A new study polling 1,000 software developers and startup employees found 29% of companies use unprotected production data (real customer data) in testing environments when testing and troubleshooting their company’s software — increasing the risk of exposure in the event of a data breach. Unprotected production data is defined as data that is not de-identified…

Transport layer security (TLS) is the modern version of the now-deprecated secure socket layer (SSL) protocol. Due to multiple vulnerabilities within SSL, organizations require a more robust protocol to coincide with the increasing number of web-based technologies. For example, unlike SSL, TSL allows you to negotiate encryption on regular ports and protocols such as IMAP…

It’s no secret that ransomware is one of the most pressing cyber threats of our day. What worse, ransomware gangs have increased their attacks on a range of vulnerable industries, with disruptions to business operations, million-dollar ransom demands, data exfiltration, and extortion. With Malwarebytes Endpoint Detection and Response, however, you can fight—and defeat—advanced ransomware that…

The breach was discovered on June 18 and the firm started notifying customers on July 6. However, the intrusion came to light only on July 21 when security researcher Dominic Alvieri came across a copy of the notification sent by Entrust to customers. Entrust is a Minneapolis, MN-based company that provides security solutions for user…

Talon Cyber Security introduced TalonWork Mobile, a version of its TalonWork browser made specifically for mobile endpoints. With TalonWork Mobile, customers can extend secure access and control to the mobile endpoints that are used to connect to corporate resources and data, yet are historically unmanaged by organizations. Talon is the first secure enterprise browser provider…

In Tennessee, the website for unemployment benefits remained down Thursday morning after the vendor, Geographic Solutions Inc., told the state Sunday that service would be interrupted. Some 12,000 Tennesseans rely on the unemployment program, and for now, they’re not getting their payments. The company said that it expects Tennessee’s system to be back online before…

Digital Shadows announces the launch of a new Vulnerability Intelligence module within SearchLight. The new capability enables security teams to rapidly identify which of the many thousands of Common Vulnerabilities and Exposures (CVEs) they should focus their limited resources on and how they can prevent criminals from exploiting them. The new module, within Digital Shadows…

The company’s researchers have analyzed the roughly 2,600 data leaks that resulted from ransomware attacks in 2021 and determined that approximately 1,300 of them impacted critical infrastructure and industrial organizations. An investigation of 70 of these leaks showed that ten of them contained technically sensitive OT information. Mandiant’s analysis included manually browsing through file listings…

The European Data Protection Supervisor said Monday that Europol was notified of the order on Jan. 3 following an inquiry that started in 2019. As part of the investigation, the EDPS said it reprimanded Europol two years ago “for the continued storage of large volumes” of such data, “which poses a risk to individuals’ fundamental…

The attack, the Rockville, Maryland-based company says, likely happened in mid-November, when a ransomware group accessed data on certain systems, deployed malware to prevent access to files, and then threatened to leak the exfiltrated files. Despite that, Supernus Pharmaceuticals says it did not experience a significant impact on its business, as its operations were not…