Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Urging taxpayers and tax professionals to be vigilant, the Internal Revenue Service (IRS) provides some simple guidance on how to spot new scams aimed at being able to file fake tax returns. Apparently, there are actually three certainties in life: death, taxes and scams revolving around taxes. This according to the IRS, as part of their annual Security Summit. As with any major event that has the attention of millions of people simultaneously, tax season is no exception.

This week, cybercriminals again targeted US medical records and patient identities. The attacks started with a 2.5 million record breach from Kentucky’s Norton Healthcare circuit, including data from pediatric patients. On the other side of the country, cybercriminals also targeted Oregon’s Neuro Center of the Cascades; the attack spilled over 20k records into the hands of criminals.

In the Valley of the Sun, Cardiovascular Consultants Ltd. (CVC) provides clinical, surgical, and consultation services; the Phoenix-based cardio group serves 11 of the region’s hospitals—offering a range of assistance for patients and physicians. In September, cybercriminals attacked CVC. The event may have exposed the information of thousands.

This month we have a number of new feature enhancements and product updates to share with you, including Dark Mode for Android, thoughtful setting enhancements across the Keeper vault and browser extension, as well as improvements to our AWS CLI credential process with Keeper’s Secrets Manager (KSM). Continue reading to learn more.

You can run a penetration test by following the five stages: preparation, reconnaissance, penetration, reporting and remediation. Penetration tests are important to help protect an organization from security breaches and data leaks. Cybercriminals are always looking for vulnerabilities within an organization’s system to steal their sensitive data. Penetration testing helps organizations identify security vulnerabilities to help prevent security breaches.

In the vast world of cybersecurity, as technologies evolve, so do the methods attackers employ to compromise systems. One such intriguing method that recently surfaced is MySQL servers, leveraging SQL commands to stealthily infiltrate, deploy, and activate malicious payloads. Let's delve deeper into the MySQL bot infection process and explore the intricacies of its operation.

Misconfigurations leave the door open to cybercriminals, which can lead to a range of serious problems, unauthorized access, loss of sensitive information, and disruption of services. In fact, many major data breaches are caused by misconfigurations. Alert to these dangers, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) recently released a joint advisory to warn about the most common cybersecurity misconfigurations in large organizations.