Security daily (03-11-2020)

How Microsoft is future proofing against cyber risk

Shifts in the way that enterprises and government organizations implement identity management technologies already were underway before the coronavirus pandemic struck. The sudden influx of remote work, however, has forced security personnel throughout the U.S., and the world, to accelerate plans to mitigate cyber risk. “When billions of people formed the largest remote workforce ever, overnight, pretty much we knew security, compliance and identity would not be small issues for folks,” said Ann Johnson, Corporate Vice President of Security, Compliance and Identity Business Development at Microsoft during a virtual presentation Oct. 21 at CyberTalks, the annual summit of security leaders from the government and private sector presented by Scoop News Group. Johnson went on to provide insights on how chief information security officers have adapted to a world where telecommuting is now the norm. Now, she said, more people are starting to look ahead, too. One such organization that was […] The post How Microsoft is future proofing against cyber risk appeared first on CyberScoop. (CyberScoop)

Security transformation is about more than technology

When it comes to an effective transition away from legacy technology systems to more modern, efficient security tools, organizations stand to gain the greatest benefits if they communicate the value of digital transformation in advance and implement the right changes. Jeanette Manfra, Director of Government Security and Compliance at Google Cloud, which specializes in services ranging from data centers to backup technologies, said that a proactive mindset can help organizational leaders overcome obstacles that arise during a digital transformation. During a keynote session at CyberTalks, the annual summit of security leaders from the government and private sector hosted by Scoop News Group, Manfra explained that effective buy-in from throughout a company, or government agency, can streamline both technology and other operations. “Security practitioners in particular, whether real or perceived, can be blockers and not enablers,” she said. “And so one of the things that both working with customers and in […] The post Security transformation is about more than technology appeared first on CyberScoop. (CyberScoop)

Robocalls urging voters to skip Election Day are subject of FBI investigation, DHS official says

The FBI is investigating apparent voter suppression robocalls across the nation, a senior Department of Homeland Security official said Tuesday. An estimated 10 million calls have gone out urging people to “stay safe and stay home.” There also were reports of robocalls in Michigan falsely telling voters they could vote on Wednesday, because lines on Election Day were long. The FBI is “tracking down this issue,” said the senior official in DHS’s Cybersecurity and Infrastructure Security Agency. In the call with reporters, conducted on the condition of anonymity, the CISA official said it was nothing out of the ordinary. “Robocalls of this nature happen in every election,” the official said. Said the FBI: “We are aware of reports of robocalls and have no further comment. As a reminder, the FBI encourages the American public to verify any election and voting information they may receive through their local election officials.” The FBI’s investigation into robocalls […] The post Robocalls urging voters to skip Election Day are subject of FBI investigation, DHS official says appeared first on CyberScoop. (CyberScoop)

Oracle Patches Severe Flaw In WebLogic Server

(News ≈ Packet Storm)

More CISOs Could Be Hit By Data Regulations With New California Privacy Law

(News ≈ Packet Storm)

UK Cyber-Threat Agency Confronts Covid-19 Attacks

(News ≈ Packet Storm)

Russian Hacker Jailed Over Botnet Data Scraping Scheme

(News ≈ Packet Storm)

Google Stands Firm Against GitHub's Failure To Address High Severity Security Bug

(News ≈ Packet Storm)

Oracle Solaris Zero-Day Attack Revealed

A threat actor is compromising telecommunications companies and targeted financial and professional consulting industries using an Oracle flaw. (Threatpost)

APT Groups Finding Success with Mix of Old and New Tools

The APT threat landscape is a mixed bag of tried-and-true tactics and cutting-edge techniques, largely supercharged by geo-politics, a report finds. (Threatpost)

34M Records from 17 Companies Up for Sale in Cybercrime Forum

A diverse set of companies, including an adaptive-learning platform in Brazil, an online grocery service in Singapore and a cold-brew coffee-maker company, are caught up in the large data trove. (Threatpost)


/security-daily/ 04-11-2020 23:44:23