New CISO Report – Securing Storage, Backup & Data Recovery

CISO Point of View: New Strategies To Secure Storage & Backup, And Protect Data

Do you remember the movie 'What Women Want'? We decided to create our own version: 'What CISOs Want' ! We interviewed 8 CISOs to get their insights on new data protection methods, and the importance of securing storage & backup. You can read the report here: CISO Point of View: The Ever-Changing Role Of Data Protection And Storage Security, which highlights the security practices that have evolved, and includes a set of recommendations for other CISOs.   Download report   CISOs interviewed in this report include John Meakin, Former CISO at GlaxoSmithKline and Deutsche Bank, Joel Fulton, Former CISO at Symantec and Splunk, Endré Jarraux Walls, CISO at Customers Bank, and George Eapen, Group CIO at Petrofac   What's included in the report: CISO lessons learned: how did you approach data protection in your career? What worked and what didn't, and what would you have done differently Where should other CISOs start when it comes to taking a risk-based approach to data protection and recoverability Top recommendations for your peers

You may unsubscribe or change your contact details at any time.

Powered by:

Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites

The Hacker News Daily Updates The Email Fortress: Secure Your Inbox, Protect Your Privacy (FREE EBOOK) Email security doesn't have to be a challenge, nor does it require a time-consuming overhaul. Learn how to keep your emails secure with our free guide. Download Now Sponsored LATEST NEWS Mar 25, 2023 U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals In what's a case of setting a thief to catch a thief, the U.K. National Crime Agency (NCA) revealed that it has created a network of fake DDoS-for-hire websites to infiltrate the online criminal underground. "All of the NCA-run sites, which have so far been accessed by around several thousand people, have been created to look like they offer the tools and services that enable cyber criminals ... Read More Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers Microsoft on Friday shared guidance to help customers discover indicators of compromise (IoCs) associated with a recently patched Outlook vulnerability. Tracked as CVE-2023-23397 (CVSS score: 9.8), the critical flaw relates to a case of privilege escalation that could be exploited to steal NT Lan Manager (NTLM) hashes and stage a relay attack without requiring any user interaction. ... Read More OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident OpenAI on Friday disclosed that a bug in the Redis open source library was responsible for the exposure of other users' personal information and chat titles in the upstart's ChatGPT service earlier this week. The glitch, which came to light on March 20, 2023, enabled certain users to view brief descriptions of other users' conversations from the chat history sidebar, prompting the company ... Read More Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data A malicious Python package on the Python Package Index (PyPI) repository has been found to use Unicode as a trick to evade detection and deploy an info-stealing malware. The package in question, named onyxproxy, was uploaded to PyPI on March 15, 2023, and comes with capabilities to harvest and exfiltrate credentials and other valuable data. It has since been taken down, but not before ... Read More THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps Any app that can improve business operations is quickly added to the SaaS stack. However, employees don't realize that this SaaS-to-SaaS connectivity, which typically takes place outside the view of the security team, significantly increases risk. Whether employees connect through Microsoft 365, Google Workspace, Slack, Salesforce, or any other app, security teams have no way to quantify ... Read More GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations Cloud-based repository hosting service GitHub said it took the step of replacing its RSA SSH host key used to secure Git operations "out of an abundance of caution" after it was briefly exposed in a public repository. The activity, which was carried out at 05:00 UTC on March 24, 2023, is said to have been undertaken as a measure to prevent any bad actor from impersonating the service ... Read More Researchers Uncover Chinese Nation State Hackers' Deceptive Attack Strategies A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient at bypassing security solutions. The threat actor, active since at least 2012, is tracked by the broader cybersecurity community under Bronze President, HoneyMyte, Mustang Panda, RedDelta, and Red Lich. Attack chains mounted by the group commence with ... Read More Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites Patches have been released for a critical security flaw impacting the WooCommerce Payments plugin for WordPress, which is installed on over 500,000 websites. The flaw, if left unresolved, could enable a bad actor to gain unauthorized admin access to impacted stores, the company said in an advisory on March 23, 2023. It impacts versions 4.8.0 through 5.6.1. Put differently, the issue could ... Read More The Email Fortress: Secure Your Inbox, Protect Your Privacy (FREE EBOOK) Email security doesn't have to be a challenge, nor does it require a time-consuming overhaul. Learn how to keep your emails secure with our free guide. Download Now Sponsored This email was sent to myemailku.ghdbrevo2018@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here. Contact The Hacker News: info@thehackernews.com Unsubscribe The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites

The Hacker News Daily Updates THN Webinar: Master the Six Phases of Incident Response React fast, respond smart: Master the six phases of Incident Response with Cynet's IR Leader! Download Now Sponsored LATEST NEWS Mar 24, 2023 THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps Any app that can improve business operations is quickly added to the SaaS stack. However, employees don't realize that this SaaS-to-SaaS connectivity, which typically takes place outside the view of the security team, significantly increases risk. Whether employees connect through Microsoft 365, Google Workspace, Slack, Salesforce, or any other app, security teams have no way to quantify ... Read More GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations Cloud-based repository hosting service GitHub said it took the step of replacing its RSA SSH host key used to secure Git operations "out of an abundance of caution" after it was briefly exposed in a public repository. The activity, which was carried out at 05:00 UTC on March 24, 2023, is said to have been undertaken as a measure to prevent any bad actor from impersonating the service ... Read More "There's no better compliance platform than Drata." — Drata customer Book a demo and discover why Drata has a 5-star rating on G2 for cloud compliance.>> Read More Researchers Uncover Chinese Nation State Hackers' Deceptive Attack Strategies A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient at bypassing security solutions. The threat actor, active since at least 2012, is tracked by the broader cybersecurity community under Bronze President, HoneyMyte, Mustang Panda, RedDelta, and Red Lich. Attack chains mounted by the group commence with ... Read More Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites Patches have been released for a critical security flaw impacting the WooCommerce Payments plugin for WordPress, which is installed on over 500,000 websites. The flaw, if left unresolved, could enable a bad actor to gain unauthorized admin access to impacted stores, the company said in an advisory on March 23, 2023. It impacts versions 4.8.0 through 5.6.1. Put differently, the issue could ... Read More Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts Google has stepped in to remove a bogus Chrome browser extension from the official Web Store that masqueraded as OpenAI's ChatGPT service to harvest Facebook session cookies and hijack the accounts. The "ChatGPT For Google" extension, a trojanized version of a legitimate open source browser add-on, attracted over 9,000 installations since March 14, 2023, prior to its removal. It was ... Read More Nexus: A New Rising Android Banking Trojan Targeting 450 Financial Apps An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450 financial applications and conduct fraud. "Nexus appears to be in its early stages of development," Italian cybersecurity firm Cleafy said in a report published this week. "Nexus provides all the main features to perform ATO attacks (Account Takeover) against banking portals ... Read More 2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks In 2022 alone, global cyberattacks increased by 38%, resulting in substantial business loss, including financial and reputational damage. Meanwhile, corporate security budgets have risen significantly because of the growing sophistication of attacks and the number of cybersecurity solutions introduced into the market. With this rise in threats, budgets, and solutions, how prepared are ... Read More THN Webinar: Master the Six Phases of Incident Response React fast, respond smart: Master the six phases of Incident Response with Cynet's IR Leader! Download Now Sponsored This email was sent to myemailku.ghdbrevo2018@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here. Contact The Hacker News: info@thehackernews.com Unsubscribe The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India