In their attempt to extort as much money as quickly as possible out of companies, ransomware gangs know some effective techniques to get the full attention of a firm’s management team. And one of them is to specifically target the sensitive information stored on the computers used by a company’s top executives, in the hope of finding valuable data that can best pressure bosses into approving the payment of a sizeable ransom.
Complying with Standards drawn by the Payment Card Industry Security Standards Council can be complicated and time-consuming. But, with a PCI DSS Gap Analysis, the process becomes a lot easier, streamlined, and less exhaustive. PCI Gap Analysis is the first step towards the Compliance process. The assessment provides details on your current security posture against what is expected and needs to be achieved by the organization.
Fraud rates for Unemployment Insurance Benefits (UIB) and Pandemic Unemployment Assistance (PUA) are out of control. In May 2020, Brian Krebs of Krebsonsecurity published two articles detailing fraud that was occurring in several different state’s UIB portals. These states had been warned by the US Secret Service to be on the lookout for this. Reading the articles, the common theme is that many states are missing rudimentary controls for combating fraud.
A popular joke among technologists says that it’s always DNS, even when it initially didn’t seem that way. DNS issues come in many shapes and forms, including some often-overlooked security issues. DNS (short for the Domain Name System) continues to be described as “the phonebook of the Internet,” but many people, including most readers of this blog, will be more familiar with the basic workings of DNS than with the outdated phenomenon of paper phonebooks.
Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. More than ever, now is the time for organizations to prioritize data security. This week we look at some data security trends that are shaping the industry today. Illustration by Balaji KR A recent study conducted by RiskBased Security has labeled 2020 the worst year for data security with a shocking 36 billion records compromised, twice the number from 2019.
2020 was a lot of things. Unexpected. Tough. Frightening. Frantic. It was also revealing. Most CIOs were asked to enable ways of working and doing business that they had not considered necessary before. Others had maybe always known such moves were wise, but had never been able to dedicate the time, resource or budget to such endeavours. Or, ironically, had never been able to prove the business case. Either way, too many were caught under-prepared.
We discussed in previous blogs the need for data protection for Kubernetes and what’s different about CloudCasa. CloudCasa was designed to address the gap in data protection and disaster recovery that exists in all the leading Kubernetes distributions and managed cloud services. Further, another pain point that CloudCasa addresses is that your cloud-based applications may well be hybrid and multi-cloud applications that use both container-based storage and serverless databases.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. The year kicks of with many strange events, and the continuing unraveling of the SolarWinds hack has moved on to other points in the supply chain. How far does this rabbit hole go?
