Incident Response

Interpol Operation Synergia ransomware phishing

Interpol, African Nations Arrest 1,006 in Sweeping ‘Operation Serengeti’

Jeffrey Burt | November 27, 2024 | Africa Cybersecurity, Interpol, online scams, Ransomware

Interpol led 19 African countries in a massive anti-cybercriminal effort dubbed "Operation Serengeti" that shut down a range of scams and attacks that bled $193 million from 35,000 victims. More than 1,000 ...

Security Boulevard

supply, chain, Blue Yonder, secure, Checkmarx Abnormal Security cyberattack supply chain cybersecurity

Supply Chain Ransomware Attack Hits Starbucks, UK Grocers

Jeffrey Burt | November 26, 2024 | Ransomware, software supply chain attack, Starbucks

Coffee store giant Starbucks was among other organizations affected by a ransomware attack this month on cloud managed service provider Blue Yonder, a Panasonic subsidiary that has more than 3,000 customers. Two ...

Security Boulevard

Three tiny people cleaning the inside of a hard drive

QNAP’s Buggy Security Fix Causes Chaos

Richi Jennings | November 26, 2024 | automatic updates, data storage, firmware, firmware patch, firmware security, firmware update, Firmware Updates, hard disk drive, hard drive, NAS, os security updates, QNAP, QTS, RAID, Release Management, SB Blogwatch, security update, storage

RAID FAIL: NAS Maker does a CrowdStrike—cleanup on /dev/dsk/c1t2d3s4 please ...

Security Boulevard

Huge Leak of Customer Data Includes Military Personnel Info

Jeffrey Burt | November 25, 2024 | china, elasticsearch, enamelpins, leaked data, Phishing

EnamelPins, which manufactures and sells medals, pins, and other emblematic accessories, for months left open an Elasticsearch instance that exposed 300,000 customer emails, including 2,500 from military and government personnel. The company, ...

Security Boulevard

China, threats, scams, CISA TP-Link Volt Typhoon Salt Typhoon

The Cyberthreats from China are Ongoing: U.S. Officials

Jeffrey Burt | November 25, 2024 | china espionage, Salt Typhoon cyberattack, Telecom Networks, Volt Typhoon

U.S. officials are pushing back at the ongoing threats posted by Chinese state-sponsored hackers like Volt Typhoon and Salt Typhoon, which have infiltrated critical infrastructure organizations to steal information and preposition themselves ...

Security Boulevard

Here’s Yet Another D-Link RCE That Won’t be Fixed

Richi Jennings | November 21, 2024 | D-Link, D-Link Corporation, D-Link vulnerability, D-Link zero day, Internet of things, Internet of Things (IoT), Internet of Things (IoT) Security, Internet of Things cyber security, iot, SB Blogwatch

D-Licious: Stubborn network device maker digs in heels and tells you to buy new gear ...

Security Boulevard

Microsoft Veeps Ignite Fire Under CrowdStrike

Richi Jennings | November 20, 2024 | CrowdStrike, CrowdStrike Falcon, CrowdStrike incident;, crowdstrike updates, David Weston, ignite, Microsoft, Microsoft security, Microsoft Virus Initiative, Microsoft Windows, Quick Machine Recovery, rust, Safe Deployment Practices, SB Blogwatch, Windows, Windows security

BSODs begone! Redmond business leaders line up to say what’s new in Windows security ...

Security Boulevard

EPA IG Office: ‘High-Risk’ Security Flaws in Hundreds of Water Systems

Jeffrey Burt | November 19, 2024 | cyber attack on critical infrastructure, EPA, public water systems, Vulnerabilities

The watchdog for the EPA found that, of 1,062 U.S. drinking water systems it assessed, 97 had "critical" or "high-risk" security flaws and another 211 had less dangerous vulnerabilities, risking threats from ...

Security Boulevard

Director of the Cybersecurity and Infrastructure Security Agency, Jen Easterly

CISA Director Easterly to Leave When Trump Assumes Presidency

Jeffrey Burt | November 19, 2024 | cisa, Cybersecurity, Donald Trump, Jen Easterly, secure by design

Jen Easterly, who took over as CISA director in 2021, will step down in January when Donald Trump takes over as president, creating an uncertain future for the critical cybersecurity agency and ...

Security Boulevard

A chart from D3 Security's 2024 MSSP Survey for the question - Which is the primary tool your organization uses for automation?

Is SOAR Obsolete?

Walker Banerd | November 14, 2024 | Incident Response, Industry, Security Automation, security orchestration, Smart SOAR, SOAR

Let’s look at the factors behind the push to declare the end of SOAR, consider their merits, and determine whether or not SOAR is obsolete. The post Is SOAR Obsolete? appeared first ...

D3 Security