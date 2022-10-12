Read full article on original website
itsecuritywire.com
Four Critical Cloud Security Risks that Businesses Need to Address
As businesses of all sizes continue to shift their operations to the cloud, it is crucial to be aware of the most dangerous and critical security threats and how to safeguard themselves. The advantages of cloud services are obvious: they enable the workforce to remain productive from anywhere and are...
Walmart Acquires Robotics Company to Help Automate Fulfillment
Walmart is making more investments to bolster its supply chain. The big box retailer on Thursday announced its acquisition of Alert Innovation, a robotics company that will help the company automate its order fulfillment process. Walmart will use this technology across its 4,700 stores to help fulfill orders more quickly.
Owner of Fast-Fashion Giant Shein Must Pay $1.9 Million Over Data Breach
Zoetop Business Company, Ltd., which owns the juggernaut Chinese fast fashion business SHEIN, has been ordered to pay $1.9 million in penalties to New York state after failing to protect consumer information in a 2018 data breach and subsequently lying about it, New York Attorney General Letitia James announced on Wednesday. The 2018 breach resulted in the theft of SHEIN shoppers’ credit card and personal information, and the attorney general’s investigation found that Zoetop misrepresented the scale of the data breach both in interactions with customers and in public statements. “Since 2018, we have significantly expanded our cybersecurity team; retained leading cybersecurity experts to help build our security organization and strengthen our global security posture to combat potential risks and vulnerabilities; implemented technologies designed to detect bad actors and mitigate potential threats to our systems; and further enhanced our incident response processes and procedures,” SHEIN told The Daily Beast in a statement. “In addition, we have been certified as compliant with the ISO’s 27001 standard and the payment card industry’s Digital Security Standard for data protection.”Read it at New York State Attorney General
itsecuritywire.com
Three Questions for Enterprises to Determine the Robustness of their Data Backup Strategy
Business operations today have a significant volume of data flow every day, and any level of data loss might hinder operations. Thus, they require a data backup strategy that can safeguard this data. A thorough assessment of the capabilities and current processes of the company is necessary to develop a successful backup and recovery strategy.
The pandemic forced innovation, but the expected recession may push businesses to do even more
Michelle Gass, Kohl’s CEO and Julie Sweet, chair and CEO of Accenture, take the stage at Fortune's MPW Summit on Oct. 11, 2022. The effects of COVID-19 forced companies across many industries to adapt and innovate rapidly. Yet even as the pandemic subsides, there are opportunities for business leaders to continue to apply the lessons they have learned over the last few years.
itsecuritywire.com
Reassessing DevSecOps in the Face of Rising High-Profile Security Breaches
Collaboration across operations, security, and development can increase software production efficiency, but some re-evaluations will be necessary. DevSecOps may not have been the cause of recent high-profile breaches, but discussions about this security aspect are crucial today. Getting security on board earlier rather than later in the software development cycle...
itsecuritywire.com
Malwarebytes Introduces MDR Product for SMBs
Malwarebytes, a company that specializes in endpoint detection and response (EDR), has introduced a new managed detection and response (MDR) solution to bring threat and incident detection to the SMB market. SMBs are frequently regarded as the opportunity’s “soft underbelly,” which makes them a prime target for malicious actors.
itsecuritywire.com
Vista Equity Partners to Acquire KnowBe4 Security Awareness Training Firm for USD 4.6B
Security awareness training company KnowBe4 will go private after being acquired by Vista Equity Partners for roughly USD 4.6 billion in cash. In the middle of September, KnowBe4 first disclosed that it had received an offer from the private equity firm. The companies announced that they had reached a binding...
itsecuritywire.com
Google Cloud Rebrands Siemplify to Chronicle Security Operations
At the Google Cloud Next, Google Cloud released Chronicle Security Operations, a new family of solutions designed to enable security teams to detect, investigate and respond to cyber threats. Chronicle Security Operations combines Google Cloud’s threat intelligence with Siemplify’s SIEM technology, as well as Chronicle’s already-existing security information and event...
itsecuritywire.com
Code42 Teams up with Tines to Scale and Accelerate Response to Insider Risk Events
Code42 Software, Inc., the Insider Risk Management (IRM) leader, today announced that it is working with Tines, a no-code automation platform for security teams. Through a new partnership between Code42 and Tines, mutual customers gain the speed and scale to accelerate response to data leaks from insiders. Using the powerful automation capabilities of Tines, customers can triage, contain and escalate high-risk file activities detected by the Code42® Incydr™ product. Templated Incydr and Tines Stories give security teams a repeatable way to protect their valued corporate data from employee-driven exposure, leak and theft, and improve their organization’s Insider Risk posture.
