LastPass WithSecure language Expel BEC Delivering Email Post-Data Breach

More Details of LastPass Breach: Hackers Used Stolen Encryption Key

A breach at LastPass is the gift that keeps on giving—or taking, depending on your perspective. LastPass parent company GoTo raised the alarm this week that, in addition to stealing encrypted backups ...
Security Boulevard
ransomware SaaS Security

New Ransomware Payment Reporting Requirements on Horizon

| | cisa, Compliance, NYDFS, Ransomware
January 9, 2023, was the deadline for financial services companies doing business in New York (including cryptocurrency entities with a Bit license) to comment on new proposed cybersecurity regulations which would mandate, ...
Security Boulevard
Skyhawk SASE security cloud security visibility PwC Survey Finds C-Level Execs Now View Cybersecurity as Biggest Risk

Skyhawk Security Adds Runtime Protection to Cloud Security Portfolio

Skyhawk Security this week added a runtime protection capability to its integrated cloud security portfolio. Skyhawk Security CEO Chen Burshan said the Synthesis Security Platform brings a cloud threat detection and response ...
Security Boulevard
PayPal Visa AI digital payments Security the Price of Convenience in Supply Chain Payments

PayPal Credential Stuffing Attacks Renew Calls for MFA

An internal review confirmed that on December 20, 2022, unauthorized parties could use account holders’ login credentials to access their PayPal accounts. In response to what is being called a credential stuffing ...
Security Boulevard
GAO cyberinsurance Sonrai

CyberInsurance Predictions for 2023

It is difficult to predict with certainty what the top trends in cyberinsurance will be in 2023, as the field is constantly evolving and new developments are emerging all the time. However, ...
Security Boulevard
StackHawk API security APIs Checkmarx access point

The Security Challenges of API Sprawl

When you have a lot of something—of anything—it’s hard to keep track. It could be books, cats, tools in the garage, apps on the phone. And when you can’t keep track, you ...
Security Boulevard
US No-Fly List Leaked via Airline Dev Server by @_nyancrimew

US No-Fly List Leaked via Airline Dev Server by @_nyancrimew

An unsecured Jenkins server contained secret credentials for more than 40 public-cloud storage buckets. In today’s SB Blogwatch, we say hello to our old friend maia arson crimew ...
Security Boulevard
review board CISCO Board Onboard with Security

Orgs Must Prepare for SEC Cybersecurity Requirements Aimed at Boards

Enterprises might want to spend the next few months checking and bolstering their boards’ cybersecurity chops—because by the end of 2023, the Security and Exchange Commission (SEC) is expected to finalize its ...
Security Boulevard
T-Mobile API Breach: Playing the Victim

T-Mobile API Breach: Playing the Victim

I’m not sure what is less surprising, that a big company got hacked or that they are trying to play the victim. The headline is that T-Mobile acknowledged that data on roughly ...
Security Boulevard
T-Mobile’s SIXTH Breach in 5 years: 37M Users’ PII Leaks

T-Mobile’s SIXTH Breach in 5 years: 37M Users’ PII Leaks

The Un-carrier is In-secure, it seems. Un-believable. In-credibly in-competent. CEO Mike Sievert (pictured) might become un-CEO ...
Security Boulevard