Huge Leak of Customer Data Includes Military Personnel Info
EnamelPins, which manufactures and sells medals, pins, and other emblematic accessories, for months left open an Elasticsearch instance that exposed 300,000 customer emails, including 2,500 from military and government personnel. The company, based in California, also has links to China, Cybernews researchers wrote ... Read More
The Cyberthreats from China are Ongoing: U.S. Officials
U.S. officials are pushing back at the ongoing threats posted by Chinese state-sponsored hackers like Volt Typhoon and Salt Typhoon, which have infiltrated critical infrastructure organizations to steal information and preposition themselves in case of a conflict breaking out between the two countries ... Read More
Nile Releases Zero Trust-as-a-Service Aimed at Delivering Ransomware Protection Natively Without Operational Headaches
Nile is working to make Local Area Network (LAN) invulnerable by design; its latest effort to stop ransomware and lateral movement attacks. The networking-as-a-service vendor, on Thursday, announced the launch of Nile Trust Service, an add-on solution that it said will end the need to deploy a medley of localized ... Read More
U.S. Agencies Seize Four North Korean IT Worker Scam Websites
Jeffrey Burt | | china espionage, Department of Justice (DOJ), fake IT worker scam, North Korean cyber espionageU.S. law enforcement agencies seized the websites of four North Korean fake IT worker scams that were uncovered by SentinelOne threat researchers and linked to a larger network of Chinese front companies ... Read More
Here’s Yet Another D-Link RCE That Won’t be Fixed
Richi Jennings | | D-Link, D-Link Corporation, D-Link vulnerability, D-Link zero day, Internet of things, Internet of Things (IoT), Internet of Things (IoT) Security, Internet of Things cyber security, iot, SB BlogwatchD-Licious: Stubborn network device maker digs in heels and tells you to buy new gear ... Read More
Microsoft Adds Raft of Zero-Trust Tools and Platforms
Microsoft this week launched a raft of cybersecurity initiatives that address everything from making Windows platforms more secure to adding platforms that are more secure by design ... Read More
Securing the Software Supply Chain: Checkmarx One Expands its Offerings
The software supply chain is under siege. Threat actors increasingly exploit weaknesses in code repositories, dependencies and mismanaged secrets to infiltrate and disrupt software development processes. In response, organizations are turning to robust strategies to safeguard their supply chains, including tools like SCA scanning, AI and container security, secrets detection ... Read More
Microsoft Veeps Ignite Fire Under CrowdStrike
Richi Jennings | | CrowdStrike, CrowdStrike Falcon, CrowdStrike incident;, crowdstrike updates, David Weston, ignite, Microsoft, Microsoft security, Microsoft Virus Initiative, Microsoft Windows, Quick Machine Recovery, rust, Safe Deployment Practices, SB Blogwatch, Windows, Windows securityBSODs begone! Redmond business leaders line up to say what’s new in Windows security ... Read More
CISOs Look to Establish Additional Leadership Roles
According to an IANS survey of more than 800 CISOs, roles such as business information security officers (BISOs), chiefs of staff and heads for privacy, program management and data protection are among the top positions being considered to support cybersecurity efforts ... Read More
Black Friday Scammers are Hard at Work: Security Experts
Scammers are using everything from fraudulent deals and fake ads to spoofed websites and brand impersonation to target online shoppers who are gearing up for Black Friday as the holiday buying season gets underway, according to cybersecurity firms ... Read More
