Magánszemélyeknek

Post-SolarWinds, it's no longer enough for chief information security officers to remain compliant and call it a day.

By combining the strengths of the fraud and security teams, companies can get the visibility – and context – they need to keep their users, customers, and business partners safe.

Security should not be treated as one-size-fits all, and that is doubly true when it comes to security awareness education. Training should be customized by age, learning styles, and preferred media if it is to be effective.

Ransomware attack hits Veolia North America Major global water and wastewater system operator Veolia had some of its internal back-end systems at its North America Municipal Water division impacted by a ransomware attack last week, resulting in the exfiltration of data from several individuals, reports The Record, a news site by cybersecurity firm Recorded Future.

Global attacks targeting Ivanti Connect Secure VPN appliances vulnerable to both CVE-2023-46805 and CVE-2024-21887, have been underway, with 492 of 26,000 internet-exposed devices being compromised with backdoors, reports Ars Technica. The U.S. accounted for the most number of impacted VPNs, with Germany, South Korea, China, and Japan having the next largest number of compromised devices, a report from Censys showed. Most of the infected VPNs were discovered to be hosted by Microsoft's customer cloud service. The findings also showed a credential theft backdoor among 412 hosts. "Additionally, we found 22 distinct 'variants' (or unique callback methods), which could indicate multiple attackers or a single attacker evolving their tactics," said researchers.