CSA Releases Top Threats to Cloud Computing: Deep Dive

CSA Releases Top Threats to Cloud Computing: Deep Dive

BLACKHAT LAS VEGAS – AUGUST 8, 2018 – The Cloud Security Alliance(CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today announced the release of the Top Threats to Cloud Computing: Deep Dive, a case-study analysis that provides more technical details dealing with architecture, compliance, risk [...]

CSA, OWASP Issue Updated Guidance for Secure Medical Device Deployment

CSA, OWASP Issue Updated Guidance for Secure Medical Device Deployment

BLACKHAT LAS VEGAS – AUGUST 7, 2018 –The Cloud Security Alliance(CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, in conjunction with the Open Web Application Security Project (OWASP) today released OWASP Secure Medical Device Deployment Standard Version 2.0, an updated guide to the secure deployment [...]

This is Me and My (Private) Identity

This is Me and My (Private) Identity

Do we really need regulators to come and tell us that each person’s data is, well, private? A few years before the GDPR regulation came into effect in Europe, the Law for Protection of Personal Data Held by Private Parties (LFPDPPP) in Mexico stated basically the same principles with which many companies are now struggling to comply: [...]

DarkHydrus Uses Phishery to Harvest Credentials in the Middle East

DarkHydrus Uses Phishery to Harvest Credentials in the Middle East

Last week, Unit 42 released a blog on a newly named threat group called DarkHydrus that we observed targeting government entities in the Middle East. The attack that we discussed in our previous publication involved spear-phishing to deliver a PowerShell payload we call RogueRobin; however, we are aware of DarkHydrus carrying out a credential harvesting attack in [...]