Securing the Cloud

WTH? DPRK WFH Ransomware Redux: 3rd Person Charged

Richi Jennings | August 13, 2024 | Andrew M., DPRK, Korea, Korean military, Korean ransomware, Matthew Isaac Knoot, North Korea, North Korean Hacking, North Korean Threat Actors, northkorea, Noth Korea, SB Blogwatch

North Korean army of remote IT workers enabled by Matthew Isaac Knoot, alleges DoJ ...

Security Boulevard

Student Devices Wiped — Mobile Guardian Hacked AGAIN

Richi Jennings | August 7, 2024 | Blackmail, cybersecurity education, Cybersecurity in education, DevOps Education, DevSecOps Education, MDM, Mobile Device Management (MDM), Mobile Guardian, Ransomware, SB Blogwatch, singapore

Hackers ate my homework: MDM software for schools is breached for second time this year—13,000 devices wiped in Singapore alone ...

Security Boulevard

TikTok Abuses Kids, say DoJ and FTC

Richi Jennings | August 5, 2024 | Bytedance, children, Children and smartphones, Children's Online Privacy Protection Act (COPPA), china, chinese government, Coppa, Privacy, SB Blogwatch, , spyware, TikTok, TikTok Ban, Won’t somebody think of the children?

For You Plague: U.S. Justice Dept. and Federal Trade Commission file lawsuit, alleging TikTok broke the COPPA law, plus a previous injunction ...

Security Boulevard

Prisoner Swap: Huge Russian Hackers Freed — Seleznev and Klyushin

Richi Jennings | August 2, 2024 | cyber attacks russia, Putin, Roman Seleznev, Russia, russia hacker, russia-based, Russian hacker, Russian hackers, Russian hacking, SB Blogwatch, Vladimir Putin, Vladislav Klyushin

Pragmatic politics: Anger as Putin gets back two notorious cybercriminals ...

Security Boulevard

WTH? Google Auth Bug Lets Hackers Login as You

Richi Jennings | July 29, 2024 | G Suite, Google Apps, Google Apps for Work, Google Workspace, OAuth, oauth 2.0, oauth abuse, Oauth Application Abuse, SB Blogwatch, securing oauth

G Suite Sours: Domain owners flummoxed as strangers get Google for their domains ...

Security Boulevard

severity, Tenable, application security, vulnerabilities, software, vulnerabilities, issues, servers, vulnerability, Linux, vulnerability management, risk-based, vulnerabilities third-party supply chain Okta endpoint security

Networking Equipment Riddled With Software Supply Chain Risks

Nathan Eddy | July 26, 2024 | CVE, IT network, IT Security, networking, router, SBOM, supply chain security, switch, vulnerability

Outdated software components often contain vulnerabilities that have been discovered and are well-understood by threat actors ...

Security Boulevard

EFF Angry as Google Keeps 3rd-Party Cookies in Chrome

Regulatory capture by stealth? Google changes its mind about third-party tracking cookies—we’re stuck with them for the foreseeable ...

Security Boulevard

A still from the 1928 animated short, “Steamboat Willie”—the first appearance of Mickey Mouse

Disney 1.2 TB Slack Hack: NullBulge Claims Leak is its Own

Richi Jennings | July 17, 2024 | Disney, hacktivism, Hacktivist, Hacktivists, hacktivity, NullBulge, SB Blogwatch, slack, Slack breach

Steamboat bloat: Hacktivist group wields infostealer Trojan, leaks 1,200 GB of mouse droppings ...

Security Boulevard

Squarespace Hacked — DeFi Wallets Drained (Imaginary Money Stolen)

Richi Jennings | July 16, 2024 | API exploit, blockchain, Crypto, cryptocurrencies, cryptocurrency, cryptocurrency exchange, DeFi, domain hijacking, Google Domains, imaginary money, Ponzi scheme, SB Blogwatch, smart contract, Smart Contract Security, smart contracts, Squarespace, Web3

DeFAIL: Cryptocurrency fans lose their worthless tokens via phishing attacks on decentralized finance sites ...

Security Boulevard

AT&T Says 110M Customers’ Data Leaked — Yep, it’s Snowflake Again

Should’ve used MFA: $T loses yet more customer data—this time, from almost all of them ...

Security Boulevard

Securing the Cloud

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On