Google Cloud: MFA Will Be Mandatory for All Users in 2025
Google Cloud says it is taking a phased approach to making MFA mandatory for all users by the end of 2025 to help bolster the cyber-protections against increasingly sophisticated cyberattacks ... Read More
Schneider Electric Confirms Ransom Hack — Hellcat Demands French Bread as ‘Joke’
Richi Jennings | | Baguette, BGTT, Crypto, crypto crime, crypto currency, cryptocoin, Cryptocrurrency, cryptocurrencies, cryptocurrency, Cryptocurrency Humor, grep, greppy, Hellcat, ICA, International Contract Agency, Ransomware, SB BlogwatchThat’s a lot of pain: $125,000 ransom seems small—but why do the scrotes want it paid in baguettes? ... Read More
Interpol Operation Shuts Down 22,000 Malicious Servers
Interpol, other law enforcement agencies, and cybersecurity firms teamed up for Operation Synergia II, shutting down 22,000 malicious servers that supported ransomware, phishing, and other attacks and arresting 41 people connected to the cybercrime campaigns ... Read More
Man Accused of Snowflake Customer Data Breaches Arrested
A Canadian resident, Alexander “Connor” Moucka, was arrested by Canadian law enforcement at the request of the United States for allegedly stealing sensitive data of myriad corporations like AT&T and Santander Bank that were stored in Snowflake's cloud systems and exposed during a breach ... Read More
Fortinet Adds Data Loss Prevention Capability Following Acquisition of Next DLP
Fortinet has added a data loss prevention (DLP) platform to its portfolio that is based on the technology it gained with the acquisition of Next DLP earlier this year ... Read More
Google Uses Its Big Sleep AI Agent to Find SQLite Security Flaw
Google researchers behind the vendor's Big Sleep project used the LLM-based AI agent to detect a security flaw in SQLite, illustrating the value the emerging technology can have in discovering vulnerabilities that techniques like fuzzing can't ... Read More
Hackers Exploit DocuSign APIs for Phishing Campaign
Cybercriminals are exploiting DocuSign’s APIs to send highly authentic-looking fake invoices, while DocuSign’s forums have reported a rise in such fraudulent campaigns in recent months. Unlike typical phishing scams that rely on spoofed emails and malicious links, these attacks use legitimate DocuSign accounts and templates to mimic reputable companies, according ... Read More
FIDO: Consumers are Adopting Passkeys for Authentication
The FIDO Alliance found in a survey that as consumers become more familiar with passkeys, they are adopting the technology as a more secure alternative to passwords to authenticate their identities online ... Read More
GreyNoise: AI’s Central Role in Detecting Security Flaws in IoT Devices
GreyNoise Intelligence researchers said proprietary internal AI-based tools allowed them to detect and identify two vulnerabilities in IoT live-stream cameras that traditional cybersecurity technologies would not have been able to discover ... Read More
Microsoft’s Controversial Recall Feature Release Delayed Again
Microsoft is again delaying the release of its controversial Recall feature for new Windows Copilot+ PCs until December to get new security capabilities in place and hopefully avoid the industry backlash it faced when first introducing the tool in May ... Read More
