Hot Topics

Cloud Security

cloud security, cloud, cloud environment, data privacy, data protection, cloud security teams, security, cloud-native, Palo Alto Dell zero trust Network Security multi-cloud zero-trustQualys multi-cloud Wi-Fi 6 access point zero-trust cloud security remote data protection

Securing the Future: Navigating the Complexities of Cloud Security

| | AI solutions, Cloud, Cloud Security, Phishing
Cloud environments are complex, and can create a difficult territory for security and IT teams to monitor and comprehend ...
Security Boulevard
supply chain, SBOM, cybersecurity, SLSA organizations third party attacks supply chain supply chain ransomware The Kill Chain Model

Complex Supply Chain Attack Targets GitHub Developers

| | developers, GitHub, software supply chain attack
Unidentified threat actors used multiple tactics to launch a sophisticated software supply-chain campaign targeting developers on the GitHub platform, including members of the popular Top.gg community that includes more than 170,000 members ...
Security Boulevard
Scary skeletons

Telegram Privacy Nightmare: Don’t Opt In to P2PL

| | 2-step verification, 2fa, 2FA apps, 2FA bypass, 2FA Flaws, 2FA/MFA, Access control and Identity Management, Cloud MFA, digital identity verification, iam, ID verification, MFA, , mfasecurity, Multi-Factor Authentication (MFA), P2P, SB Blogwatch, SMS, SMS messages, SMS Toll Fraud, Telegram, Telegram app, two-factor-authentication.2fa, Verify 2FA
Scary SMS shenanigans: Avoid Telegram’s new “Peer-To-Peer Login” program if you value your privacy or your cellular service ...
Security Boulevard
China cyberespionage

US, UK Accuse China of Years-Long Cyberespionage Campaign

| | china espionage, Department of Justice (DOJ), UK cybersecurity
The United States, the UK, and other countries this week accused a state-sponsored Chinese threat group of running a massive global hacking campaign for more than a decade that targeted political figures, ...
Security Boulevard
a PRC flag flies in a stiff breeze

China Steals Defense Secrets ‘on Industrial Scale’

| | china, china espionage, China-linked Hackers, Chinese, Chinese Communists, chinese government, chinese hacker, Chinese hackers, Chinese Intelligence, Chinese state-sponsored hacking group, Chinese Threat Actors, ConnectWise, ConnectWise Vulnerabilities, CVE-2022-0185, CVE-2022-3052, CVE-2023-22518, CVE-2024-1709, Data Stolen By China, Dawn Calvary, f5, F5 BIG-IP, F5 BIG-IP vulnerability, Genesis Day, gov.uk, Mandiant, MSS, MSS Hackers, Peoples Republic of China, PRC, PRC Espionage, SB Blogwatch, ScreenConnect, Teng Snake, uk, UNC302, UNC5174, Uteus, Xiaoqiying
UNC5174 ❤ UNC302: CVSS 10 and 9.8 vulnerabilities exploited by Chinese threat actor for People’s Republic ...
Security Boulevard
Tax season scams

Tax Scams Ramping Up as the April 15 Deadline Approaches

| | IRS, MalwareBytes, Microsoft, Phishing Tax Scams to Lookout For
With the IRS deadline only weeks away, businesses and individuals are racing to get their taxes filed, and bad actors are doing what they can to keep pace with them. Both Microsoft ...
Security Boulevard

Top Ten NSA and CISA Cloud Security Strategies

| | advice, Best Practices, Cloud, Cybersecurity, Kubernetes Security, microsegmentation, next gen security, security, Security Research, TrueFort, zero trust
NSA and CISA release a  joint guide outlining ten pivotal cloud security strategies for enterprise In a business world dominated by cloud-based solutions, robust cloud security strategies for cloud environments have never ...
TrueFort

Kubernetes RCE Vulnerability Allows Remote Code Execution

| | Akamai, command injection, CVE-2023-5528, CVSS score, Cybersecurity Mitigation, Cybersecurity News, Cybersecurity Vulnerabilities, Kubernetes, Kubernetes Clusters, Kubernetes Exploits, Kubernetes Security, Remote Code Execution (RCE), Tomer Peled, vulnerability discovery, Windows security, YAML Files
Tomer Peled, an Akamai cybersecurity security researcher, recently discovered a Kubernetes RCE vulnerability that allows threat actors to remotely execute code on Windows endpoints. Not only this but the threat actors can ...
TuxCare

Alyssa Miller: Charting the Course Through InfoSec and Aviation

| | Alyssa Miller, aviation, Business, career, CISO, Cloud, Cloud Security, conference, Cyber Security, Cybersecurity, Cybersecurity Industry, Data Privacy, Digital Privacy, Episodes, hacker, HR, Information Security, Infosec, jobs, Pilot, Podcast, Podcasts, Privacy, recruiting, security, technology, Weekly Edition
In this episode, special guest Alyssa Miller joins the hosts for an insightful and entertaining conversation covering a broad range of topics from social engineering anecdotes involving Kevin Johnson to Alyssa’s journey ...
Shared Security Podcast
AppSec, AI, API app Google application security AppSec

Application Security for Dummies: The Only Way Forward

| | Application Security, Cybersecurity, Security Usability, User-Friendly Security, ux-design
To improve application security, we must make security so stupid that anyone can do it, and that applies up and down the stack ...
Security Boulevard
Load more