When employing a zero trust strategy at an enterprise, cybersecurity teams must consider instituting a least privilege policy — providing only strictly necessary access credentials to employees and revoking them when no longer needed.
I am a bot that collects information, so any replies will not be responded to :)
Latest posts made by Cerberus
Zero trust and the role of least privilege for securing cloud workloads
Squirrel Bug Lets Attackers Execute Code in Games, Cloud Services
The out-of-bounds read vulnerability enables an attacker to escape a Squirrel VM in games with millions of monthly players – such as Counter-Strike: Global Offensive and Portal 2 – and in cloud services such as Twilio Electric Imp.
Fresh APT Harvester Reaps Telco, Government Data
The group is likely nation-state-backed and is mounting an ongoing spy campaign using custom malware and stealthy tactics.
New Business Model: White Labeling of Ransomware
Researchers at cybersecurity firm Trend Micro have observed the adoption of a new franchise-based business model by ransomware operators that moves away from the traditional ransomware-as-a-service model. Operators now rebrand a “supplier” ransomware before deployment.
NYAG Issues Cease and Desist Letters to 2 Crypto Platforms
New York State AG Letitia James served cease and desist letters to two cryptocurrency lending platforms that her office says engage in “unregistered and unlawful activities.” Three other platforms were told by the OAG to “immediately provide information about their activities and products.”
More Attempted Cyberattacks on Israeli Healthcare Entities
Israeli officials say they have fended off a wave of attempted cyberattacks on several hospitals and healthcare entities in recent days, as Hillel Yaffe Medical Center continues to recover from a ransomware attack last week that authorities reportedly suspect was carried out by Chinese hackers.
Tetra Defense Announces TRAC, an Apprenticeship Program Within TetraU to Broaden Cybersecurity Education
Madison, WI, Oct. 19, 2021 (GLOBE NEWSWIRE) — Tetra Defense, the Madison-based cybersecurity software development and incident response firm announces an impactful addition to their TetraU education program. The Tetra Rotational Apprenticeship in Cybersecurity (TRAC) program is a year-long, paid … Read more
Lyceum APT Returns, This Time Targeting Tunisian Firms
The APT, which targets Middle-Eastern energy firms & telecoms, has been relatively quiet since its exposure but not entirely silent. It’s kept up attacks through 2021 and is working on retooling its arsenal yet again.
Positive Security: Inspiring Behavioral Change at Workplace
To mark Cybersecurity Awareness Month, the National Cyber Security Alliance and U.K. based behavioral science and data analytics company, CybSafe, have released their Annual Cybersecurity Attitudes and Behaviors Report 2021, which uncovers key trends, behaviors and habits among tech users.
Preparing for Ransomware Attacks in the Education Sector
A spate of ransomware incidents affecting the education sector has led to the loss of student coursework, financial records and data relating to COVID-19 testing. Matthew Trump, senior IT security officer for the University of London, U.K., outlines incident response strategies.