- — 2 Lenses for Examining the Safety of Open Source Software
- Improving the security of open source repositories and keeping malicious components out requires a combination of technology and people.
- — 130K+ Patients' Social Security Numbers Leaked in UHS of Delaware Data Breach
- No more information available.
- — Tesla Whistleblower Leaks 100GB of Data, Revealing Safety Complaints
- Informants have released data that includes thousands of safety complaints the company has received about its self-driving capability, as well as sensitive information regarding current and past employees.
- — Travel-Themed Phishing, BEC Campaigns Get Smarter as Summer Season Arrives
- Phishing campaigns targeting travelers have evolved from simple, easy-to-spot fraud attempts to highly sophisticated operations.
- — How Safe Is Your Wearable Device?
- To mitigate risk, both developers and users must include security principles and technologies as core foundations in new devices.
- — Russia's War in Ukraine Shows Cyberattacks Can Be War Crimes
- Ukraine's head of cybersecurity Victor Zhora says the world needs "efficient legal instruments to confront cyber terrorism."
- — 'Volt Typhoon' Breaks Fresh Ground for China-Backed Cyber Campaigns
- This is the first incident where a threat actor from the country appears to be laying the groundwork for disruptive attacks in the future, researchers say.
- — Red Hat Tackles Software Supply Chain Security
- The new Red Hat Trusted Software Supply Chain services help developers take a secure-by-design approach to build, deploy, and monitor software.
- — CosmicEnergy Malware Emerges, Capable of Electric Grid Shutdown
- Russian code that could tamper with industrial machines and toggle RTUs on and off was floating around VirusTotal for years before being noticed. It raises new questions about the state of OT security.
- — Lazarus Group Striking Vulnerable Windows IIS Web Servers
- The infamous North Korean APT group is using Log4Shell, the 3CX supply chain attack, and other known vectors to breach Microsoft Web servers.
- — Netflix's Password-Sharing Ban Offers Security Upsides
- The streaming giant is looking to bolster flagging subscription growth and profits, but security researchers say the move offers a perfect opportunity to encourage better password hygiene and account safety.
- — Perception Point Report Finds That Advanced Phishing Attacks Grew by 356% in 2022
- Perception Point's 2023 Annual Report: Cybersecurity Trends & Insights' analyzes the most prevalent cyberattack trends amidst today's complex threat landscape, identifying an overall increase of 87% in the total number of attacks over the course of last year.
- — Memcyco Delivers Real-Time Brandjacking Detection and Protection Solution
- No more information available.
- — Bank of Ghana Opens SOC to Enable Threat Intelligence Sharing
- Bank of Ghana's security operations center will boost visibility into threats and enable threat intelligence sharing, it says.
- — 'Operation Magalenha' Attacks Give a Window Into Brazil's Cybercrime Ecosystem
- A campaign against customers of Portuguese banks uses a capable financial malware strain dubbed PeepingTitle, written in the Delphi programming language.
- — 'Operation Magalenha' Attacks Gives Window Into Brazil's Cybercrime Ecosystem
- A campaign against customers of Portuguese banks uses a capable financial malware strain dubbed PeepingTitle, written in the Delphi programming language.
- — Google Cloud Bug Allows Server Takeover From CloudSQL Service
- Researchers could access sensitive data and steal secrets by exploiting a vulnerability in GCP's security layer, eventually running rampant in the environment.
- — Dangerous Regions: Isolating Branch Offices in High-Risk Countries
- Organizations must be cautious about how they interact with other regions around the world in order to operate safely in an at-times adversarial landscape.
- — CISO Criminalization, Vague Cyber Disclosure Rules Create Angst for Security Teams
- in the wake of the ex-Uber CISO verdict, CISOs ask for clearer rules and less uncertainty in managing disclosures, amid jail-time fears.
- — 'Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs
- According to Microsoft and researchers, the state-sponsored threat actor could very well be setting up a contingency plan for disruptive attacks on the US in the wake of an armed conflict in the South China Sea.
- — Honeywell Releases Cyber Insights to Better Identify Cybersecurity Threats and Vulnerabilities
- The new software-led solution enables organizations to defend against cybersecurity threats in their operational technology (OT) environments.
- — Israeli Shipping, Logistics Companies Targeted in Watering Hole Attacks
- Researchers say the Iranian nation-state actor known as Tortoiseshell could be behind the attacks.
- — 5 Questions to Ask When Evaluating a New Cybersecurity Technology
- Any new cybersecurity technology should be not just a neutral addition to a security stack but a benefit to the other technologies or people managing them.
As of 5/28/23 6:50pm. Last new 5/26/23 2:53pm.
- Next feed in category: Tech News World