Phishers leveraged fake automated messages from collaborative platform Sharepoint as a means to target users’ Office 365 credentials. Abnormal Security found that the phishing campaign began with an attack email that appeared to be an automated message from Sharepoint. To add legitimacy to this ruse, the attackers used spoofing techniques to disguise the sender as Sharepoint. They also didn’t address the email to a single employee but included multiple mentions of the targeted company.

The COVID-19 pandemic revealed flaws in the American healthcare system that were always there. The only difference now is that those flaws have been brought to light. In the wake of the pandemic, a new host of cyberattacks occurred within the healthcare sector. Malicious hackers aimed to take advantage of the crisis with a combination of misinformation campaigns and ransomware.

In the world of CVEs, we have seen a few interesting ones released in the last couple of weeks since our last risk based vulnerability management blog, including the recent big news SIGRed. Read on for more information on how to prioritize these vulnerabilities for patching to mitigate risk.

Leonid Sandler, Co-Founder and CTO of Cyber Armor, set for an interview with Safety Detective’s Aviva Zacks on the inspiration behind the company.

In March 2020, Redscan sent Freedom of Information (FOI) requests to 134 universities across the UK. The aim was to understand more about the frequency of data breaches in the sector and some of the steps institutions are taking to prevent them. The focus on universities was due to the integral role these organisations play in conducting world-changing research and shaping the skills and knowledge of the workforce. The results of the FOI request are available to download in a short report.

Compliance with the Sarbanes-Oxley Act of 2002 is a legally mandated must for all U.S. public companies and some other entities, as well. But meeting the requirements of this important law can be incredibly difficult. Preparing for a SOX compliance audit requires so much work that companies often designate entire teams full-time to the task. The law is that complex.

Focusing on these five essential workflows for secure DevOps will help you get started implementing monitoring, security, and compliance for containers and Kubernetes. You might be starting to adopt DevOps and find that it dramatically simplifies deploying applications in containers and Kubernetes. However, you probably also found that it adds a new set of complexities for managing, securing, and troubleshooting applications.

Today, we are excited to announce a faster onboarding for Kubernetes visibility and security. With the SaaS-first approach and new enhancements to the Sysdig Secure DevOps Platform, you can get results after just a five-minute setup. This release includes a new guided onboarding process, out-of-the-box dashboards as part of curated essential workflows, and a new Sysdig Essentials tier. 5 minutes to onboard secure DevOps - YouTube An error occurred.

Someone in my Twitter timeline wrote a post that resonated with me. Instead of advocating the idea of our firms mandating what we can and cannot do in our homes as working from home (WFH) standards, she said how gracious it was for us to let the firms into our home environments where we had already made investments in how and where we wanted to work in our personal space. So much of what we do daily in our personal ecosphere requires authentication.