Read Time:6 Second
FEDORA-EPEL-2022-85bd5fc48f
Packages in this update:
rsh-0.17-94.el8
Update description:
Security fix for CVE-2019-7282
rsh-0.17-101.fc36
Read Time:6 Second
FEDORA-2022-dd808b5a2c
Packages in this update:
rsh-0.17-101.fc36
Update description:
Security fix for CVE-2019-7282
rsh-0.17-100.fc35
Read Time:6 Second
FEDORA-2022-82a6236ac7
Packages in this update:
rsh-0.17-100.fc35
Update description:
Security fix for CVE-2019-7282
rsh-0.17-98.fc34
Read Time:6 Second
FEDORA-2022-6748ae617b
Packages in this update:
rsh-0.17-98.fc34
Update description:
Security fix for CVE-2019-7282
AvosLocker Ransomware Striking Critical Infrastructure Targets
NFT Fraud in the UK Soars 400% in 2021
Over 40,000 London Voters Have Data Leaked to Strangers
Hackers demand $15 million ransom from TransUnion after cracking “password” password
Read Time:12 Second
International credit bureau TransUnion says that hackers managed to breach a server operated by its South African division, and gained access to the personal information of individuals.
Read more in my article on the Hot for Security blog.
6 questions CISOs should ask if their cybersecurity vendor is acquired
Read Time:47 Second
The sharp increase in funding and mergers-and-acquisition (M&A) activity in the cybersecurity industry over the last year has brought into focus the challenges that organizations can run into when their vendor is acquired by or merges with another company. Specialized, pure-play security companies are being bought by bigger and more generalized technology vendors or by private firms seeking to cash in on the cybersecurity boom.
Data that S&P Global Market Intelligence compiled last November showed there were 151 M&A cybersecurity deals in the first three quarters of 2021 alone compared to 94 over the same period in 2020, 88 in 2019, and 80 in 2018. Many companies secured massive venture capital (VC) investments from private equity firms. Some were acquired outright by these firms. VC firms poured nearly $22 billion into cybersecurity firms last year, which was a record.
8 IT security disasters: Lessons from cautionary examples
Read Time:1 Minute, 0 Second
Anyone who follows cybersecurity is aware of the steady drumbeat of data breaches and attacks. So, an attack needs to really stand out to earn the name “disaster.”
We’ve assembled eight truly disastrous IT security failures over the past decade, with the goal of finding not just clever hacks, but real mistakes on the part of the victims. Hopefully you’ll come away with some ideas on how not to suffer a disaster of your own.
[ Learn 8 pitfalls that undermine security program success and 12 tips for effectively presenting cybersecurity to the board. | Sign up for CSO newsletters. ]
2012: Court Ventures gets social-engineered
Hieu Minh Ngo proved that you don’t need a lot of technical know-how to breach the security of an important data broker and get access to a lot of people’s private information. Sometimes all it takes is some brazen misrepresentation and social engineering skills. While still in his early 20s, Ngo convinced Court Ventures, a data broker later purchased by Experian, that he was a private investigator in Singapore. He then purchased personally identifying information (PII) from Court Ventures as part of his “work.”