Today’s organizations have the challenge of managing several different applications and software within their technology stack. The more public-facing platforms an organization utilizes, the greater their public attack surface risks. Without proper protection, they and their community can become an easy target for malicious actors.

Phishers leveraged fake automated messages from collaborative platform Sharepoint as a means to target users’ Office 365 credentials. Abnormal Security found that the phishing campaign began with an attack email that appeared to be an automated message from Sharepoint. To add legitimacy to this ruse, the attackers used spoofing techniques to disguise the sender as Sharepoint. They also didn’t address the email to a single employee but included multiple mentions of the targeted company.

The COVID-19 pandemic revealed flaws in the American healthcare system that were always there. The only difference now is that those flaws have been brought to light. In the wake of the pandemic, a new host of cyberattacks occurred within the healthcare sector. Malicious hackers aimed to take advantage of the crisis with a combination of misinformation campaigns and ransomware.

In the world of CVEs, we have seen a few interesting ones released in the last couple of weeks since our last risk based vulnerability management blog, including the recent big news SIGRed. Read on for more information on how to prioritize these vulnerabilities for patching to mitigate risk.

Leonid Sandler, Co-Founder and CTO of Cyber Armor, set for an interview with Safety Detective’s Aviva Zacks on the inspiration behind the company.

In March 2020, Redscan sent Freedom of Information (FOI) requests to 134 universities across the UK. The aim was to understand more about the frequency of data breaches in the sector and some of the steps institutions are taking to prevent them. The focus on universities was due to the integral role these organisations play in conducting world-changing research and shaping the skills and knowledge of the workforce. The results of the FOI request are available to download in a short report.

Compliance with the Sarbanes-Oxley Act of 2002 is a legally mandated must for all U.S. public companies and some other entities, as well. But meeting the requirements of this important law can be incredibly difficult. Preparing for a SOX compliance audit requires so much work that companies often designate entire teams full-time to the task. The law is that complex.