Play Ransomware Goes Commercial – Now Offered as a Service to Cybercriminals

November 21, 2023 at 09:00AM The ransomware strain Play is now available as a service for other threat actors, according to cybersecurity company Adlumin. Affiliates who purchase the ransomware follow step-by-step instructions from playbooks delivered with it, resulting in attacks with minimal variations. Play, also known as Balloonfly and PlayCrypt, has previously targeted networks through … Read more

Morgan Stanley Ordered to Pay $6.5 Million for Exposing Customer Information

November 20, 2023 at 09:33AM Morgan Stanley has reached a $6.5 million settlement for mishandling and disposing of hardware containing unencrypted personal information. The investigation revealed that the company did not properly erase the data when decommissioning old devices and failed to monitor the actions of a moving company it hired. The company was also … Read more

5 Steps to Assessing Risk Profiles of Third-Party SSE Platforms

November 20, 2023 at 07:45AM Shifting to a converged Secure Services Edge (SSE) model with a clear path to SASE improves cybersecurity, but it’s important to assess risk profiles before adopting SSE platforms. Factors to consider include certifications and compliance, reputation and history, data security measures, service-level agreements, and commitment to continuous improvement. By evaluating … Read more

Despite Hype, the Password-Free Workplace Is Still a Long Way Off

November 16, 2023 at 11:45AM Passwords are still relevant in the workplace, despite the security risks they pose. A survey by Delinea found that 53% of respondents acknowledged the slow transition towards passwordless technology. The majority of organizations are still years away from eliminating passwords entirely. Weak password hygiene continues to expose enterprise systems to … Read more

Samsung hit by new data breach impacting UK store customers

November 15, 2023 at 06:12PM Samsung Electronics has experienced a data breach in the UK, affecting customers who made purchases between July 2019 and June 2020. The breach was caused by a hacker exploiting a vulnerability in a third-party application used by the company. Customer names, phone numbers, addresses were exposed, but financial information and … Read more

ALTR Closes $25M Series C Financing

November 15, 2023 at 05:46PM ALTR Solutions, Inc. has closed its $25 million Series C Preferred financing to meet the growing demand for its SaaS-based data access governance and security solutions. The funding will be used to strengthen ALTR’s position in the cloud data access governance and security market, expand its footprint across data sources, … Read more

Data Security Firm ALTR Banks $25M Series C 

November 15, 2023 at 10:45AM Data security startup ALTR has raised $25 million in a Series C funding round led by John Stafford III. The funding will be used to expand ALTR’s market presence, enhance partner integrations, and develop channel relations. ALTR offers technology that helps with data access controls, data usage visibility, and data … Read more

Top 10 DevOps Blunders and How to Sidestep Them

November 13, 2023 at 12:13PM DevOps teams face common mistakes that can hinder their success. These include overplanning or underplanning, relying too heavily on tools, striving for perfection, neglecting security, not understanding the problem, bypassing code reviews and quality gates, logging blind spots, ignoring the artifact lifecycle, not keeping code versions, and sticking to legacy … Read more

2.2 Million Impacted by Data Breach at McLaren Health Care

November 13, 2023 at 08:21AM Michigan healthcare system McLaren Health Care is alerting approximately 2.2 million people about a data breach that occurred earlier this year. The breach, which was identified on August 22 and resolved the following day, resulted in unauthorized access to McLaren’s network from July 28 to August 23. The attackers gained … Read more

When traditional AV solutions are not enough

November 13, 2023 at 05:14AM BlackFog’s webinar discusses a new approach to stopping cyber criminals from exfiltrating data. Instead of targeting incoming traffic, they propose using on-device anti data exfiltration technology that leverages AI to limit unauthorized data transfer. Join the webinar on November 15th to learn how this technology can secure your devices and … Read more