News
-
Cr8escape: How Tenable Can Help (CVE-2022-0811)
CrowdStrike discloses container escape vulnerability affecting CRI-O for Kubernetes. Here’s how Tenable.cs can help you detect vulnerable pods. Background On March 15, CrowdStrike published technical details and a proof-of-concept for CVE-2022-0811, a vulnerability they have named cr8escape, in the CRI-O Container Engine for Kubernetes. CRI-O is an open source container runtime engine that is used…
-
Personal Data of 620 FSB Officers Published Online
Ukrainian Directorate of Intelligence shares personal data of Russian agents Read More
-
Yandex is Sending iOS Users’ Data to Russia
Researcher claims Russian tech company is sending data harvested from iOS app users to Russia Read More
-
82% of Public Sector Applications Contain Security Flaws
The researchers also found the public sector takes twice as long to fix flaws once detected compared to other industries Read More
-
Dental Practice Fined for Sharing Patient Data on Social Media
OCR fines dental practice $50K for disclosing PHI of patient who posted a negative review online Read More
-
How to evaluate SOC-as-a-service providers
If you don’t currently have your own security operations center (SOC), you have two ways to get one: Build your own or use some managed collection of services. In past years the two paths were distinct, and it was relatively easy to make the call based on staffing costs and skills. Now, the SOC-as-a-service (SOCaaS)…
-
Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”
There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while claiming the information…
-
Nebulon time jumps ransomware recovery through smart-infra hack
Nebulon has launched TimeJump, a ransomware recovery tool designed to restore a system in minutes after a breach. TimeJump is designed to reduce the time taken by enterprises and service providers to respond to a ransomware attack, bringing critical application infrastructure back online in minutes. Founded in San Francisco in 2018 by four ex-HPE executives,…
-
Ukraine Suffers Significant Internet Disruption Following Cyber-Attack
The attack led to the “most severe” disruption to connectivity in Ukraine since the Russian invasion began Read More
-
A Detailed Look at the Conti Ransomware Gang
Based on two years of leaked messages, 60,000 in all: The Conti ransomware gang runs like any number of businesses around the world. It has multiple departments, from HR and administrators to coders and researchers. It has policies on how its hackers should process their code, and shares best practices to keep the group’s members…