News

This page contains information on current Information Technologies that may be of interest to our customers.  See also our recommended sites for computer related information on products and security.

Articles and Reviews of Interest

• September 2023:
  • Misconfigured SAS token by Microsoft’s AI team exposes 38TB of GitHub data
    Steve Zurier September 18, 2023
  • Why posture alone isn’t enough for cloud security
    Paul Nguyen September 18, 2023
  • BlackCat/ALPHV reportedly encrypted more than 100 MGM ESXi hypervisors
    Steve Zurier September 15, 2023
  • Microsoft Microsoft promises to act as Teams continues to get pummeled by phishing attacks
    Simon Hendery September 14, 2023
    
• July 2023:
  • Rockwell Automation exploit spurs fears of critical infrastructure security
    Simon Hendery July 13, 2023
  • AI unlikely to overtake humans in cybersecurity, hackers say in new survey
    Stephen Weigand July 13, 2023
  • Browser security that protects the remote, extended and hybrid workforce
  • Paul Wagenseil July 13, 2023
  • Crimeware tool WormGPT: AI for BEC attacks
    Andrew Blake July 13, 2023  
  • Malicious Microsoft Office docs drop LokiBot malware
    Steve Zurier July 13, 2023
  • Two-thirds of internet-facing SolarView systems still vulnerable to critical bug
    Steve Zurier July 5, 2023
  • Threat actors quick to exploit proof-of-concept code
    Simon Hendery July 5, 2023
  • Browser security is not created equally
    Paul Wagenseil June 27, 2023
  • Advanced detection protects against the growing trade of zero-day hacks
    Tony Anscombe July 5, 2023
    
• June 2023:
  • ‘AI package hallucination’ can spread malicious code into developer environments
    Steve Zurier June 6, 2023
  • Kroger elevates fraud measures after online account creation explodes 
    Bradley Barth June 6, 2023
  • MOVEit victims emerge: British Airways, BBC and Nova Scotia
    Simon Hendery June 6, 2023
  • The Volt Typhoon wake-up call
    Ronen Ahdut June 6, 2023
  • Ransomware attacks have room to grow, Verizon data breach report shows
    Derek B. Johnson June 6, 2023
  • Python byte code used to avoid detection and load malware
    Steve Zurier June 1, 2023
  • We need to refine and secure AI, not turn our backs on the technology 
    Ani Chaudhuri June 1, 2023
  • Systems hack enables data theft, access for 8.9M MCNA Dental patients
    Jessica Davis June 1, 2023
  • BlackCat ransomware gang updates tradecraft with stealth and speed
    Simon Hendery June 2, 2023
  • Five ways to prevent the risks from hardcoding secrets in code generated by LLMs
    Lotem Guy June 2, 2023
  • Inactive Salesforce Communities could leak sensitive data
    Stephen Weigand June 2, 2023
  • MOVEit victims emerge: British Airways, BBC and Nova Scotia
  • Simon Hendery June 6, 2023
• Simon Hendery June 6, 2023
  • 
    
• May 2023:
  • Facebook cracks down on malware actors targeting business accounts
    Simon Hendery May 4, 2023
  • NO PR0NHUB 4 U, HTTP LOCK STATUS, SELLING HACKING TOOLS, & CHROME DROPS HTTP LOCK – PSW #783 May 3, 2023
  • Google adds passkeys for user accounts; ‘passwords are dead,’ official says
    Jessica Davis May 4, 2023

