Google Gmail client-side encryption is available globallyGmail client-side encryption (CSE) is now available for Workspace Enterprise Plus, Education Plus, and Education Standard customers. Google announced that...
Day: March 1, 2023
LastPass Confirms Second Data Breach of Encrypted Password Vaults
LastPass Confirms Second Data Breach of Encrypted Password VaultsAs a result of another attack on LastPass’s systems, the company disclosed a severe data breach in December...
What Is Broken Access Control and How to Keep Your Organization Safe?
What Is Broken Access Control and How to Keep Your Organization Safe?Access control is an important security measure for organizations of all sizes. Without it, intruders...
Scarleteel Cloud Attack: Hackers Use Kubernetes and AWS to Steal Source Code
Scarleteel Cloud Attack: Hackers Use Kubernetes and AWS to Steal Source CodeThreat actors exploited a compromised Kubernetes container to attempt privilege escalation into an AWS account....
ChromeLoader Malware Is Targeting Gamers
ChromeLoader Malware Is Targeting GamersCybersecurity researchers recently discovered a new wave of ChromeLoader malware that threat actors are using to circumvent antivirus software and other cybersecurity...
Crypto-Ransomware: An A to Z Guide to What It Is and How to Protect Yourself
Crypto-Ransomware: An A to Z Guide to What It Is and How to Protect YourselfWondering what is crypto-ransomware? You’ve come to the right place. Because of...
Fooling a Voice Authentication System with an AI-Generated Voice
Fooling a Voice Authentication System with an AI-Generated VoiceA reporter used an AI synthesis of his own voice to fool the voice authentication system for Lloyd’s...
8 ways to secure Chrome browser for Google Workspace users
8 ways to secure Chrome browser for Google Workspace usersPosted by Kiran Nair, Product Manager, Chrome Browser Your journey towards keeping your Google Workspace users and...
Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting
Iron Tiger’s SysUpdate Reappears, Adds Linux TargetingWe detail the update that advanced persistent threat (APT) group Iron Tiger made on the custom malware family SysUpdate. In...
Twitter is down with users seeing “Welcome to Twitter” screen
Twitter is down with users seeing "Welcome to Twitter" screenWhen attempting to access Twitter's website, users see "Welcome to Twitter!" on the timeline. The alert, typically used...
How to Prevent Callback Phishing Attacks on Your Organization
How to Prevent Callback Phishing Attacks on Your OrganizationHybrid phishing attacks continue to pose a clear and present danger to all organizations. How can these threats...
Microsoft fixes bug behind apps not installing during provisioning
Microsoft fixes bug behind apps not installing during provisioningMicrosoft has addressed a Windows 11 22H2 known issue causing some apps not to be installed during Windows...
Russia bans private messaging apps owned by foreign entities
Russia bans private messaging apps owned by foreign entitiesRussia's internet watchdog agency Roskomnadzor is warning that today is the first day that laws banning the use of...
GitHub’s secret scanning alerts now available for all public repos
GitHub’s secret scanning alerts now available for all public reposGitHub has announced that its secret scanning alerts service is now generally available to all public repositories...
Leveraging the Traffic Light Protocol helps CISOs share threat data effectively
Leveraging the Traffic Light Protocol helps CISOs share threat data effectivelyEXECUTIVE SUMMARY: As cyber threats continue to evolve and become increasingly sophisticated, it is critical for...
GUEST ESSAY: Why CISOs absolutely must take authentication secrets much more seriously
GUEST ESSAY: Why CISOs absolutely must take authentication secrets much more seriouslyThe IT world relies on digital authentication credentials, such as API keys, certificates, and tokens,...
3rd FTX Official Pleads Guilty to Criminal Charges
3rd FTX Official Pleads Guilty to Criminal ChargesEx-Director Nishad Singh Will Assist With Case Against Founder Sam Bankman-FriedAs U.S. prosecutors continue to probe collapsed cryptocurrency exchange...
Why Fraud Continues to Dominate Faster Payments
Why Fraud Continues to Dominate Faster PaymentsReed Luhtanen of the Faster Payments Council Covers Approaches for Reducing FraudFaster payment technology has been around for years, but...
APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia
APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in ColombiaThe threat actor known as Blind Eagle has been linked to a new campaign targeting various...
Flaws in Hitachi Relion 650/670 Series IEDs Update Mechanism
Flaws in Hitachi Relion 650/670 Series IEDs Update Mechanism Since disclosing vulnerabilities to Real Time Locating Systems (RTLS) at Black Hat USA in 2022, Nozomi Networks labs...
Software transparency | Code Patrol podcast | Contrast Security
Software transparency | Code Patrol podcast | Contrast Security Just what, exactly, is “assurance?” The post Software transparency | Code Patrol podcast | Contrast Security appeared...
Assessing Cybersecurity Risk in the C-Suite
Assessing Cybersecurity Risk in the C-Suite In today's digital age, cybersecurity risks are a major concern for businesses of all sizes. With cyber attacks becoming more...
Robert M. Lee’s & Jeff Haas’ Little Bobby Comic – ‘WEEK 419’
Robert M. Lee’s & Jeff Haas’ Little Bobby Comic – ‘WEEK 419’ via the respected security expertise of Robert M. Lee and the superlative illustration talents...
PCI DSS Requirements: What Your Business Needs to Know
PCI DSS Requirements: What Your Business Needs to KnowGet a high-level overview of the 12 security requirements for PCI DSS compliance. The post PCI DSS Requirements:...
US Marshals Ransomware Hack is ‘Major Incident’
US Marshals Ransomware Hack is ‘Major Incident’ The U.S. Marshals Service (USMS) has been hacked (again). Scrotes stole sensitive stuff (supposedly). The post US Marshals Ransomware...
Reducing the Noise: Why Vulnerability Types Matter
Reducing the Noise: Why Vulnerability Types MatterMost application security testing focuses on server-side vulnerabilities. While vulnerability management alerts are necessary within today’s threat landscape for increased...
USENIX Security ’22 – Daniel Townley, Kerem Arıkan, Yu David Liu, Dmitry Ponomarev, Oğuz Ergin – ‘Composable Cachelets: Protecting Enclaves From Cache Side-Channel Attacks’
USENIX Security ’22 – Daniel Townley, Kerem Arıkan, Yu David Liu, Dmitry Ponomarev, Oğuz Ergin – ‘Composable Cachelets: Protecting Enclaves From Cache Side-Channel Attacks’Our thanks to...
Software supply chain security and SBOM automation: The next big step in risk management
Software supply chain security and SBOM automation: The next big step in risk management Over the last several years, supply chain risk management has evolved into...
New Mirai botnet variant V3G4 targets Linux servers, IoT devices
New Mirai botnet variant V3G4 targets Linux servers, IoT devicesA new variant of Mirai — the botnet malware used to launch massive DDoS attacks —has been...
EU parliamentary committee says ‘no’ to EU-US data privacy framework
EU parliamentary committee says 'no' to EU-US data privacy frameworkProgress on ratifying the Trans-Atlantic Data Policy Framework hit a snag, as a parliamentary committee rejected a...