Since the outbreak of Covid-19, many organisations have had to make a swift transition to remote working to ensure business continuity. What would typically take months of planning and preparation was implemented in a matter of days. The chaos that this created, combined with the already uncertain nature of life during a pandemic, had created the ideal environment for cybercriminals.
Permissions, access controls, user rights, or privileges define what an identity can see or do in an organization. These terms are often used interchangeably based on context, and essentially perform the same function—granting or denying access to the resources in an enterprise.
Hackers are once again finding unsecured MongoDB databases carelessly left exposed on the internet, wiping their contents, and leaving a ransom note demanding a cryptocurrency payment for the data’s safe return. As ZDNet reports, ransom notes have been left on almost 23,000 MongoDB databases that were let unprotected on the public internet without a password. Unsecured MongoDB databases being attacked by hackers is nothing new, of course.
In the world of vulnerabilities, we have seen a few interesting ones released in the last couple of weeks since our last Farsight risk-based vulnerability management blog in June, including some recently discovered by Palo Alto affecting D-Link Routers. Read on for more information on how to prioritize these vulnerabilities for patching to mitigate risk.
It’s soon time for Summer vacation to begin, and we’ve asked our colleagues to share some of their summer learning tips for better security awareness.
This blog was written by an independent guest blogger. Image Source In Part 1 of this series, we covered the first step to better cybersecurity in touchless business solutions, which is to practice extra caution in cashless payment solutions. We continue by discussing the second step to improve cybersecurity for touchless systems, which is to increase protocols for cybersecurity and data privacy.
Every year, thousands of new vulnerabilities are discovered, requiring organizations to patch operating systems (OS) and applications and reconfigure security settings throughout the entirety of their network environment. To proactively address vulnerabilities before they are utilized for a cyberattack, organizations serious about the security of their environment perform vulnerability management to provide the highest levels of security posture possible.
How much do you really know about your open source usage? Can you identify what open source components you’re using? How about which licenses are in play and whether you’re compliant? Do you have a good sense of how many open source security vulnerabilities are in your code base and how to remediate them? Chances are, if you’re like most organizations, you can’t answer all of these questions.
The sharp increase in online shopping since the start of the COVID-19 outbreak has led to a significant rise in cyber-attacks on ecommerce websites and apps, making it imperative for retailers to stay alert to the latest risks.
Each month, Reciprocity highlights companies that have earned compliance certifications for information security frameworks. Here’s our July 2020 roundup of compliance news from around the United States, and around the world.
