BayPay Members Blogs

This additional resource is sponsored by The BayPay Forum.

macOS Crypto-Miner Emulates Linux

view counter
New crypto-currency mining malware is targeting systems running macOS, and works by emulating Linux, Malwarebytes security researchers have discovered. Detected as Bird Miner, the threat spreads via a cracked installer for...
Continue reading
  0 Comments
0 Comments

Millions of Devices Exposed to Attacks Due to Flaw in PC-Doctor Software

view counter
More than 100 million computers from Dell and other vendors may have been exposed to hacker attacks due to a serious vulnerability in software made by hardware diagnostic tools provider PC-Doctor....
Continue reading
  0 Comments
0 Comments

Massive Data Breach at Canada Credit Union Giant Desjardins

view counter
Canada's Desjardins credit union announced Thursday that the personal banking information of 2.9 million customers had been stolen by an employee and distributed to outside parties. The nation's largest credit union...
Continue reading
  0 Comments
0 Comments

UK Regulator Calls Out Compliance Failures in Targeted Advertising Industry

view counter
The UK regulator for data protection and privacy (the Information Commissioner's Office -- ICO) has published a report on its ongoing investigation into the adtech and real-time bidding (RTB) industries. This...
Continue reading
  0 Comments
0 Comments

Phishing Campaign Impersonates DHS Alerts

view counter
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert on a phishing campaign using attachments that impersonate the Department of Homeland Security (DHS).  In an effort to make their...
Continue reading
  0 Comments
0 Comments

Cloud Data Protection Firm Druva Raises $130 Million

view counter
Cloud data protection and management provider Druva on Thursday announced $130 million in new funding, which brings the total raised by the company to date to $328 million.  The Sunnyvale, California-based...
Continue reading
  0 Comments
0 Comments

Mozilla Patches Second Firefox Zero-Day Used in Cryptocurrency Attacks

view counter
Mozilla on Thursday patched a second zero-day vulnerability in Firefox that has been exploited by malicious actors to deliver Mac malware to cryptocurrency exchanges. The flaw, tracked as CVE-2019-11708 , has...
Continue reading
  0 Comments
0 Comments

Google Open-Sources Cryptographic Protocol

view counter
Google this week rolled out a new type of multi-party computation (MPC) to help organizations better collaborate with confidential data sets.  Meant to augment the cryptographic protocol known as private set...
Continue reading
  0 Comments
0 Comments

Russia-Linked Hackers Hijack Infrastructure of Iranian Threat Group

view counter
Russia-Linked Hackers Use New Toolset and Likely Took Over Servers Operated by Iran-Linked "OilRig" Threat Group Three recent campaigns associated with the cyber-espionage group Turla employed different tools, revealing a rapidly...
Continue reading
  0 Comments
0 Comments

Firefox Zero-Day Exploited to Deliver Malware to Cryptocurrency Exchanges

view counter
The recently patched Firefox vulnerability tracked as CVE-2019-11707 has been exploited to deliver Mac (and possibly Windows) malware to the employees of cryptocurrency exchanges. Mozilla announced on Tuesday that the latest...
Continue reading
  0 Comments
0 Comments

Indegy Launches Industrial Cybersecurity-as-a-Service Offering

Indegy
view counter
Indegy on Thursday announced the general availability of CIRRUS, a new industrial cybersecurity-as-a-service (ICSaaS) offering. CIRRUS is designed to help organizations of all sizes monitor and protect their operational technology (OT)...
Continue reading
  0 Comments
0 Comments

Why Diversity of Thought in the Workplace Matters

view counter
Organizations Need Strong Leadership Backing in Order Train Managers on More Inclusive Management Styles Workplace demographics have evolved greatly in the past half century with women and minorities represented in much...
Continue reading
  0 Comments
0 Comments

Critical Vulnerabilities Patched in Cisco SD-WAN, DNA Center Products

view counter
Cisco on Wednesday released patches for several critical and high-severity vulnerabilities affecting its SD-WAN, DNA Center, TelePresence, StarOS, RV router, Prime Service Catalog, and Meeting Server products. According to Cisco, the...
Continue reading
  0 Comments
0 Comments

MongoDB Introduces Client-Side Field Level Encryption to Aid Compliance

view counter
MongoDB Inc, developer of the NoSQL MongoDB  document-based database management product, has announced the latest version, 4.2. The primary new features are distributed transactions, an updated Kubernetes Operator, and client-side field...
Continue reading
  0 Comments
0 Comments

Senator Asks NIST to Propose Secure Data Sharing Methods

view counter
Senator Ron Wyden has asked the U.S. National Institute of Standards and Technology (NIST) to create and publish a guide for securely sharing sensitive data over the internet. The senator has...
Continue reading
  0 Comments
0 Comments

Florida City Pays $600,000 Ransom to Save Computer Records

view counter
A Florida city agreed to pay $600,000 in ransom to hackers who took over its computer system, the latest in thousands of attacks worldwide aimed at extorting money from governments and...
Continue reading
  0 Comments
0 Comments

Are Artificial Intelligence and Machine Learning Just a Temporary Advantage to Defenders?

view counter
Attackers Explore How to Defeat Machine Learning (ML)-Based Defenses and Use ML in Their Own Attacks Artificial intelligence (AI), or more usually machine learning (ML), is the new kid on the block....
Continue reading
  0 Comments
0 Comments

Security Doesn't Have to be a Losing Battle

view counter
Hello world.  While I have blogged pretty frequently in the past, this is my first official column for any sort of major publication, and I am so grateful for the opportunity...
Continue reading
  0 Comments
0 Comments

Cyberespionage Campaign Targets Android Users in Middle East

view counter
A recently uncovered cyberespionage campaign is targeting the users of Android devices in Middle Eastern countries, Trend Micro’s security researchers reveal. Dubbed “Bouncing Golf,” the campaign uses a piece of malware...
Continue reading
  0 Comments
0 Comments

Cloud Security Firm Valtix Emerges From Stealth With $14 Million in Funding

Valtix
view counter
Santa Clara, California-based Valtix emerged from stealth mode on Wednesday with a cloud-native network security platform and $14 million in initial funding. The Valtix Security Platform runs as a cloud-native service...
Continue reading
  0 Comments
0 Comments