Oracle Expands Cloud Security Services at OpenWorld 2019

The company broadens its portfolio with new services developed to centralize and automate cloud security. Oracle today announced new cloud security services at its annual OpenWorld conference, held this week in San Francisco. The latest additions to its portfolio are intended to eliminate some of the complexity in configuring cloud security and automate certain cloud security processes. New services include Oracle Data Safe, Oracle Cloud Guard, and Oracle Maximum Security…

September 17, 2019
Read More >>

US Turning Up the Heat on North Korea’s Cyber Threat Operations

Sanctions on North Korean nation-state hacking groups came amid reports of fresh malicious campaigns directed at US entities from the isolated nation. The US government’s move last Friday to slap sanctions on three North Korean cyber threat groups is being viewed by some security experts as a necessary but likely futile attempt to slow down state-sponsored hacking activity in that country. The sanctions came amid reports of fresh threat activity targeted…

September 17, 2019
Read More >>

How a PIA Can CYA

More than a compliance mandate, privacy impact assessments can also spot risks early in the product development cycle. Privacy impact assessments (PIAs) purport to examine privacy protections, but they serendipitously turn up deeper insights into an organization’s risk exposure, improving governance and the organization’s overall security posture, experts say. More than a diagnostic tool or compliance checklist, PIAs are essentially templated questionnaires that help organizations identify their privacy risks are…

September 16, 2019
Read More >>

Court Rules In Favor of Firm ‘Scraping’ Public Data

US appeals court said a company can legally use publicly available LinkedIn account information. If you make data public online, can someone be prevented from using it? HiQ Labs (a data analytics company) said “no,” LinkedIn said “yes,” and now a federal court has agreed with HiQ in the latest courtroom round of a case that could have significant implications for securing enterprise data. HiQ Labs scrapes information from LinkedIn…

September 16, 2019
Read More >>

Preventing PTSD and Burnout for Cybersecurity Professionals

The safety of our digital lives is at stake, and we need to all do our part in raising awareness of these issues. June — Post-Traumatic Stress Disorder (PTSD) Awareness Month — has come and gone, but mental health is a topic that needs to be continuously talked about throughout the year. The condition is often associated by the public with veterans and first responders, but it can afflict someone from any…

September 16, 2019
Read More >>

Malware Linked to Ryuk Targets Financial & Military Data

A newly discovered campaign, packing traces of Ryuk ransomware, aims to steal confidential information. New malware bearing similarities to Ryuk ransomware has been discovered in a campaign attempting to steal files containing confidential military, financial, and law enforcement data. This campaign, which was detected by the MalwareHunterTeam, does not encrypt the target’s data and demand a ransom as Ryuk normally does. Instead, it searches victims’ computers for sensitive files, steals…

September 13, 2019
Read More >>

US Sanctions 3 Cyber Attack Groups Tied to DPRK

Lazarus Group, Bluenoroff, and Andariel were named and sanctioned by the US Treasury for ongoing attacks on financial systems. Today, three North Korean state-sponsored malicious cyber groups were sanctioned by the U.S. government for their role in North Korea’s malicious cyber activity on critical infrastructure. Lazarus Group, Bluenoroff, and Andariel were identified as “agencies, instrumentalities, or controlled entities of the Government of North Korea” by the U.S. Department of the…

September 13, 2019
Read More >>

US Sanctions 3 Cyberattack Groups Tied to DPRK

Lazarus Group, Bluenoroff, and Andariel were named and sanctioned by the US Treasury for ongoing attacks on financial systems. Today, three North Korean state-sponsored malicious cyber groups were sanctioned by the U.S. government for their role in North Korea’s malicious cyber activity on critical infrastructure. Lazarus Group, Bluenoroff, and Andariel were identified as “agencies, instrumentalities, or controlled entities of the Government of North Korea” by the U.S. Department of the…

September 13, 2019
Read More >>

6 Questions to Ask Once You’ve Learned of a Breach

With GDPR enacted and the California Consumer Privacy Act on the near horizon, companies have to sharpen up their responses. Start by asking these six questions. 1 of 7   Companies don’t have the luxury of waiting days and even weeks before they report a data breach to the public. Many global firms do business overseas and are subject to GDPR, and California’s data privacy law goes into effect Jan….

September 13, 2019
Read More >>

No Quick Fix for Security-Worker Shortfall

Security professionals see acquiring skills as the way forward, but only half of companies are training their workers, with more continuing to search for highly skilled employees. Although companies realize that skilled security professionals are difficult to hire, they continue to focus on increasing head count rather than training their current employees, according to a survey conducted by the 451 Group. Yet, offering an opportunity for employees to learn new…

September 13, 2019
Read More >>