Security Operations

E2EE is MIA in iPhone/Android Chat — GSMA Gonna Fix it

Richi Jennings | September 18, 2024 | android, Apple, Apple iOS, Apple iPhone, china, E2EE, end-to-end, end-to-end encryption, google, Great Firewall of China, GSMA, iChat, imessage, ios, iOS 18, iPhone, iphone security, MLS, RCS, RCS protocol, SB Blogwatch, SMS, SMS messages

No More Barf-Green Bubbles? GSM Association is “excited” to bring Apple and Google closer together, but encryption is still lacking ...

Security Boulevard

security, SOC, AI, platform, Fortinet, human, SOC, SMBs, SOCs, SOCs, false positives, SOC

The New Era of SOCs: Simplifying Cybersecurity for SMBs

Ori Arbel | September 17, 2024 | Cybersecurity, EDR, SIEM, smb, SOC

A new wave of all-in-one SOC platforms is consolidating the market, bringing enterprise-grade security solutions within reach of SMBs ...

Security Boulevard

Microsoft Fixes Four 0-Days — One Exploited for SIX YEARS

Richi Jennings | September 11, 2024 | CVE-2024-38014, CVE-2024-38217, CVE-2024-38226, CVE-2024-43491, KB5043083, KB5043936, Mark of the Web, Microsoft, Microsoft Patch Tuesday September 2024, Microsoft Windows, Microsoft Windows Zero Day, Patch Tuesday, SB Blogwatch, Windows, Windows Update

Week B: Bugs begone! This month Redmond fixes 79 security flaws in Windows and other products ...

Security Boulevard

Russian ‘WhisperGate’ Hacks: 5 More Indicted

Eaten by a GRU: Fake ransomware created by Russian GRU Unit 29155 attacked Ukraine and NATO—a month before the full scale invasion ...

Security Boulevard

Yikes, YubiKey Vulnerable — ‘EUCLEAK’ FIDO FAIL?

Richi Jennings | September 4, 2024 | CVE-2024-45678, ECDSA, EUCLEAK, FIDO, FIDO2, Infineon, Passkeys, SB Blogwatch, YSA-2024-03, Yubikey

USB MFA SCA😱: Infineon hardware and software blamed for timing side-channel attack on popular auth tokens ...

Security Boulevard

China Cyberwar Coming? Versa’s Vice: Volt Typhoon’s Target

Richi Jennings | August 28, 2024 | CenturyLink, china, china espionage, China-linked Hackers, China-nexus cyber attacks, China-nexus cyber espionage, CVE-2024-39717, Lumen, Lumen Technologies, Peoples Republic of China, SB Blogwatch, Versa Director, Versa Neworks, VersaMem, Volt Typhoon

Xi whiz: Versa Networks criticized for swerving the blame ...

Security Boulevard

‘Terrorgram’ Telegram Terrorists Trash Transformers — Grid in Peril

Should’ve listened to Edison: After the arrest of Pavel Durov—the Telegram CEO—comes news of domestic extremists using the chat app to organize ...

Security Boulevard

Pig Butchering at Heart of Bank Failure — CEO Gets 24 Years in Jail

Richi Jennings | August 23, 2024 | #PigButchering, Crypto, crypto cons, crypto crime, crypto currency, cryptocurrency, Heartland Tri-State Bank, online romance scam, pig butchering, Pig Butchering Scams, romance, romance fraud, romance scam, romance scammers, romance scams, SB Blogwatch, Shan Hanes

Oink, oink, FAIL—you’re in jail: Kansas bank chief exec Shan Hanes stole money from investors, a church and others to buy cryptocurrency to feed a scam ...

Security Boulevard

The word “Tuesday” in cutout paper letters on a textured background

August Patch Pileup: Microsoft’s Zero-Day Doozy Dump

Richi Jennings | August 14, 2024 | Adobe patch, august patch tuesday, CVE-2024-21302, CVE-2024-38106, CVE-2024-38107, CVE-2024-38178, CVE-2024-38189, CVE-2024-38193, CVE-2024-38199, CVE-2024-38200, CVE-2024-38202, CVE-2024-38213, Microsoft patch tuesday, Microsoft Patch Tuesday August 2024, Patch Tuesday, SB Blogwatch

See These CVEs: Patch Tuesday—ten zero-days, seven Critical vulns, zero time to waste ...

Security Boulevard

WTH? DPRK WFH Ransomware Redux: 3rd Person Charged

Richi Jennings | August 13, 2024 | Andrew M., DPRK, Korea, Korean military, Korean ransomware, Matthew Isaac Knoot, North Korea, North Korean Hacking, North Korean Threat Actors, northkorea, Noth Korea, SB Blogwatch

North Korean army of remote IT workers enabled by Matthew Isaac Knoot, alleges DoJ ...

Security Boulevard

Security Operations

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On