HackDig : Dig high-quality web security articles

Ransomware Attacks in 2021: Information Meets Emotion

“If you want to go quickly, go alone, but if you want to go far, go together.”  This African proverb opens the Sophos 2021 Threat Report, and in view of recent cybersecurity events, its meaning is very important when it comes to defending against ransomware attacks. As threat actors work together to provide ransomware-as-a-service, defender
Publish At:2021-04-16 08:36 | Read:93 | Comments:0 | Tags:Risk Management Security Services Advanced Attacks Data Prot

Why Security Pros Can’t Ignore Big Data Monopolies

The rise of the cloud didn’t free us from concerns over who stores our data. Where matters, and major cloud providers and big data monopolies host a huge percentage of the world’s data. Thousands of organizations that store and manage personal, business and government data use big-name cloud providers. Smartphone platform companies house an
Publish At:2021-04-15 13:01 | Read:113 | Comments:0 | Tags:Data Protection Risk Management Big Data Big Data Security D

Don’t Stop At ‘Delete:’ How Privacy Needs Are Shaping Data Destruction

It’s just part of the job: at some point in a device’s lifecycle, data must be destroyed. While deleting files may mean users and apps can’t access them, simple deletion isn’t enough to truly destroy the data. To be most effective, secure data destruction has to be complete. This is especially true when your organization needs to sta
Publish At:2021-04-14 17:26 | Read:114 | Comments:0 | Tags:Data Protection Compliance Data Data Privacy Privacy

Protecting Your Electronic Health Records (EHR) With Continuous Monitoring

After a year of lockdown, or nearly full lockdown, due to the ongoing health crisis, we learned a lot from how our organizations responded when we all had to change our work habits to a home-office setup. Many companies that had only a casual relationship with Virtual Private Network (VPN) technology had to quickly reach expert-level proficiency in how to co
Publish At:2021-04-14 01:37 | Read:101 | Comments:0 | Tags:Healthcare data protection EHR Remote working

Google Patches More Under-Attack Chome Zero-days

Google’s problems with in-the-wild Chrome browser zero-days appear to be multiplying by the month.The latest confirmation of this appears today with a new Chrome point-update to patch a pair of security vulnerabilities affecting Windows, MacOS and Linux users. Google said it was aware of reports that both of these vulnerabilities - CVE-2021-21206 and CVE-202
Publish At:2021-04-13 20:45 | Read:132 | Comments:0 | Tags:Disaster Recovery NEWS & INDUSTRY Incident Response Iden

MS Patch Tuesday: NSA Reports New Critical Exchange Flaws

Just weeks after a wave of major in-the-wild zero-day attacks against Exchange Server installations globally, Microsoft is raising a fresh alarm for four new critical security flaws that expose businesses to remote code execution attacks.The four new Exchange Server vulnerabilities were fixed as part of this month’s Patch Tuesday bundle and because of the se
Publish At:2021-04-13 16:50 | Read:142 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Priva

Wake Me Up Before You Know Know … About the Latest Third-Party Data Breach

“It has gotten to the point, unfortunately, where they are so frequent and common these days, that it’s like, here we go again,” Christopher Sitter says when I asked him about the prospect of a third-party data breach. Sitter is the senior director of information security at Juniper Networks. He manages all things incident response-re
Publish At:2021-04-13 10:06 | Read:207 | Comments:0 | Tags:Security Intelligence & Analytics Data Protection Security S

Joker Android Trojan Lands in Huawei AppGallery App Store

Ten variants of the Joker Android Trojan managed to slip into the Huawei AppGallery app store and were downloaded by more than 538,000 users, according to new data from Russian anti-malware vendor Doctor Web.Also known as Bread, the Joker Trojan was first observed in 2017 when it was originally focused on SMS fraud. Last year, the malware was observed perfor
Publish At:2021-04-12 21:15 | Read:105 | Comments:0 | Tags:Disaster Recovery Endpoint Security Mobile Security Network

The VC View: Data Security - Deciphering a Misunderstood Category

I’m both excited and concerned to write about data security as one of the hot trends to monitor in 2021. Data security is a tough topic to summarize and I’d argue it may be the most misunderstood category in security right now. We’re a raw industry that has been shaken up multiple times for years. We’ve gotten micro-services, Agile software development, publ
Publish At:2021-04-12 13:25 | Read:85 | Comments:0 | Tags:INDUSTRY INSIGHTS Data Protection security

Unearthing the 'Attackability' of Vulnerabilities that Attract Hackers

Vulnerability management is largely about patch management: finding, triaging and patching the most critical vulnerabilities in your environment. Each aspect of this process presents its own problems. In 2020, more than 17,000 vulnerabilities were reported to NIST, and more than 4,000 of these were high priority. Knowing which of these affect you, where
Publish At:2021-04-12 13:25 | Read:78 | Comments:0 | Tags:Disaster Recovery Endpoint Security Network Security NEWS &a

Is it Real or not? How to Spot phishing Emails

Is it Real or not? How to Spot phishing Emails April 12th, 2021 No Comments anti-phishing, Data Privacy, Data Protection, Online Privacy, Online Safety, PC security, Phishing Protection It has become virtually impossible to distinguish nowadays betw
Publish At:2021-04-12 13:20 | Read:206 | Comments:0 | Tags:anti-phishing Data Privacy Data Protection Online Privacy On

CISA Releases Tool to Detect Microsoft 365 Compromise

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has released a new tool to help with the detection of potential compromise within Microsoft Azure and Microsoft 365 environments.Dubbed Aviary, the new tool is a dashboard that makes it easy to visualize and analyze output from Sparrow, the compromise detection
Publish At:2021-04-09 14:58 | Read:70 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

New Ransomware Threats Are Getting Bolder: How to Rewrite the Script

Greater exposure is both good news and bad news when it comes to new ransomware threats. While ransomware attacks themselves are never good news, it is a positive sign that these attacks are receiving more media attention, such as the attack on an entire hospital chain, an attack on a Las Vegas school district and even an attack on a coffee machine.&nb
Publish At:2021-04-09 12:10 | Read:123 | Comments:0 | Tags:Data Protection Security Services Threat Research Ransomware

How Vulnerability Management Can Stop a Data Breach

Vulnerability management may not be the sexiest topic. But, while buzzier topics are certainly important, vulnerability management may just be the key to an effective data security strategy. According to a Ponemon Institute report, 42% of nearly 2,000 surveyed IT and security workers indicated that they had suffered a data breach in the last two years that
Publish At:2021-04-08 14:55 | Read:180 | Comments:0 | Tags:Data Protection Security Intelligence & Analytics Security S

What Does Modern Even Mean? How to Evaluate Data Security Solutions for the Hybrid Cloud and Beyond

There is a lot of talk about ‘modern’ data security. Organizations want a data security strategy that aligns with a digitally transformative vision. Tech can sometimes drown in buzzwords. What do modernization and vision actually refer to? And what do modern data security solutions really require?  Both terms refer to end-to-end data s
Publish At:2021-04-07 17:16 | Read:152 | Comments:0 | Tags:Security Intelligence & Analytics Data Protection Security S