itsecuritywire.com
New Chinese Cyberespionage Group WIP19 Aims at Telcos and IT Service Providers
A newly identified Chinese cyberespionage group has been deploying signed malware against IT service providers and telecommunications companies. It is unclear whether this is a new iteration of Operation Shadow Force or the work of a different, more experienced adversary using new malware and techniques. SentinelOne tracks this advanced persistent threat (APT) as WIP19. Its activities show overlaps with Operation Shadow Force. WIP19 employs a number of malicious components that are signed by stolen certificates, primarily targeting organizations in the Middle East and Asia.
itsecuritywire.com
Immersive Labs Secures USD 66 Million for Cyber Workforce Resilience Platform
UK-based cybersecurity training solutions provider Immersive Labs announced that it has raised USD 66 million in new capital. Ten Eleven Ventures, along with prior backers Goldman Sachs Asset Management, Summit Partners, Insight Partners, Menlo Ventures, and Citi Ventures, led the investment, which brings the company’s total funding to USD 189 million. The funds will be used to boost the business’s growth and improve its platform for assessing and improving the resilience of an organization’s workforce, including executives and development teams, in the cyberspace.
itsecuritywire.com
QBot Malware Infects Over 800 Corporate Users in New, Ongoing Campaign
According to a new report by Kaspersky, since September 28, a new QBot malware distribution campaign has infected over 800 corporate users. Since 2009, QBot, also known as Qakbot and Pinkslipbot, has been stealing information and spreading itself, and it is frequently used as the initial infection vector in malicious attacks. Earlier this year, Follina, a vulnerability in the Microsoft Support Diagnostic Tool (MSDT) tracked as CVE-2022-30190, which permits remote code execution, was exploited in attacks using QBot.
itsecuritywire.com
SecuriThings Raises $21 Million to Automate the Management of Enterprise Physical Security Devices
SecuriThings today announced it has raised a $21 million Series B funding round led by U.S. Venture Partners (USVP) and participation from Swisscom Ventures, bringing the company’s total amount raised to $39 million. Existing investors Aleph, Firstime VC and Cresson Management also participated in the round. SecuriThings is redefining...
itsecuritywire.com
Strengthening Cybersecurity Posture after Successful Cloud Migration
The risks of cloud migration can be a little daunting for enterprises, but organizations with an effective cloud cybersecurity posture manage these risks vigilantly. One of the perfect ways to reduce the risk of cloud is to design, establish and enforce stringent security standards and protocols to minimize the risk on cloud infrastructure. IT business leaders need to ensure they set effective cloud access control policies, Infrastructure-as-code (IaC) templates, cloud workload vulnerability management tools, and secure DevOps workflows. Enterprises that lack the capabilities and skills to secure their cloud architectures can consult with industry experts to strengthen their cybersecurity after successful cloud migration. One of the significant ways to streamline cloud processes while transitioning data and other tech stack applications in a secure way.
The Era of Digitalization: Growing a Business through E-Commerce
The last few years have been full of ups and downs, to say the least. Industries have experienced unprecedented disruptions, the world has gone through numerous closures, and daily lives as we knew them have completely changed.
Why global investors are piling into the UK’s luxury care home sector
With a spa, cinema and wood-panelled hall, Reigate Grange in Surrey, where Ann King was abused, is part of a growing trend for luxury care homes. Fuelled by global investors’ desire to capitalise on older people’s property wealth, luxury care applies a cruise-ship sheen to the grittier reality of dementia and the end of life.
Aspiration Announces Olivia Albrecht as CEO
LOS ANGELES--(BUSINESS WIRE)--Oct 13, 2022-- Aspiration, a global business leader in climate solutions, today announced the appointment of Olivia Albrecht as the company’s new Chief Executive Officer. She will assume day to day leadership of the company and will also join Aspiration’s Board of Directors. Albrecht takes on the role following Aspiration’s co-founder and CEO, Andrei Cherny. Cherny will retain his position on the board and remain on as an advisor for Aspiration during the transition period, following nine years spearheading the company from its infancy to its current market leading position.
itsecuritywire.com
CoreStack Unveils Cloud Managed Services Collaboration With Feuji
CoreStack, a global multi-cloud governance provider, and Feuji, a global technology services company, today announced a strategic partnership to accelerate Feuji’s commitment to an innovative approach to digital transformation. Feuji will offer its OpsRight cloud managed services built on the CoreStack’s NextGen Cloud Governance platform through this partnership.
itsecuritywire.com
Inspira Enterprise, Inc. Welcomes Microsoft Executive Kelly Bissell as Strategic Advisor
Inspira Enterprise, Inc, a global cybersecurity services organization, today announced that Kelly Bissell, a corporate vice president and leader of Microsoft’s services group, has joined the company as a strategic advisor. As a strategic advisor, Bissell will advise the company to achieve its objective of simplifying the myriad of complexities that stand between organizations and their goals to achieve higher levels of cybersecurity maturity.
