Tag: Featured

September 21, 2023

Days after a miscreant boasted leaking a 3GB-plus database from TransUnion containing financial information on 58,505 people, the credit-checking agency has claimed the info was actually swiped from a third party. On Sunday, a thief using the handle USDoD shared […]

September 19, 2023

The Clorox Company, makers of bleach and other household cleaning products, doesn’t expect operations to return to normal until near month end as it combs over “widescale disruption to operations” caused by cyber baddies. The $2 billion turnover biz, whose […]

September 18, 2023

As cloud native computing continues to gain popularity, so does the risk posed by criminals seeking to exploit the unwary. One newly spotted method targets services on the AWS platform, but not necessarily the ones you might think. Researchers from […]

September 18, 2023

Last October, Pennsylvania State University (Penn State) was sued by a former chief information officer for allegedly falsifying government security compliance reports. The lawsuit, recently unsealed, is a qui tam complaint (in Latin “who as well,”) meaning it was filed […]

September 18, 2023

The U.S. Internal Revenue Service (IRS) is entrusted with the vital responsibility of safeguarding sensitive taxpayer information. Recent incidents of potential unauthorized access to or disclosure of this data have raised concerns and prompted a thorough review by the Government […]

September 14, 2023

Lacework and Snowflake announced an expanded partnership that advances the future of cloud infrastructure and further automates cloud security at scale. The extended partnership empowers security teams with direct access to their Lacework cloud security data through Snowflake’s secure data […]

September 14, 2023

Viavi Solutions announced the availability of NITRO AIOps on Google Cloud, creating an innovative solution that leverages VIAVI network analytics solutions and Google Cloud’s native service capabilities. The collaboration aims to address critical challenges faced by Communication Service Providers (CSPs) […]

September 12, 2023

CTERA unveiled CTERA Vault, Write Once, Read Many (WORM) protection technology which provides regulatory compliant storage for the CTERA Enterprise Files Services Platform. CTERA Vault aids enterprises in guaranteeing the preservation and tamperproofing of their data, while also ensuring compliance […]

September 12, 2023

Wing Security has partnered with Drata to integrate SaaS security controls, robust insights, and automation in order to streamline and expedite user access reviews and vendor risk assessments for compliance frameworks and standards such as SOC 2 and ISO 27001. […]

September 12, 2023

With ‘iShield Archive’, Swissbit introduces a new microSD card designed for encryption and access protection of video and image records, expanding the Swissbit iShield product line for plug-and-play security solutions. The card is intended particularly for manufacturers and users for […]

September 7, 2023

Microsoft on Wednesday revealed that a China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forge tokens and access Outlook by compromising an engineer’s corporate account. This enabled the adversary to access a debugging environment that […]

September 7, 2023

By the end of 2024, the number of MSPs and MSSPs offering vCISO services is expected to grow by almost 5 fold, as can be seen in figure 1. This incredible surge reflects the growing business demand for specialized cybersecurity […]

September 5, 2023

The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber assaults against corporations and organizations in the southern counterpart. “One characteristic of the attacks identified in 2023 is that there […]

September 5, 2023

Meta has disclosed that it disrupted two of the largest known covert influence operations in the world from China and Russia, blocking thousands of accounts and pages across its platform. “It targeted more than 50 apps, including Facebook, Instagram, X […]

September 5, 2023

Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. “It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a […]

August 29, 2023

Microsoft is warning of an increase in adversary-in-the-middle (AiTM) phishing techniques, which are being propagated as part of the phishing-as-a-service (PhaaS) cybercrime model. In addition to an uptick in AiTM-capable PhaaS platforms, the tech giant noted that existing phishing services […]

August 29, 2023

Unpatched Citrix NetScaler systems exposed to the internet are being targeted by unknown threat actors in what’s suspected to be a ransomware attack. Cybersecurity company Sophos is tracking the activity cluster under the moniker STAC4663. Attack chains involve the exploitation […]

August 28, 2023

Cyber attacks on e-commerce applications are a common trend in 2023 as e-commerce businesses become more omnichannel, they build and deploy increasingly more API interfaces, with threat actors constantly exploring more ways to exploit vulnerabilities. This is why regular testing […]

August 28, 2023

Cybersecurity researchers have discovered a case of privilege escalation associated with a Microsoft Entra ID (formerly Azure Active Directory) application by taking advantage of an abandoned reply URL. “An attacker could leverage this abandoned URL to redirect authorization codes to […]

August 28, 2023

Greater London’s Metropolitan Police have been warned that their information — names, ranks, ID numbers, vetting levels, and photos — was stolen by hackers in a breach that affects 47,000 officers and staff. The hackers broke into the IT systems […]