• March 2023:
  • Lack of respect, career opportunities lead to exclusion for women in cybersecurity
    Menghan Xiao March 31, 2023
  • Healthcare vendor reports breach from 2021, at least 9 providers impacted
    Jessica Davis March 31, 2023
  • High-cost lender TMX Finance data breach affects nearly 5 million customers
    Menghan Xiao March 31, 2023
  • Azure bug, patched this month, could have allowed access to critical systems
    Steve Zurier March 31, 2023
  • Tech layoffs bring secure software supply chain security to the forefront
    Aaron Bray March 31, 2023
  • MKS Instruments hit with lawsuit following ransomware attack
    Derek B. Johnson March 15, 2023
  • Feds fine Florida children’s health insurance site for massive 2020 hack
    Jessica Davis March 15, 2023
  • Microsoft March Patch Tuesday fixes two zero-day bugs
    Menghan Xiao March 15, 2023
  • Bad actors exploited RCE in Progress Telerik to hack US agency server
    Stephen Weigand March 15, 2023
  • Research indicates humans are still better than ChatGPT at phishing — for now
    Steve Zurier March 15, 2023
  • Lesson learned from the US Marshals Service cyber incident: we’re all targets – and the stakes are high
    Steve Stone March 15, 2023
  • Malware campaign targets unpatched SonicWall SMA100 Series edge devices
    Steve Zurier March 9, 2023
  • Enterprise browser aims to offer secure access to legacy Internet Explorer apps
    Steve Zurier March 8, 2023
  • A LIGHT WEEK, INFOSEC TABLETOP GAMING, WHITE HOUSE CYBERSEC, & AI GALORE! – ESW #308 March 9, 2023
  • Active attacks exploiting old bugs in VMware NSX Manager spike
    Menghan Xiao March 8, 2023
  • TSA issues emergency cybersecurity mandates for aviation sector
    Derek B. Johnson March 7, 2023
  • Barcelona hospital experiencing care delays after RansomHouse attack
    Jessica Davis March 7, 2023
  • Microsoft discovers Shein app accessing clipboard on Android devices
    Menghan Xiao March 7, 2023
  • Russian ‘pranksters’ target Moscow critics, Ukraine war opponents
    Derek B. Johnson March 7, 2023
  • Info stealer targets Facebook business accounts to land sensitive data
    Steve Zurier March 7, 2023
  • Why we must finally draw more women into cybersecurity in 2023
    Lisa Tetrault March 7, 2023
  • Blackbaud pays $3 million for misleading disclosures in 2020 ransomware attack
    Jessica Davis March 13, 2023
  • Threat actors turn to AI-generated YouTube videos to spread info stealers
    Steve Zurier March 13, 2023
  • Employees are entering sensitive business data into ChatGPT
    Stephen Weigand March 13, 2023
  • MITRE’S MANAGED SERVICES EVALUATIONS: MAKING THE MOST OUT OF THE ATT&CK FRAMEWORK – ASHWIN RADHAKRISHNAN – CFH #12
    March 14, 2023
  • Six reasons why today’s SOCs don’t work – and why AI is the fix   
    Gonen Fink March 13, 2023
    
• February 2023:
  • Critical vulnerabilities hidden in hundreds of popular open source containers
    Menghan Xiao February 24, 2023
  • Biden admin’s push for cyber regulations could clash with skeptical Republicans
    Derek B. Johnson February 24, 2023
  • Security of voice verification ID systems put into question, again
    Steve Zurier February 24, 2023
  • Three data privacy myths every business leader should challenge
    Russell Howe February 24, 2023
  • Medical labs, shipping companies targeted by new threat group Hydrochasma
    Jessica Davis February 23, 2023
  • Google patches critical RCE bug in Chrome browser
    Menghan Xiao February 23, 2023
  • This ransomware group wants you to double-cross your insurer
    Stephen Weigand February 23, 2023
  • Shift Left? Shift Right? Neither: Here’s why smart companies should shift up
    Ganesh Pai February 23, 2023
    
• January 2023
  • Here are the top 4 security threats facing SaaS apps in 2023, according to this firm  by Steve Zurier January 13, 2023
  • Juniper starts the year listing more than 230 vulnerabilities Steve ZurierJanuary 13, 2023
  • Database encryption takes work, but it’s achievable Dan Garcia January 13, 2023
  • Abuse of Telegram bots for credential phishing increased 800% in 2022
    Menghan Xiao January 12, 2023
  • SolarWinds shareholders ask Delaware Supreme Court to revive Orion breach lawsuit by Menghan Xiao January 6, 2023
  • NJ hospital CentraState diverting patients after cyberattack, IT shutdown – by Jessica Davis January 3, 2023
  • Top challenges for cloud security in 2023: managing growing cyberattacks, delivering visibility, and consolidating tool sprawl – by Steve Zurier January 3, 2023

Links of Interest

• CNET News
• PC Magazine
• Secure Florida Organization
• ZD Net