PRIVACY PRIVACY This blog was written by an independent guest blogger. The hybrid working model is the new norm due to its effectiveness and the productivity it offers. However, it does pose significant drawbacks to an organization’s network security, making it vulnerable to several cyber-attacks such as credential harvesting. Credential harvesting is an approach hackers…

Read More

PRIVACY PRIVACY Every time a user opens an app on their device, it seems they are being asked to provide both information necessary to engage with the app and far too often additional information that falls into the nice-to-have or marketing niche. Having CISOs participating in the discussions on what data is necessary for an…

Read More

PRIVACY PRIVACY As numerous data compliance laws proliferate across the globe, security professionals have become too focused on checking their requirements boxes when they should be focused on reducing risk. Can the two work harmoniously together? The answer depends on how effectively IT security leaders can work with their auditors and speak to their boards,…

Read More

PRIVACY PRIVACY Over 11,000 fake domains used in major campaign Read More

Read More

PRIVACY PRIVACY Short article on the evolution of the vampire squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Read More

Read More

PRIVACY PRIVACY The 911 service as it existed until July 28, 2022. 911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business operations. The…

Read More

PRIVACY PRIVACY The law is designed to make it easier for the US to respond to ransomware attacks from foreign adversaries Read More

Read More

PRIVACY PRIVACY The US Cybersecurity and Infrastructure Security Agency (CISA) has been investigating attacks exploiting the Log4Shell vulnerability in third-party products like VMware Horizon and Unified Access Gateway (UAG). The agency published indicators of compromise (IOCs) collected from incidents it investigated as recently as June, highlighting the long-lasting impact of this vulnerability that’s over six…

Read More

PRIVACY PRIVACY A cyber-attack on the US justice system has compromised a public document management system, lawmakers revealed this week Read More

Read More

PRIVACY PRIVACY Cyberthreat intelligence company Flashpoint said in a report issued this week that it detected a total of 11,860 vulnerabilities in the first half of 2022, with almost a third of them missed or not detailed by the public MITRE CVE (Common Vulnerabilities and Exposures) database. The report, “State of Vulnerability Intelligence,” includes disclosures—security…

Read More