Digital Transformation
PRC State Hacking: ‘Chinese Edward Snowden’ Spills I‑Soon Secrets in Huge Dump of TTPs
Richi Jennings | | APT41, Auxun, Chengdu 404, china, china espionage, Chinese, Chinese Communists, Chinese devices, chinese government, chinese hacker, Chinese hackers, Chinese Threat Actors, Data Stolen By China, Great Firewall of China, hong kong, i-soon, Insider, insider breach, insider risk, iSoon, Peoples Republic of China, SB Blogwatch, Tibet, Uyghur
Underpaid, overworked and angry: Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures ...
Security Boulevard
5 Trends Shaping Cybersecurity Strategy: AI Threats, SASE, ZTNA & XDR
The cybersecurity landscape is challenging, and organizations must evolve defense measures in response to escalating threats ...
Security Boulevard
DoD Email Breach: Pentagon Tells Victims 12 Months Late
Richi Jennings | | Anurag Sen, azure, Azure cloud, Azure Government Cloud, Compliance Automation Platform for FedRAMP, data privacy PII, defense department, Department of Defense, devops in government, DevSecOps in Government, digital government, DoD, email, Federal Government, Federal Government Bids, FedRAMP, fedramp accreditation;, fedramp ato, fedramp certification, fedramp compliance, government, Microsoft Azure, Microsoft Azure Security, Microsoft Exchange, Microsoft Exchange Server, pentagon, pii, PII Leakage, SB Blogwatch, U.S. Department of Defense, United States Department of Defense, US DOD, USDoD, USSOCOM
3TB Email FAIL: Personal info of tens of thousands leaks. Microsoft cloud email server was missing a password ...
Security Boulevard
Innovation With a Security-First Mindset
Olga Lagunova | | collaboration, Cybersecurity, Innovation, IT, Product, product delivery, security, security-first
Prioritizing a robust security-first position does not have to hinder productivity or the ability of teams to achieve business goals ...
Security Boulevard
CFO Deepfake Fools Staff — Fakers Steal $26M via Video
Richi Jennings | | Deep Fake, deepfake, deepfake attacks, Deepfake Satire, Deepfake security threats, Deepfake Technology, deepfake videos, hong kong, SB Blogwatch, Taylor Swift
Bad hoax blood: Spearphish pivots to deepfake Zoom call, leads to swift exit of cash ...
Security Boulevard
Microsoft Ditches C# for Rust: M365 Core Gets Safety and Perf Boosts
C# — Rust in peas: Microsoft 365 “Core Platform Substrate” gets rewrite in Rust language ...
Security Boulevard
‘Extremely serious’ — Mercedes-Benz Leaks Data on GitHub
Richi Jennings | | Compromised Credential, compromised credentials, credential, Credential Compromise, Credential Hunting, credential loss, credential management, Credential Monitoring, Credential Storage, Germany, git, GitHub, GitHub repositories, GitHub repository, GitHub Security Best Practices, Mercedes-Benz, SB Blogwatch
Oh, Lord: My friends all hack Porsches—I must make amends ...
Security Boulevard
‘Mother of all Breaches’ Leaks — 26 BILLION Records from 12TB Open Bucket
Richi Jennings | | account breach, bob diachenko, Breach, MOAB, mother of all breaches, SB Blogwatch
Less MOAB, more NOW: Researchers discover unsecured database of stolen personal information ...
Security Boulevard
NSA iPhone Backdoor? Apple Avoids Russian Blame Game
Richi Jennings | | Apple, back door, backdoor, CVE-2023-32434, CVE-2023-32435, CVE-2023-32439, CVE-2023-38606, CVE-2023-41990, FSB, imessage, ios, iPhone, kaspersky, Kaspersky Lab, Kaspersky Security, nsa, Russia, Russian FSB, SB Blogwatch, spyware, triangulation, Zero Click Attack, Zero-Click Exploit
“No Ordinary Vulnerability” — Operation Triangulation research uncovers new details of fantastic attack chain ...
Security Boulevard
SSH FAIL: Terrapin Attack Smashes ‘Secure’ Shell Spec
Richi Jennings | | Authentication, CBC, ChaCha20, chaves ssh, CVE-2023-48795, libSSH, Man In The Middle, man in the middle attack, man in the middle attacks, mitm, MitM Attack, mitm attack prevention, mitm attacks, openssh, OpenSSH protocol, SB Blogwatch, SSH, Terrapin
Testy Testudine: Lurking vuln in SSH spec means EVERY implementation must build patches ...
Security Boulevard