Sophos Workspace Protection Enables Secure SaaS App Control

The threat actors behind the RansomHub ransomware-as-a-service (RaaS) scheme have been observed leveraging now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to escalate privileges and gain unauthorized access to a victim network’s domain controller as part of their post-compromise strategy. “RansomHub has targeted over 600 organizations globally, spanning sectors

CISA and the FBI have updated their guidance regarding risky software security bad practices based on feedback received from the public. The post CISA, FBI Update Software Security Recommendations  appeared first on SecurityWeek.

Although some members of the public may not realize it, not all U.S. medical practices or practitioners are covered by HIPAA. But for entities that are regulated by HIPAA, HIPAA has some requirements for notifying patients about reportable breaches. The first thing to understand is that for regulated entities, a breach is considered “discovered” on…

Categories: Products & Services Tags: Workspace

Infrastructure Problems Blamed; Users Appear to Move to Similar FlowerStorm ServiceAs the end of the year approaches, it’s out with the old and in with the new as researchers report that Rockstar 2FA, which once facilitated prolific phishing-as-a-service hits, has crashed and burned, apparently leading many one-time users to move to rival FlowerStorm.

ABB has patched building control product vulnerabilities that can expose many facilities to remote attacks. The post Researcher Says ABB Building Control Products Affected by 1,000 Vulnerabilities appeared first on SecurityWeek.