LogonBox VPN 2.3.20Introduction LogonBox is pleased to announce the immediate availability of LogonBox VPN 2.3.20.This release includes the ability to force AD schema versions and additions...
Day: March 14, 2023
Unreleased findings from the Entrust Cybersecurity Institute’s “Future of Identity” Report
Unreleased findings from the Entrust Cybersecurity Institute’s “Future of Identity” ReportYounger consumers – especially Gen Z – value the promise of simplified experiences that digital... The...
The Failure of Silicon Valley Bank Is a Ground-Shaking Crisis—and a Cybersecurity Red Alert
The Failure of Silicon Valley Bank Is a Ground-Shaking Crisis—and a Cybersecurity Red AlertLast year, Silicon Valley Bank (SVB) enjoyed a market capitalization of $44 billion....
Recent CISA KEV Additions Include Silent Fixes and Unpatched Vulnerabilities
Recent CISA KEV Additions Include Silent Fixes and Unpatched VulnerabilitiesFlashpoint has observed two major discrepancies with CVE-2022-35914 and CVE-2022-33891. Security teams need to be aware that...
Augmented Software Engineering in an AI Era
Augmented Software Engineering in an AI EraArtificial Intelligence (AI) has been making waves in many industries, and software engineering is no exception. AI has the potential...
White House to Regulate Cloud Security: Good Luck With That
White House to Regulate Cloud Security: Good Luck With That Be careful what you wish for: Biden wants new regulations for cloud providers—but we’re not sure...
Why Organizations Need to Care About Machine Identity Management
Why Organizations Need to Care About Machine Identity ManagementMachine Identity Management (MIM) is an essential component of an organization’s cybersecurity program. The post Why Organizations Need...
USENIX Security ’22 – Timothy Trippel, Kang G. Shin, Alex Chernyakhovsky, Garret Kelly, Dominic Rizzo, Matthew Hicks – ‘Fuzzing Hardware Like Software’
USENIX Security ’22 – Timothy Trippel, Kang G. Shin, Alex Chernyakhovsky, Garret Kelly, Dominic Rizzo, Matthew Hicks – ‘Fuzzing Hardware Like Software’Our thanks to USENIX for...
50 Threat Hunting Hypothesis Examples
50 Threat Hunting Hypothesis ExamplesThreat hunting is a proactive and critical aspect of cybersecurity that involves searching for signs of malicious activity on your organization’s networks...
Cutting complexity
Cutting complexityEnsuring cybersecurity defences do more with less Webinar It's like living in a fever dream out there in the world of cybersecurity. More and more...
The UK’s bad encryption law can’t withstand global contempt
The UK's bad encryption law can't withstand global contemptAny sufficiently stupid technology is indistinguishable from magical thinking Opinion Around the world, a vital technology is failing....
CISA joins forces with Women in CyberSecurity to break up the boy’s club
CISA joins forces with Women in CyberSecurity to break up the boy's clubAlso, the FBI just admitted to bypassing warrants by buying cellphone location data, and...
Zoll Medical says intruders had 1M+ patient, staff records at their fingertips
Zoll Medical says intruders had 1M+ patient, staff records at their fingertipsNames, addresses, SSNs all up for grabs Medical device and software maker Zoll Medical says...
LockBit brags: We’ll leak thousands of SpaceX blueprints stolen from supplier
LockBit brags: We'll leak thousands of SpaceX blueprints stolen from supplierAnd also, Ring hit with ransomware, too? No, says Amazon Ransomware gang Lockbit has boasted it...
Booking.com account takeover flaw shows possible pitfalls in OAuth implementations
Booking.com account takeover flaw shows possible pitfalls in OAuth implementationsBooking.com, one of the world's largest online travel agencies, recently patched a vulnerability in its implementation of...
Software liability reform is liable to push us off a cliff
Software liability reform is liable to push us off a cliffLike “SBOMs will solve everything,” there is a regular cry to reform software liability, specifically in...
Gitpod flaw shows cloud-based development environments need security assessments
Gitpod flaw shows cloud-based development environments need security assessmentsResearchers from cloud security firm Snyk recently discovered a vulnerability that would have allowed attackers to perform full...
White House releases an ambitious National Cybersecurity Strategy
White House releases an ambitious National Cybersecurity StrategyThe White House released its long-anticipated National Cybersecurity Strategy, a comprehensive document that offers fundamental changes in how the...
6 reasons why your anti-phishing strategy isn’t working
6 reasons why your anti-phishing strategy isn’t workingPhishing attempts are typically like fishing in a barrel — given enough time, a bad actor is 100% likely...
Blackbaud penalized $3M for not disclosing the full scope of ransomware attack
Blackbaud penalized $3M for not disclosing the full scope of ransomware attackSoftware firm Blackbaud has agreed to pay a $3 million penalty for failing to disclose...
Dark Pink APT group linked to new KamiKakaBot attacks in Southeast Asia
Dark Pink APT group linked to new KamiKakaBot attacks in Southeast AsiaThe recently identified Dark Pink advanced persistent threat (APT) group is likely behind a fresh...
5 signs you’ve fallen for a scam – and what to do next
5 signs you’ve fallen for a scam – and what to do nextHere’s how to know you have fallen victim to a scam – and what...
Blackbaud Settles $3m Charge Over Ransomware Attack
Blackbaud Settles $3m Charge Over Ransomware AttackSEC claims company filed misleading disclosuresRead MoreSEC claims company filed misleading disclosures
Investment Fraud is Now Biggest Cybercrime Earner
Investment Fraud is Now Biggest Cybercrime EarnerCategory surged 127% year-on-year, says FBIRead MoreCategory surged 127% year-on-year, says FBI
Final Three Sentenced in £70m Money Laundering Case
Final Three Sentenced in £70m Money Laundering CaseLondon-based group also illegally obtained COVID relief fundsRead MoreLondon-based group also illegally obtained COVID relief funds
Unlocking the Benefits and Trade-Offs of Agentless Cloud Security
Unlocking the Benefits and Trade-Offs of Agentless Cloud SecurityAgentless cloud security solutions were among the most talked-about topics during the Cloud & Cyber Security Expo, set...
Infostealers Spread Via AI-Generated YouTube Videos
Infostealers Spread Via AI-Generated YouTube VideosInfostealers observed to be delivered via these videos included Vidar, RedLine and RaccoonRead MoreInfostealers observed to be delivered via these videos...
Dark Pink APT Group Deploys KamiKakaBot Against South Asian Entities
Dark Pink APT Group Deploys KamiKakaBot Against South Asian EntitiesThe relationship between Europe and ASEAN countries is being exploited with social engineering luresRead MoreThe relationship between...
Remote Code Execution and Camera Access Flaws Found in Smart Intercoms
Remote Code Execution and Camera Access Flaws Found in Smart Intercoms13 vulnerabilities were found in the E11 smart intercom devices by Chinese manufacturer AkuvoxRead More13 vulnerabilities...
The risk of pasting confidential company data into ChatGPT
The risk of pasting confidential company data into ChatGPTExperts warn that employees are providing sensitive corporate data to the popular artificial intelligence chatbot model ChatGPT. Researchers...