-
Hacking forum hacked, user database leaked online
PRIVACY PRIVACY RaidForums, the notorious hacking and data leak forum seized and shut down by the authorities back in April 2022, is – perhaps surprisingly – at the centre of another cybersecurity breach. Read More
-
New “Migraine” Flaw Enables Attackers to Bypass MacOS Security
PRIVACY PRIVACY Discovered by Microsoft and dubbed “Migraine,” the flaw was disclosed to Apple and patched Read More
-
SpinOk Trojan Compromises 421 Million Android Devices
PRIVACY PRIVACY The Doctor Web team unveiled information about the malware in an advisory published on Monday Read More
-
IDSA: Only 49% of Firms Invest in Identity Protection Before Incidents
PRIVACY PRIVACY Just 29% take action after having already experienced a security incident Read More
-
CIS Controls Ambassador Spotlight: Alan Watkins
PRIVACY PRIVACY Alan Watkins has done a lot to support cyber defense as an ambassador and volunteer in the CIS Controls Community. Hear his story. Read More
-
CIS Controls Ambassador Spotlight: Alan Watkins
PRIVACY PRIVACY Alan Watkins has done a lot to support cyber defense as an ambassador and volunteer in the CIS Controls Community. Hear his story. Read More
-
Chinese Hacking of US Critical Infrastructure
PRIVACY PRIVACY Everyone is writing about an interagency and international report on Chinese hacking of US critical infrastructure. Lots of interesting details about how the group, called Volt Typhoon, accesses target networks and evades detection. Read More
-
CIS Controls Community Volunteer Spotlight: Greg Carpenter
PRIVACY PRIVACY Greg Carpenter has done a lot to support effective security controls for cyber defense as a volunteer of the CIS Controls Community. Hear his story. Read More
-
SAS Airlines hit by $3 million ransom demand following DDoS attacks
PRIVACY PRIVACY Scandinavian Airlines (SAS) has received a US $3 million ransom demand following a prolonged campaign of distributed denial-of-service (DDoS) attacks against its online services. Read more in my article on the Hot for Security blog. Read More
-
Inactive, unmaintained Salesforce sites vulnerable to threat actors
PRIVACY PRIVACY Improperly deactivated and unmaintained Salesforce sites are vulnerable to threat actors who can gain access to sensitive business data and personally identifiable information (PII) by simply changing the host header. That’s according to new research from Varonis Threat Labs, which explores the threats posed by Salesforce “ghost sites” that are no longer needed,…