-
Ofcom Latest MOVEit Victim as Exploit Code Released
PRIVACY PRIVACY UK regulator admits hundreds of employees are impacted Read More
-
Artificial intelligence is coming to Windows: Are your security policy settings ready?
PRIVACY PRIVACY What’s in your Windows security policy? Do you review your settings on an annual basis or more often? Do you provide education and training regarding the topics in the policy? Does it get revised when the impact of an incident showcases that an internal policy violation led to the root cause of the…
-
Historic Zacks Breach Impacts Nearly Nine Million
PRIVACY PRIVACY Stock research firm revealed more recent incident in January Read More
-
US charges two men with Mt. Gox heist, the world’s largest cryptocurrency hack
PRIVACY PRIVACY More than ten years after the hack of the now-defunct Mt. Gox cryptocurrency exchange, the US Department of Justice says it has identified and charged two men it alleges stole customers’ funds and the exchange’s private keys. Read more in my article on the Tripwire State of Security blog. Read More
-
4 Reasons Why Security Awareness Training Is Important
PRIVACY PRIVACY Experts at CIS, the MS- and EI-ISACs, and our member organizations share their thoughts on why security awareness training is important. Read More
-
Business email compromise scams take new dimension with multi-stage attacks
PRIVACY PRIVACY In a campaign that exploits the relationships between different organizations, attackers managed to chain business email compromise (BEC) against four or more organizations jumping from one breached organization to the next by leveraging the relationships between them. The attack, which Microsoft researchers call multi-stage adversary-in-the-middle (AiTM) phishing, started with a compromise at a…
-
Surprise! Staff don’t like receiving phishing tests from their firms that pose as salary increases
PRIVACY PRIVACY UK law firm Knights certainly has an interesting way of keeping its staff happy. Read More
-
To solve the cybersecurity worker gap, forget the job title and search for the skills you need
PRIVACY PRIVACY BlackBerry CISO Arvind Raman looks beyond job titles when he has open positions to fill and instead focuses on the key skills required to do the work. That mindset allows Raman to readily identify and recruit qualified professionals from outside the security field, instead of simply seeking candidates working their way up the…
-
Data Flows Between UK and US to be Simplified Under New Agreement
PRIVACY PRIVACY The ‘data bridge’ is an extension to the Data Privacy Framework agreed between the US and EU last year Read More
-
Cycode’s free CI/CD monitoring tool offers new DevOps visibility
PRIVACY PRIVACY Cycode’s new Cimon monitoring tool for continuous integration and continuous delivery is designed to offer a new level of visibility into the CI/CD process, securing code against data exfiltration and other malicious activity. According to the company’s announcement, Cimon — short for CI Monitor — is a runtime security agent that uses the…