Tag Archive for: Urges

US government urges Sisense customers to reset credentials after hack

/in


U.S. cybersecurity agency CISA is warning Sisense customers to reset their credentials and secrets after the data analytics company reported a security incident.

In a brief statement on Thursday, CISA said it was responding to a “recent compromise” at Sisense, which provides business intelligence and data analytics to companies around the world.

CISA urged Sisense customers to “reset credentials and secrets potentially exposed to, or used to access, Sisense services,” and report to the agency any suspicious activity involving the use of compromised credentials.

The exact nature of the cybersecurity incident is not clear yet.

Founded in 2004, Sisense develops business intelligence and data analytics software for big companies, including telcos, airlines and tech giants. Sisense’s technology allows organizations to collect, analyze and visualize large amounts of their corporate data by tapping directly into their existing technologies and cloud systems.

Companies like Sisense rely on using credentials, such as passwords and private keys, to access a customer’s various stores of data for analysis. With access to these credentials, an attacker could potentially also access a customer’s data.

CISA said it is “taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations.”

Sisense counts Air Canada, PagerDuty, Philips Healthcare, Skullcandy and Verizon as its customers, as well as thousands of other organizations globally.

News of the incident first emerged on Wednesday after cybersecurity journalist Brian Krebs published a note sent by Sisense Chief Information Security Officer Sangram Dash urging customers to “rotate any credentials that you use within your Sisense application.”

Neither Dash nor a spokesperson for Sisense responded to an email seeking comment.

Israeli media reported in January that Sisense had laid off about half of its employees since 2022. It is unclear if the layoffs impacted the company’s security posture. Sisense has taken in close to $300 million in funding from investors, which include Insight Partners, Bessemer Ventures Partners and Battery Ventures.

Do…

Source…

Rubrik urges shift from data backup to cyber resilience

/in


As World Backup Day approaches on March 31st, data security figure Anneka Gupta, Chief Product Officer at Rubrik, emphasises the rising importance of cyber resilience in aiding organisations to fortify themselves against cyber threats.

According to Gupta, relying solely on World Backup Day is insufficient in our fluid cybersecurity threat landscape. Instead, it is crucial we usher in “the era of cyber resilience, where the combination of cyber posture and cyber recovery will help to create a cyber resilient future and prepare organisations for any threat, at any stage of an attack.”

This declaration comes in the wake of evidence from a Rubrik Zero Labs State of Data Security report last year, which identified that not only had 93% of external organisations experienced attempts by malicious actors to disrupt data backups during a cyberattack, but 73% reported that these attempts were at least partially successful.

Gupta also examined the role of data recovery and backup systems, frequently referred to as an organisation’s last line of defence. In her perspective, “traditional solutions are no longer cutting it.” The questionable reliability of these solutions raises severe doubts about security, pivoting the critical question for organisations from ‘What backup solution do we have?’ to ‘Do I trust the solution and strategy I have in place?’

According to Gupta, the path to a cyber-resilient future requires organisations to execute three key strategies. Firstly, ensuring that data has suitable authentication and access controls can prevent cybercriminals from exploiting system vulnerabilities.

Secondly, possessing an ability to oversee vulnerable data and those affected when systems are compromised empowers IT and security teams to evaluate risks effectively and respond swiftly to threats.

Lastly, regular simulation and testing of recovery strategies are recommended. This ensures that organisations are prepared to restore critical data and systems with confidence in the event of an actual attack and without reintroducing malware.

While World Backup Day still retains significance, Gupta urges a transformation in our understanding of cyber security and a shift from mere…

Source…

US Space Force Major urges Defense Department to adopt Bitcoin as an ‘offset strategy’

/in


U.S. Space Force Major Jason Lowery has brought a novel perspective on Bitcoin to light, extending its significance far beyond finance and into national defense and cybersecurity.

In a detailed letter to the Defense of Defense’s (DoD) Innovation Board, Lowery argued that Bitcoin and similar proof-of-work (PoW) protocols hold substantial strategic importance, urging the government to delve deeper into their potential applications.

Macrochip

The major’s letter contextualized Bitcoin within the military strategy of an offset approach. The concept historically involves leveraging technological advancements to counterbalance adversaries’ strengths.

Lowery suggested that Bitcoin and its underlying technology could serve as contemporary tools in this regard, potentially redefining the landscape of cyber warfare and defense.

Lowery described Bitcoin as a pioneering “macrochip,” a concept that transforms the global electric power grid into a vast, resource-intensive computer. This innovative approach, he argued, introduces physical costs into the digital domain, offering a new method of securing a wide array of data across the internet.

According to Lowery, this strategy challenges the conventional paradigms of cybersecurity and could mark a significant shift in protecting national interests in the digital age.

Lowery also addressed the ongoing challenges in cybersecurity, highlighting the inadequacies of existing software-based solutions. He proposed that the proof-of-work protocol, as exemplified by Bitcoin, represents a significant innovation in this field.

By introducing the notion of real-world physical costs as deterrents in cyberspace, this approach could revolutionize the way digital security is enforced.

Recommendations to DoD

The letter further explored the implications of this technology for cyber warfare and defense strategies. Lowery emphasized the need for the United States to recognize and quickly adapt to Bitcoin’s potential as a strategic offset in cybersecurity.

He warned that failure to do so could impact the global balance of power, especially in an era where digital and interconnected systems are increasingly vulnerable to security breaches.

In his role as the U.S….

Source…

Central government urges immediate action for Mozilla Firefox users amid security concerns

/in


certin, mozilla firefox, web browser, security alert, security warning, hacking attempts, hackers
Image Source : FILE Representational Image

CERT-In, the Indian Computer Emergency Response Team, has issued a security warning regarding Mozilla’s Firefox web browser. The alert mentioned potential vulnerabilities that could be exploited by hackers to access confidential user data. It’s concerning as Firefox faces not just one, but multiple security issues.

Affected Versions

  • Firefox ESR versions before 115.5.0

  • Firefox iOS versions before 120

  • Mozilla Thunderbird versions before 115.5

The Risks

The highlighted security flaws indicate the possibility of unauthorised access which poses a major threat to user security.

Protective Measures Advised by CERT-In

  1. Update Firefox Immediately: Users are strongly advised to update their Firefox browser promptly. This step is crucial in addressing and mitigating the identified security issues.

  2. Enable Automatic Updates: Ensure that automatic updates are enabled for your Firefox browser. This feature helps in keeping the browser’s security measures up-to-date.

  3. Exercise Caution with Links and Attachments: Avoid clicking on links and opening attachments from unknown senders, whether through messages or emails. This simple precaution can prevent potential security threats.

CERT-In’s Recent Alerts

In recent weeks, CERT-In has been proactive in issuing security alerts. Prior warnings included concerns about security problems in Chrome on Android and highlighted vulnerabilities in major applications developed by Adobe.

Tips to Stay Safe

Staying vigilant and taking immediate action to update software are critical steps in safeguarding against potential security breaches. As cyber threats continue to evolve, users are encouraged to follow best practices to protect their devices and sensitive information. For further details and the latest updates, users can refer to CERT-In’s official website.

ALSO READ | No charger? Check these tips to keep your iPhone alive in emergency situations

ALSO READ | Xiaomi’s HyperOS update details revealed- Is your smartphone on the…

Source…