Hot Topics

Incident Response

Incident Response

a PRC flag flies in a stiff breeze

China Steals Defense Secrets ‘on Industrial Scale’

| | china, china espionage, China-linked Hackers, Chinese, Chinese Communists, chinese government, chinese hacker, Chinese hackers, Chinese Intelligence, Chinese state-sponsored hacking group, Chinese Threat Actors, ConnectWise, ConnectWise Vulnerabilities, CVE-2022-0185, CVE-2022-3052, CVE-2023-22518, CVE-2024-1709, Data Stolen By China, Dawn Calvary, f5, F5 BIG-IP, F5 BIG-IP vulnerability, Genesis Day, gov.uk, Mandiant, MSS, MSS Hackers, Peoples Republic of China, PRC, PRC Espionage, SB Blogwatch, ScreenConnect, Teng Snake, uk, UNC302, UNC5174, Uteus, Xiaoqiying
UNC5174 ❤ UNC302: CVSS 10 and 9.8 vulnerabilities exploited by Chinese threat actor for People’s Republic ...
Security Boulevard
A green worm on a juicy red apple

Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys

| | Apple, apple bug, Apple Data Security, apple hack, apple hacker, Apple iOS, Apple iPad, ARM, cache, dmp, GoFetch, iPad, M1, M2, M3, Macintosh, macos, SB Blogwatch
GoFAIL: Researchers worm their way into broken cache-filling microcode in most Macs and iPads ...
Security Boulevard

Beyond Detection: Enhancing Your Security Posture with Predictive Cyberthreat Insights

| | Blog, endpoint detection and response, Endpoint Protection, Incident Response, security posture, sophos, Sophos X-Ops
The goal of cybersecurity is not just to respond to today’s threats but to anticipate tomorrow’s challenges. I recently had an enlightening conversation with Christopher Budd, Director of Sophos X-Ops Intelligence, to ...
Security Archives | TechSpective
Phishing triage workflow in Smart SOAR

How to Build a Phishing Playbook Part 3: Playbook Development

| | automated response, Cybersecurity, dkim, dmarc, email security, Incident Response, phishing playbook, playbook development, Playbook Editor, Smart SOAR, SOAR, spf, utility commands
Welcome the third part of our series on how to build an automated incident response playbook for phishing threats inside of Smart SOAR. In this part, we will be transferring our rough ...
D3 Security
Public washroom faucets

EPA and White House Raise Alarm on Water Cybersecurity

| | Critical Infrastructure, critical infrastructure assets, critical infrastructure attack, Critical Infrastructure Cyber security, Critical Infrastructure Cybersecurity, Drinking Water, Environmental Protection Agency, EPA, ICS, operational technologies, OT, public water systems, SB Blogwatch, wastewater, water, water distribution systems, Water industry, water infrastructure, White House
Iran and China fingered: Biden admin. chides governors: Water infra. lacks “even basic cybersecurity precautions.” ...
Security Boulevard
ByteDance cCEO Shou Zi Chew

TikTok ‘Ban’ — ByteDance CEO and EFF are BFFs

| | Bytedance, china, chinese government, EFF, Electronic Frontier Foundation, Privacy, SB Blogwatch, Shou Zi Chew, social media, spyware, TikTok, TikTok Ban
7521 momentum builds: Shou Zi Chew plays for time, while Electronic Frontier Foundation says TikTok-kill bill is DOA ...
Security Boulevard
Présidente de France Travail, Alexandre Saubot

French Gov. Leaks 43 Million People’s Data — ‘France Travail’ Says Sorry

| | Alexandre Saubot, Cap emploi, CNIL, cyber attacks on governm, devops in government, DevSecOps in Government, digital government, European Governments, france, France Travail, government, Government & Regulatory News, government agencies, Government Authority, SB Blogwatch
La grande cybermalveillance: French government’s employment agency loses control of citizens’ data after biggest breach in Gallic history ...
Security Boulevard
ransomware health care

HHS to Investigate Change’s Security in Wake of Crippling Cyberattack

| | BlackCat ransomware, Health Care Security, HHS, UnitedHealth
The U.S. Department of Health and Human Services (HHS) is opening an investigation into UnitedHealth and its Change Healthcare subsidiary following a ransomware attack that for three weeks has essentially shut down ...
Security Boulevard
Two stacks of money on top of a white table.

Google Splashes the Cash in Bug Bounty Bonanza: $59 Million to Date

| | alphabet, bounty, bug bounty, bug bounty program, bugbounty, ethical hacker, ethical hackers, ethical hacking, google, SB Blogwatch, Vulnerability Rewards Program (VRP), white hat, white hat hacker, white hat hackers, White Hat Security, White Hats, WhiteHat, whitehat hackers, WhiteHat Security
Wanna be a VRP VIP? Last year, $GOOG paid $10 million to ethical hackers for finding vulnerabilities ...
Security Boulevard
Director of the Cybersecurity and Infrastructure Security Agency, Jen Easterly

Irony of Ironies: CISA Hacked — ‘by China’

| | china, china espionage, Chinese, Chinese Communists, Chinese drive-by attack, chinese government, chinese hacker, Chinese hackers, Chinese state-sponsored hacking group, Chinese Threat Actors, CIRCIA, cisa, CISA.gov, CVE-2023-46805, CVE-2024-21887, CVE-2024-21893, Cyber Security and Infrastructure Security Agency, Cybersecurity & Infrastructure Security Agency, Cybersecurity and Infrastructure Agency, Data Stolen By China, federal agency, Ivanti, Ivanti Connect Secure, Ivanti Policy Secure, Ivanti security, Ivanti Vulnerabilities, Ivanti Zero day vulnerability, Ligolo, Magnet Goblin, NerbianRAT, NSA/CISA, Peoples Republic of China, SB Blogwatch, Volt Typhoon, WARPWIRE
Free rides and traffic jams: U.S. Cybersecurity and Infrastructure Security Agency penetrated in February, via vuln in Ivanti ...
Security Boulevard
Load more

Secure Guardrails