-
New verdict pushes PacifiCorp wildfire case toll past $300M
Labor Day 2020 wildfire toll rises for the Portland-based Berkshire Hathaway utility.
-
Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse
Cybersecurity researchers have disclosed details of a now-patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run that could have allowed a malicious actor to access container images and even inject malicious code. “The vulnerability could have allowed such an identity to abuse its Google Cloud Run revision edit permissions in order to pull…
-
Helping Your Clients Achieve NIST Compliance: A Step by Step Guide for Service Providers
Introduction As the cybersecurity landscape evolves, service providers play an increasingly vital role in safeguarding sensitive data and maintaining compliance with industry regulations. The National Institute of Standards and Technology (NIST) offers a comprehensive set of frameworks that provide a clear path to achieving robust cybersecurity practices. For service providers, adhering to NIST
-
How SSL Misconfigurations Impact Your Attack Surface
When assessing an organization’s external attack surface, encryption-related issues (especially SSL misconfigurations) receive special attention. Why? Their widespread use, configuration complexity, and visibility to attackers as well as users make them more likely to be exploited. This highlights how important your SSL configurations are in maintaining your web application security and
-
FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites
The financially motivated threat actor known as FIN7 has been linked to a Python-based backdoor called Anubis (not to be confused with an Android banking trojan of the same name) that can grant them remote access to compromised Windows systems. “This malware allows attackers to execute remote shell commands and other system operations, giving them…
-
New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth
Cybersecurity researchers have discovered an updated version of a malware loader called Hijack Loader that implements new features to evade detection and establish persistence on compromised systems. “Hijack Loader released a new module that implements call stack spoofing to hide the origin of function calls (e.g., API and system calls),” Zscaler ThreatLabz researcher Muhammed Irfan…
-
North merges with Raleigh-based Baldwin&
North was founded in 2006 and made its mark as an advocate for Portland.
-
Made in Old Town inks workforce development partnership with CityTeam Portland
CityTeam Portland and Made in Old Town will train residents of CityTeam’s recovery program for internships and workforce development programs in the footwear and apparel sector.
-
WNBA Portland names NBA players association exec as team president
Inky Son has experience in various positions with the National Basketball Players Association, most recently as its chief administrative officer.
-
Logic and Accuracy Test scheduled for April 22 Special Election
STEVENSON — At 10 a.m. on Wednesday, April 2, the Skamania County Elections Office will conduct a logic and accuracy test of the programming used to tabulate ballots for the April 22, 2025, Special Election. Accessible voting units will be…