-
The Dark Nexus Between Harm Groups and ‘The Com’
A cyberattack that shut down two of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. But that made-for-Hollywood narrative has…
-
Microsoft Vows to Prevent Future CrowdStrike-Like Outages
Microsoft will introduce new security capabilities for solution providers outside of kernel mode, preventing events like the CrowdStrike global outage Read More
-
Irish Data Protection Regulator to Investigate Google AI
Ireland’s Data Protection Commission launches inquiry into whether Google followed GDPR rules over AI model training Read More
-
WordPress plugin and theme developers told they must use 2FA
Starting October 1, WordPress plugin and theme developers must enable 2FA. This move aims to boost security and help prevent supply-chain attacks from targeting millions of websites. Read more in my article on the Tripwire State of Security blog. Read More
-
Microsoft Is Adding New Cryptography Algorithms
Microsoft is updating SymCrypt, its core cryptographic library, with new quantum-secure algorithms. Microsoft’s details are here. From a news article: The first new algorithm Microsoft added to SymCrypt is called ML-KEM. Previously known as CRYSTALS-Kyber, ML-KEM is one of three post-quantum standards formalized last month by the National Institute of Standards and Technology (NIST). The…
-
Schools Face Million-Dollar Bills as Ransomware Rises
Ransomware gangs are targeting schools and higher education, with victims facing soaring ransom and recovery costs Read More
-
TfL Confirms Customer Data Breach, 17-Year-Old Suspect Arrested
TfL has revealed that some customer data was accessed in a recent cyber-attack, potentially including the bank details of 5000 people Read More
-
Mastercard Acquires Global Threat Intelligence Firm Recorded Future for $2.65bn
Mastercard aims to strengthen its cybersecurity capabilities by acquiring Recorded Future, a leading provider of threat intelligence Read More
-
Lazarus Group Targets Developers in Fresh VMConnect Campaign
Lazarus Group has been observed impersonating Capital One staff to lure developers into downloading malware on open source repositories Read More
-
How to Integrate CSPM into Your Clients’ IaaS Strategy
Want to protect your clients against breaches in the cloud? Learn how the CIS Hardened Images can help your clients take a comprehensive approach to CSPM. Read More