Security

Security | Dec 31, 2024

US Treasury breached after BeyondTrust API key leaked

CVSS 9.8 pre-auth RCE vulnerability also identified in post-incident investigation...

| Security | Dec 29, 2024

Backdoors and all-powerful admins: Telcos plead a clean bill of health after Salt Typhoon purge, but...

"We still see companies not doing the basics” bewail officials, as official CALDEA backdoor breach details remain thin

Security | Dec 17, 2024

CISA asks for feedback on revised IR plan, as Trump demands more aggressive cyber stance

Washington DC - all set for cyber change

Either way, expect a volatile cyber realm in 2025

Security | Dec 16, 2024

BlackBerry exits EDR with Cylance sale - holds onto secure comms tools

SecuSUITE not included in sale...

Security | Dec 12, 2024

From CISO to CTrO: Rise of the Chief Trust Officer

George Gerchow, Head of Trust at MongoDB

“The shared responsibility model isn't working. It should be about shared action."

Security | Dec 11, 2024

Legacy SS7 protocol puts telco security in the spotlight

“They used to tell me, no, this is bullshit. People are not compromising telecom networks in order to get intelligence. We had to actually show, here is my exploit.”

Security | Dec 11, 2024

Microsoft reports 1020 CVEs: Adds new CLFS zero day to the mix

"Exploitation leads to SYSTEM privileges, and if this all sounds familiar, it should..."

Security | Dec 10, 2024

Cleo file transfer software being exploited at scale as patch fails

Attackers are not just exfiltrating files but establishing persistence on endpoints and have been “observed enumerating potential Active Directory assets with domain reconnaissance tools"

cybersecurity | Dec 09, 2024

DataDog releases a free “firewall”

Not for your network, but your OSS packages...

document.currentScript.parentNode.innerHTML = (parseInt(document.currentScript.closest('.iteration-container').dataset.length)).toString();