undiscovered TeamTNT payload.
#Sysdigs #CadoSecurity #TeamTNT

Microsoft Outlook Vulnerability Could Be 2023’s 'It' Bug

The post discusses a vulnerability in Microsoft Outlook that could potentially become a significant bug in 2023.
#Microsoft #Outlook #bug

Why red team exercises for AI should be on a CISO's radar

AI and machine learning present an opportunity for digital transformation but also open another threat surface that CISOs will have to monitor. CISOs will need to direct their teams to conduct red team exercises against AI models and applications to manage AI risks.
#AI #machinelearning #CISOs

Join us at RSA Conference to transform cybersecurity with frontline intelligence and cloud innovation

The promise of digital transformation is being challenged by increasingly disruptive cyber threats from more sophisticated adversaries. Mandiant and Google Cloud are joining forces at RSA Conference 2023 to offer unique threat intelligence, comprehensive visibility across attack surfaces, a secure-by-design cloud platform, and expert assistance.
#digitaltransformation #cybersecurity

Google Cloud and FS-ISAC team up to advance financial services security

Google Cloud joins the Financial Services Information Security and Analysis Centers Critical Providers Program to strengthen commitment to the financial sector. As a Critical Provider, Google Cloud will bring experts and resources including unique insights from our Threat Horizon reports to partner with the financial services community and its leadership.
#GoogleCloud #FinancialServices #ThreatHorizon

When and how to report a breach to the SEC

The US Securities and Exchange Commission (SEC) is proposing three new rules for publicly traded companies to report on cybersecurity events, disclose board of directors oversight of cybersecurity risk, and management's role in addressing cybersecurity risk. These requirements are expected to be enacted in the spring of 2023 and could have a trickle-down impact.
#cybersecurity #SEC

Russian hacktivist group targets India’s health ministry

A Russian hacktivist group claims to have breached India's Health Management Information System, which contains health data of millions of Indian citizens. The system compiles data from state and district-level health authorities, along with data from the National Family Health Survey (NFHS), the District Level Household Survey (DLHS), and the Office of the Registrar General & Census Commissioner.
#India #healthdata

Two Patch Tuesday flaws you should fix right now

Microsoft released its monthly security bulletin covering patches for over 80 vulnerabilities across its products, but two of them had already been used by attackers before patches were released. One vulnerability affects all supported versions of Outlook for Windows and allows attackers to steal Net-NTLMv2 hashes and then use them in NTLM relay attacks against other systems.
#Microsoft #Outlook #security

KillNet and affiliate hacktivist groups targeting healthcare with DDoS attacks

The US Department of Health and Human Services warns of pro-Russia hacktivist group KillNet launching DDoS attacks targeting healthcare companies and governments. Microsoft Security Blog provides an overview of the DDoS attack landscape against healthcare applications hosted in Azure as well as steps to protect against and respond to DDoS attacks.
#KillNet #DDoS

No, AI did not break post-quantum cryptography

The post discusses the misconception that AI has broken post-quantum cryptography.
#AI #postquantum

Post-quantum crypto should be free, so we’re including it for free, forever

The post discusses the inclusion of post-quantum cryptography for free, forever.
#post-quantum #cryptography

BrandPost: 1Password integrates with Okta SSO

1Password Business customers can now access 1Password with their Okta credentials, unifying auditing, compliance, and reporting workflows. The move simplifies signing in to 1Password for employees while extending Okta authentication policies to 1Password unlocks.
#1Password #Okta

BianLian Ransomware Pivots From Encryption to Pure Data-Theft Extortion

The post discusses how the BianLian ransomware has shifted its tactics from encryption to data-theft extortion.
#BianLian #ransomware #dataTheft

Don’t miss us at Microsoft Secure & Gartner IAM

Microsoft is participating in Gartner IAM where they will demo Microsoft Entra and Pamela Dingle will deliver a solution provider session. They are also hosting a new digital event, Microsoft Secure, where attendees can watch live sessions and interact with product leaders.
#MicrosoftEntra #PamelaDingle #MicrosoftSecure

Wired for Hybrid - Deep Dive 1 - Azure AD introduces support for IPV6

Microsoft is finally bringing IPv6 support to Azure Active Directory (Azure AD) starting April 3, 2023, to reduce spending on fast-depleting, expensive IPv4 addresses and ensure security. Customers are advised to make plans to ensure readiness for the significant change, and resources are provided for understanding IPv6 in relation to VNets and implementing IPv6 with applications and Windows Server VMs.
#AzureAD #IPv6

Change Is Coming to the Network Detection and Response (NDR) Market

The NDR (Network Detection and Response) market is experiencing significant changes, including new offerings from traditional security vendors and increased competition from cloud-based solutions. These changes are being driven by the rise of cloud computing, the increase in remote workforces, and the growing sophistication of cyber threats.
#NDR #NetworkDetection #market

Helping secure global collaboration at the first federally regulated crypto bank

Anchorage Digital is a regulated crypto platform that provides institutional investors with a safe and secure way to participate in crypto. The company uses Google Cloud and Google Workspace to collaborate securely and efficiently on a global scale.
#crypto #institutionalinvestors

$3B Crypto-Mixer Money Laundering Operation Seized by Cops

Police seize a $3 billion cryptocurrency mixing service used for money laundering.
#Police #cryptocurrency

How to configure Security Events collection with Azure Monitor Agent

Customers using Defender for Servers Plan 2 can collect security events data to bring context to server security investigations or alerts. Windows security events can be collected via a Data Collection Rule (DCR) configured by means of the Azure Monitor Agent, with the option to filter data collection to only the event IDs that matter.
#DefenderForServers #AzureMonitorAgent

How the EPP, EDR, and MDR Landscape Is Changing

The post discusses the changes in the landscape of endpoint protection platforms (EPP), endpoint detection and response (EDR), and managed detection and response (MDR) technologies.
#EPP #EDR

Join us at Microsoft Secure to discover the latest security solutions

Microsoft is hosting an event called Microsoft Secure on March 28, 2023, which will cover topics such as AI, identity, and data security. The blog post provides a preview of the event and highlights sessions that attendees should not miss.
#MicrosoftSecure #AI #datasecurity

Protect your key server with Keyless SSL and Cloudflare Tunnel integration

Learn how to secure your key server by integrating Keyless SSL and Cloudflare Tunnel.
#KeylessSSL #CloudflareTunnel

How Do Attackers Hijack Old Domains and Subdomains?

The post explores the methods used by attackers to take over old domains and subdomains for malicious purposes.
#cybersecurity #domainsecurity