-
Manage and Remediate Cloud Infrastructure Misconfiguration Vulnerabilities with Tenable.cs and HashiCorp Terraform Cloud
PRIVACY PRIVACY Cloud breaches are on the upswing due to preventable misconfigurations. Here’s how you can lower your risk with a new integration between Tenable.cs and Terraform Cloud. Today’s cloud environments are highly dynamic with new updates continuously released into production and workloads scaling up and down based on customer demand. Within minutes cloud engineers…
-
HHS Information Security Program ‘Not Effective’
PRIVACY PRIVACY Office of Inspector General slams department’s security program four years running Read More
-
GitHub to mandate 2FA for all code contributors by 2023
PRIVACY PRIVACY GitHub has announced its largest-ever push toward two-factor authentication (2FA). The world’s leading development platform said it will require all code-contributing users to enroll in 2FA by the end of 2023 to enhance the security of developer accounts and bolster security within the software supply chain. Given the number of developers and enterprises…
-
Instagram Hack Results in $1 Million Loss in NFTs
PRIVACY PRIVACY Imagine – your favorite brand on Instagram just announced a giveaway. You’ll receive a free gift! All you have to do is provide your credit card information. Sounds easy, right? This is a brand you’ve followed and trusted for a while now. You’ve engaged with them and even purchased some of their items.…
-
UK to Place Security Requirements on App Developers and Store Operators
PRIVACY PRIVACY Under the proposals, all app stores would be required to commit to a new code of practice Read More
-
Chinese APT group Winnti stole trade secrets in years-long undetected campaign
PRIVACY PRIVACY Security researchers have uncovered a cyberespionage campaign that has remained largely undetected since 2019 and focused on stealing trade secrets and other intellectual property from technology and manufacturing companies across the world. The campaign uses previously undocumented malware and is attributed to a Chinese state-sponsored APT group known as Winnti. “With years to…
-
New Sophisticated Malware
PRIVACY PRIVACY Mandiant is reporting on a new botnet. The group, which security firm Mandiant is calling UNC3524, has spent the past 18 months burrowing into victims’ networks with unusual stealth. In cases where the group is ejected, it wastes no time reinfecting the victim environment and picking up where things left off. There are…
-
Healthcare and Education Sectors Most Susceptible to Cyber Incidents
PRIVACY PRIVACY ICO’s data revealed a signficant growth in ransomware attacks last year Read More
-
Pro-Ukrainian DoS attack compromises Docker Engine honeypots to target Russian, Belarusian websites
PRIVACY PRIVACY Researchers from cybersecurity vendor CrowdStrike have detected a denial-of-service (DoS) attack compromising Docker Engine honeypots to target Russian and Belarusian websites amid the ongoing Russia-Ukraine war. According to the firm, the honeypots were compromised four times between February 27 and March 1, 2022, with two different Docker images that both share target lists…
-
NCSC Updates Code of Practice for Smart Building Security
PRIVACY PRIVACY New document has been rewritten for the connected era Read More