-
Securing Open-Source Software
PRIVACY PRIVACY Good essay arguing that open-source software is a critical national-security asset and needs to be treated as such: Open source is at least as important to the economy, public services, and national security as proprietary code, but it lacks the same standards and safeguards. It bears the qualities of a public good and…
-
GitGuardian launches ggcanary project to help detect open-source software risks
PRIVACY PRIVACY Code security platform provider GitGuardian has announced the launch of a new open-source canary tokens project to help organizations detect compromised developer and DevOps environments. According to the firm, security teams can use GitGuardian Canary Tokens (ggcanary) to create and deploy canary tokens in the form of Amazon Web Services (AWS) secrets to…
-
Sophisticated UEFI rootkit of Chinese origin shows up again in the wild after 3 years
PRIVACY PRIVACY A sophisticated rootkit that’s able to insert itself into the lowest levels of Windows computers — the motherboard firmware — has been making victims since 2020 after disappearing from the radar for around three years. The rootkit, dubbed CosmicStrand by researchers from Kaspersky Lab, is stealthy and highly persistent since its code is…
-
AT&T Cybersecurity Insights Report: A Focus on Manufacturing
PRIVACY PRIVACY During the pandemic, many forward-thinking manufacturers took shifts in consumer demands and in-person work patterns as an opportunity to modernize their factory floors and operational infrastructure. Now as supply chain challenges and inflationary forces come to the fore, the entire industry will be called to continue their innovative investments to make manufacturing processes…
-
US Doubles Reward for Info on North Korean Hackers
PRIVACY PRIVACY State Department hopes financial inducement will unmask threat actors Read More
-
No More Ransom Has Helped Over 1.5m Victims
PRIVACY PRIVACY European initiative celebrates sixth birthday Read More
-
Best practices for recovering a Microsoft network after an incident
PRIVACY PRIVACY Whenever I am dealing with cloud services or remote consultants, the one thing that gives me the greatest pause is keeping track of and protecting credentials. Doing so requires multiple backups, cloud resources, and tested backup and recovery processes. We have our normal password management processes, password storage tools, and encryption processes. Then…
-
5 trends making cybersecurity threats riskier and more expensive
PRIVACY PRIVACY Since the pandemic the cyber world has become a far riskier place. According to the Hiscox Cyber Readiness Report 2022, almost half (48%) of organizations across the U.S. and Europe experienced a cyberattack in the past 12 months. Even more alarming is that these attacks are happening despite businesses doubling down on their…
-
Data Breach Costs Reach New Record High
PRIVACY PRIVACY Most impacted companies raise product prices following incident Read More
-
A Retrospective on the 2015 Ashley Madison Breach
PRIVACY PRIVACY It’s been seven years since the online cheating site AshleyMadison.com was hacked and highly sensitive data about its users posted online. The leak led to the public shaming and extortion of many Ashley Madison users, and to at least two suicides. To date, little is publicly known about the perpetrators or the true…