Protecting high-value research data from nation-state attackers

Joint NCSC-DHS-CISA advisories and a warning from the FBI have recently highlighted activities of nation-state-backed groups targeting organizations focused on COVID-19 research. The goal is to obtain information for their domestic COVID-19 research efforts. Security leaders at research organizations need to better understand the motivations and methods of these attackers. That will allow them to…

Tim Rains, who formerly held many essential roles at Microsoft and is currently working at Amazon Web Services as Regional Leader for Security and Compliance Business Acceleration for EMEA, had the opportunity to gain knowledge from and advise thousands of organizations and enterprises about incident response and threat intelligence. Cybersecurity Threats, Malware Trends, and Strategies…

Microsoft fixes two RCE flaws affecting Windows 10 machines

Microsoft has released fixes for two remote code execution (RCE) vulnerabilities in the Microsoft Windows Codecs Library on Windows 10 machines. The vulnerabilities Both flaws – CVE-2020-1425 and CVE-2020-1457 – arose because of the way the Microsoft Windows Codecs Library handled objects in memory. CVE-2020-1425 could allow attackers to obtain information to further compromise the…

Back in March as the coronavirus pandemic gathered steam in the U.S., a largely unheralded video-conferencing service suddenly found itself in the spotlight. And just as quickly as Zoom became a household name for connecting work colleagues, church and school groups, friends, family, book clubs and others during stay-at-home lockdowns, it also gained a reputation…

The average $5 billion company incurs delays of roughly 5 weeks per year in new product launches due to missed risks, with a $99 million opportunity cost, according to Gartner. Opportunity costs from missing risks A survey of more than 382 strategic initiative leaders quantified the cost of missing risks in strategic initiatives. For an…