Software as a Service (SaaS) is everywhere, and its use in work environments presents cybersecurity risks to organizations. Identify the top risks of SaaS and how to manage them to maintain business resilience.
The Workplace Violence Prevention for Health Care and Social Service Workers Act has been introduced in the Senate. The bill would require healthcare organizations to develop a detailed workplace violence prevention plan for their employees.
TA578 Using Thread-Hijacked Emails to Push ISO Files for Bumblebee Malware
https://isc.sans.edu/forums/diary/TA578+using+threadhijacked+emails+to+push+ISO+files+for+Bumblebee+malware/28636/
Google Drive Emerges as Top App for Malware Downloads
https://www.helpnetsecurity.com/2022/05/11/malicious-pdf-search-engines/
Vanity URL Abuse
https://www.varonis.com/blog/url-spoofing
npm Supply Chain Attack Turns Out to be Part of Penetration Test
https://jfrog.com/blog/npm-supply-chain-attack-targets-german-based-companies/
William MacMillan has joined Salesforce as SVP, Security Product and Program Management, BISO, and Acquisition Integration.
Network detection and response (NDR) solutions are the balance that security teams need to fight nation-state cybersecurity threats and zero-day attacks.
Microsoft May 2022 Patch Tuesday
https://isc.sans.edu/forums/diary/Microsoft+May+2022+Patch+Tuesday/28632/
Adobe Updates
https://helpx.adobe.com/security/security-bulletin.html
npm “foreach” package domain takeover
https://www.theregister.com/2022/05/10/security_npm_email/
Spend five minutes with Security magazine as we sit down with corporate security executive J.T. Mendoza as he defines workplace violence and what it means to the enterprise.
Wendy Hans, Director of Fraud and Loss Control for AMC Theatres, has been appointed President of the Restaurant Loss Prevention & Security Association (RLPSA).
Octopus Backdoor is Back with a New Embedded Obfuscated Bat File
https://isc.sans.edu/forums/diary/Octopus+Backdoor+is+Back+with+a+New+Embedded+Obfuscated+Bat+File/28628/#comments
CVE-2022-1388 (BIG-IP) Exploits
https://twitter.com/sans_isc/status/1523741896707043328
https://github.com/horizon3ai/CVE-2022-1388
Trend Micro False Positive Aftermath
https://success.trendmicro.com/dcx/s/solution/000290966?language=en_US
Microsoft Azure
https://orca.security/resources/blog/azure-synapse-analytics-security-advisory/
https://msrc-blog.microsoft.com/2022/05/09/vulnerability-mitigated-in-the-third-party-data-connector-used-in-azure-synapse-pipelines-and-azure-data-factory-cve-2022-29972/
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
PHPSESSID | session | This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed. |
pmpro_visit | session | The cookie is set by PaidMembership Pro plugin. The cookie is used to manage user memberships. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |