Data discovery and classification are foundational for data security, data governance, and data protection. Go to Source Author: Todd Thiemann
Author Archives: Onsite Computing, Inc.
Hold on tight, folks, because last week’s cybersecurity landscape was a rollercoaster! We witnessed everything from North Korean hackers dangling “dream jobs” to expose a new malware, to a surprising twist in the Apple vs. NSO Group saga. Even the seemingly mundane world of domain names and cloud configurations had its share of drama. Let’s […]
Dell Technologies has allegedly suffered two data breaches since Thursday amounting to a breach of over 3.5GB of data belonging to at least 10,000 company employees. A hacker using the alias “grep” had claimed the first breach by posting a sample of the stolen dataset on BreachForums for free, offering a full release in exchange […]
Password resets can be frustrating for end users. Nobody likes being interrupted by the ‘time to change your password’ notification – and they like it even less when the new passwords they create are rejected by their organization’s password policy. IT teams share the pain, with resetting passwords via service desk tickets and support calls […]
A critical security flaw has been disclosed in the Microchip Advanced Software Framework (ASF) that, if successfully exploited, could lead to remote code execution. The vulnerability, tracked as CVE-2024-7490, carries a CVSS score of 9.5 out of a maximum of 10.0. It has been described as a stack-based overflow vulnerability in ASF’s implementation of the […]
Popular social messaging platform Discord has announced that it’s rolling out a new custom end-to-end encrypted (E2EE) protocol to secure audio and video calls. The protocol has been dubbed DAVE, short for Discord’s audio and video end-to-end encryption (“E2EE A/V”). As part of the change introduced last week, voice and video in DMs, Group DMs, […]
Becoming a first-time CISO can be overwhelming. From day one, these professionals, often external hires, must keep the organization secure while juggling a large set of challenges. On one hand, there’s the immediate pressure to defend against a growing array of cyber threats. On the other, there’s the need to navigate organizational dynamics, win over […]
Threat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign. PondRAT, according to new findings from Palo Alto Networks Unit 42, is assessed to be a lighter version of POOLRAT (aka SIMPLESEA), a known macOS […]
The state of AI legislation, rules, and regulations around the world is clear as mud. That’s not surprising, given that dozens, if not hundreds of governments are all trying to find their footing in the fastest-growing technological advancement around. The United States is pushing for an international consensus on AI the rules of the road, […]
A suspected advanced persistent threat (APT) originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific (APAC) region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools. The intrusion activity, which was detected by Trend Micro in July 2024, has been attributed to a threat actor […]