3 Trends from Verizon’s 2022 Data Breach Investigations Report

| | Breach
The Verizon Data Breach Investigations Report is essentially infosec’s report card.  It comes out right before summer vacation and gives us an ~120 page snapshot of the state of security.  The findings, ...
Analyzing the Samsung Hack - Thousands of credentials / secrets exposed

Removing Secrets From Your Source Code

| | Breach, Coding, security
This article explains how to keep your software repositories free of passwords, tokens, and private keys. The post Removing Secrets From Your Source Code appeared first on Rainbow and Unicorn ...
Okta Breach Mitigation and Updates

Okta Breach Mitigation and Updates

According to reports, authentication and Identity and Access Management (IAM) solutions provider Okta was breached by the Lapsus$ hacking group... The post Okta Breach Mitigation and Updates appeared first on Authomize ...
policy-as-code SecOps GitLab security policy operational resilience SOC certificate DevSecOps: Beyond Manual Policy Implementation

Cybersecurity and Operational Resilience in 2022

2021 was a record year for headline-making cyberattacks. A Chicago-based insurance firm, CNA Financial, paid a $40 million ransom to recover their data; not to mention the attack on Kaseya in which the ...
Security Boulevard

Containment, Communication, and Remediation: The 3 Keys to a Breach Response

The number of U.S. data breaches reported in 2021 increased dramatically over the preceding year. As reported by the Identity Theft Resource Center (ITRC), there were 1,291 data breaches between January 1, ...
Taking Forensic Disk Images from the OVH Cloud

Taking Forensic Disk Images from the OVH Cloud

| | Breach, csu, DFIR, forensics
This article explains how a disk image can be taken from a virtual machine running on the public cloud. The acquired disk image can then be used with offline forensic tools like ...
Log4Shell Log4j U.S. cyber games fileless malware

Log4Shell – The API Security Challenge

Last week’s Log4Shell vulnerability is a dramatic example of how modern applications, interconnected services and pervasive APIs can create substantial security challenges. As a security researcher who has spent years looking at ...
Security Boulevard
Newspaper Icon with News Title - Red Arrow on a Grey Background. Mass Media Concept.

Bitglass Security Spotlight: REvil Group Taken Offline by Feds, Attacker Activities, and a VPN Company Exposes Data

Here are the top security stories from recent weeks:  REvil Ransomware Gang Taken Offline (Again) by FBI DarkSide Moves to Cash Out $7 million in Bitcoin Acer Confirms Second Cyberattack Within a ...
Newspaper Icon with News Title - Red Arrow on a Grey Background. Mass Media Concept.

Bitglass Security Spotlight: Large Data Leaks, New COVID-19 Scams, and Fast Ransomware Attacks

Here are the top security stories from recent weeks:  Twitch Leak Exposes Personal Data Cox Media Group Confirms Ransomware Attack Xgroup Attackers Offer to Hack EU Hospitals in COVID-19 Vaccine Scam New ...
Why the recent Twitch breach means much more than “just” leaked source code

Why the recent Twitch breach means much more than “just” leaked source code

Amazon-owned Twitch, a massively popular video streaming service, was recently breached by hackers who leaked a massive pile of source code, data, unreleased products, payout reports, The post Why the recent Twitch ...