Cybercriminals enhance tactics to exploit zero-day flaws
HP Wolf Security caught exploits of the zero-day CVE-2021-40444 a remote code execution vulnerability in the MSHTML browser engine that can be triggered by opening a malicious Microsoft Office document.
The flaw was caught a week before a patch was released for it. The latest HP Wolf Security Th...
Enterprises rush to adopt zero trust security
In 2021 zero-trust security is the protocol many organizations are using to mitigate the effects of ransomware, breaches, and supply chain attacks. Zero trust is a security initiative that aims to prevent successful breaches by eliminating the concept of trust from an organization's network.
The...
Forcepoint acquires Bitglass to bolster its SASE platform
Forcepoint announced it has agreed to acquire Bitglass, a cloud security startup. The move is intended to speed up the platform security vendor’s ability to provide advanced data security and threat protection technologies for organizations to deploy and use.
Forcepoint announced the intention...
Google plans to turn on 2FA by default for 150M users
In May, Google announced that it plans to enable 2FA (two-factor authentication/two-step verification) by default to enhance security for accounts. As it celebrates Cybersecurity Awareness Month, Google is once again reminding us that it will enable two-factor for 150 million more accounts by the e...
EU lawmaker says US tech giants should be regulated in the countries where they are based
US tech giants like Google, Facebook, Apple and Amazon should be regulated by the EU country they are based in, under proposed EU rules, according to top lawmakers. The stance pushes back efforts by some European countries to broaden the act’s reach.
We can only assume that the tech giants are...
Secureworks reveals Azure Active Directory flaw without a fix
Picture for a moment a scenario where you have as many attempts as you want to get a username and password right without getting caught. That is the kind of scenario threat actors look for, leaving admins with little to no visibility into the actions, let alone a way to stop them.
A newly discov...
Microsoft Security details BulletProofLink, a phishing-as-a-service provider
Microsoft announced they catched an extensive phishing-as-a-service operation providing various services to those who wish to start phishing campaigns. These campaigns send messages that fool people into responding and offer attackers ways of breaching systems. By monitoring their work Microsoft l...
Businesses opt for SASE and Zero Trust approaches for remote work security
Businesses have enabled their employees to work remotely since the start of the pandemic. Attention is moving to protect them from the surging cybersecurity threats. Of all the different ways to solve the problem, many organizations opt for zero trust strategies and SASE.
The confirmation for th...
Microsoft takes another big step towards going passwordless
Microsoft continues its relentless drive to get rid of passwords as sign-in options that enterprise customers use to access Azure Active Directory (AAD) and those consumers use to access Microsoft Accounts on Windows 10 and Windows 11 PCs.
Vasu Jakkal, Microsoft's corporate vice president of the...
WhatsApp to bring encrypted backups support for users later this year
WhatsApp announced it will offer its users end-to-end encrypted backups later this year. Users will be able to choose how the encryption key is stored. The simplest storage form is for users to store the random 64-digit key themselves just like how Signal handles backups.
The users would need to...
US and EU Transatlantic data transfer talks continue
Officials from the European Union and the United States are making progress to ensure that Transatlantic data flow continues. The negotiations are important to all companies which operate in the US and EU. Also big tech vendors have to deal with these regulations.
In a report by the Wall Street...
WhatsApp fined a record 225 million euros over 2018 privacy issue
Facebook's WhatsApp was fined a record $266 million by the Irish data protection regulator on Thursday after pressure from the EU privacy watchdog to raise the penalty for the company's breaches.
WhatsApp said the fine was too high and that it would appeal. The Irish fine is significantly less t...