Posts From Mo Moin

ISACA, the leading global association for IT audit, risk, governance and security professionals, and Infosecurity Group, Europe’s leading information security event, are partnering to produce the most progressive information security event in North America. To debut in New York City’s

The majority of financial firms rank cyber-resilience as their top concern, with people, visibility and third-party risk key challenges, according to the Financial Conduct Authority (FCA). The UK regulator’s latest report, Cyber and Technology Resilience: Themes from cross-sector survey 2017

Hotel chain Marriott has confirmed widespread reports of a significant data breach with the sensitive details of 500 million customers possibly compromised. In an online statement, the company said: “On September 8, 2018, Marriott received an alert from an internal

The MITRE Corporation’s ATT&CK framework has been used to evaluate the efficiency of several enterprise security products designed by several vendors. In April, MITRE announced a new service based on its ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework to

Microsoft has revealed the causes of a major global incident last week that led to large numbers of Azure, Office 365, Dynamics and other Microsoft users being unable to log-in to their services. The 14-hour outage affected Microsoft Azure AD

Almost a quarter of UK and German businesses (23%) believe the GDPR may have resulted in a greater risk of data breaches, six months after the legislation was introduced. The findings come from a new survey by Thales eSecurity which

As web applications mature and become more popular, organizations need to focus more on maintaining a positive security footprint around them. Traditionally, web application security was handled using a combination of the corporate firewall, authentication to an LDAP directory, and

Another massive data breach announcement has made headline, this time for healthcare and wellness program provider Atrium Health, formerly known as Carolinas HealthCare Systems, according to a joint announcement from Atrium Health and AccuDoc. After one of its third-party vendors,

Security researcher Jacob Burroughs (@maths22), discovered that Copay-related libraries were targeted by a hacker who gained legitimate access to a widely used JavaScript library, according to GitHub. The attacker was reportedly publishing rights to EventStream, the library loading the malicious

The next big challenge in cybersecurity will undoubtedly be to secure the billion-plus (and growing) internet-of-things (IoT) devices around the globe, which exponentially expand the attack vector across the increasingly interconnected IT sector. Based on statistics from Symantec, attacks that

DDoS attacks are bigger and more ferocious than ever and can strike anyone at any time. According to Verizon’s latest DDoS trends report, the first half of 2018 saw an increase of 111 percent in attack peak sizes, compared to

A new malspam campaign hit Italy in this days, threat actors are spreading a new variant of a powerful downloader named sLoad. sLoad is a sophisticated script, used in the past to deliver different types of malware such as the

When it comes to protecting your Slack messages, many companies are still flying blind. Slack has become the de facto corporate messaging app, with millions of users and a variety of third-party add-on bots and other apps that can extend

For several years now, it has been a widely accepted truth that a green padlock in a website’s URL indicated that the site was secure; however, Krebs on Security reported that “Half of All Phishing Sites Now Have the Padlock.”

One of the best ways for organizations to get an idea of their network vulnerabilities is to hire penetration testers to come in and perform real attacks against their network, only without the added malicious payloads that most attacks entail.

Ransomware attacks continue to threaten the healthcare industry, the last incident in order of time impacted the Ohio Hospital System. The ransomware attack infected computer systems at the East Ohio Regional Hospital and Ohio Valley Medical Center reportedly caused the