Tag: cybersecurity practices

  • Hacker News: US Antitrust Watchdog Launches Broad Microsoft Investigation

    Source URL: https://news.bloomberglaw.com/us-law-week/us-antitrust-watchdog-launches-broad-microsoft-investigation Source: Hacker News Title: US Antitrust Watchdog Launches Broad Microsoft Investigation Feedly Summary: Comments AI Summary and Description: Yes Summary: The US Federal Trade Commission (FTC) is investigating Microsoft for potential antitrust violations concerning its cloud computing, software licensing, and cybersecurity practices. This scrutiny arises from concerns about Microsoft’s market dominance and…

  • News: New SIRIUS report – accessing electronic evidence in 2024

    Source URL: https://www.europol.europa.eu/media-press/newsroom/news/new-sirius-report-–-accessing-electronic-evidence-in-2024 Source: News Title: New SIRIUS report – accessing electronic evidence in 2024 Feedly Summary: First presented at the SIRIUS Annual Conference to an audience of EU law enforcement and judicial authorities, policymakers, and representatives of service providers, the report reflects on the evolving legislative framework and the growing reliance on electronic data…

  • CSA: CSA Community Spotlight: Creating Globally-Recognized Cybersecurity Assessments with Willy Fabritius

    Source URL: https://cloudsecurityalliance.org/blog/2024/11/27/csa-community-spotlight-creating-globally-recognized-cybersecurity-assessments-with-willy-fabritius Source: CSA Title: CSA Community Spotlight: Creating Globally-Recognized Cybersecurity Assessments with Willy Fabritius Feedly Summary: AI Summary and Description: Yes Summary: The Cloud Security Alliance (CSA) is celebrating its 15-year anniversary, highlighting its critical role in cloud security innovations and standards. Through contributions from industry leaders, CSA has developed frameworks that address…

  • Krebs on Security: Hacker in Snowflake Extortions May Be a U.S. Soldier

    Source URL: https://krebsonsecurity.com/2024/11/hacker-in-snowflake-extortions-may-be-a-u-s-soldier/ Source: Krebs on Security Title: Hacker in Snowflake Extortions May Be a U.S. Soldier Feedly Summary: Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains…

  • Slashdot: US Senators Propose Law To Require Bare Minimum Security Standards

    Source URL: https://it.slashdot.org/story/24/11/26/1855253/us-senators-propose-law-to-require-bare-minimum-security-standards?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: US Senators Propose Law To Require Bare Minimum Security Standards Feedly Summary: AI Summary and Description: Yes Summary: The proposed Health Care Cybersecurity and Resiliency Act of 2024 emphasizes the importance of cybersecurity in the healthcare sector, mandating multifactor authentication and stronger incident reporting requirements. This legislation reflects a…

  • The Register: Supply chain management vendor Blue Yonder succumbs to ransomware

    Source URL: https://www.theregister.com/2024/11/26/blue_yonder_ransomware/ Source: The Register Title: Supply chain management vendor Blue Yonder succumbs to ransomware Feedly Summary: And it looks like major UK retailers that rely on it are feeling the pinch US-based supply chain SaaS vendor Blue Yonder has revealed a service disruption caused by ransomware, and its customers are reportedly struggling to…

  • Alerts: CISA Adds Three Known Exploited Vulnerabilities to Catalog

    Source URL: https://www.cisa.gov/news-events/alerts/2024/11/21/cisa-adds-three-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Three Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-44308 Apple Multiple Products Code Execution Vulnerability CVE-2024-44309 Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability CVE-2024-21287 Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability…

  • Alerts: 2024 CWE Top 25 Most Dangerous Software Weaknesses

    Source URL: https://www.cisa.gov/news-events/alerts/2024/11/20/2024-cwe-top-25-most-dangerous-software-weaknesses Source: Alerts Title: 2024 CWE Top 25 Most Dangerous Software Weaknesses Feedly Summary: The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Homeland Security Systems Engineering and Development Institute (HSSEDI), operated by MITRE, has released the 2024 CWE Top 25 Most Dangerous Software Weaknesses. This annual list identifies the most critical…

  • The Register: America’s drinking water systems have a hard-to-swallow cybersecurity problem

    Source URL: https://www.theregister.com/2024/11/19/us_drinking_water_systems_cybersecurity/ Source: The Register Title: America’s drinking water systems have a hard-to-swallow cybersecurity problem Feedly Summary: More than 100 million rely on systems rife with vulnerabilities, says EPA OIG Nearly a third of US residents are served by drinking water systems with cybersecurity shortcomings, the Environmental Protection Agency’s Office of Inspector General found…