This page contains information on current Information Technologies that may be of interest to our customers. See also our recommended sites for computer related information on products and security.
Articles and Reviews of Interest
- October 2023:
- September 2023:
- Misconfigured SAS token by Microsoft’s AI team exposes 38TB of GitHub data
Steve Zurier September 18, 2023 - Why posture alone isn’t enough for cloud security
Paul Nguyen September 18, 2023 - BlackCat/ALPHV reportedly encrypted more than 100 MGM ESXi hypervisors
Steve Zurier September 15, 2023
- Misconfigured SAS token by Microsoft’s AI team exposes 38TB of GitHub data
- July 2023:
- Rockwell Automation exploit spurs fears of critical infrastructure security
Simon Hendery July 13, 2023 - AI unlikely to overtake humans in cybersecurity, hackers say in new survey
Stephen Weigand July 13, 2023 - Browser security that protects the remote, extended and hybrid workforce
- Paul Wagenseil July 13, 2023
- Crimeware tool WormGPT: AI for BEC attacks
Andrew Blake July 13, 2023 - Malicious Microsoft Office docs drop LokiBot malware
Steve Zurier July 13, 2023
- Two-thirds of internet-facing SolarView systems still vulnerable to critical bug
Steve Zurier July 5, 2023 - Threat actors quick to exploit proof-of-concept code
Simon Hendery July 5, 2023 - Browser security is not created equally
Paul Wagenseil June 27, 2023 - Advanced detection protects against the growing trade of zero-day hacks
Tony Anscombe July 5, 2023
- Rockwell Automation exploit spurs fears of critical infrastructure security
- June 2023:
- ‘AI package hallucination’ can spread malicious code into developer environments
Steve Zurier June 6, 2023 - Kroger elevates fraud measures after online account creation explodes
Bradley Barth June 6, 2023 - MOVEit victims emerge: British Airways, BBC and Nova Scotia
Simon Hendery June 6, 2023 - The Volt Typhoon wake-up call
Ronen Ahdut June 6, 2023 - Ransomware attacks have room to grow, Verizon data breach report shows
Derek B. Johnson June 6, 2023
- Python byte code used to avoid detection and load malware
Steve Zurier June 1, 2023 - We need to refine and secure AI, not turn our backs on the technology
Ani Chaudhuri June 1, 2023 - Systems hack enables data theft, access for 8.9M MCNA Dental patients
Jessica Davis June 1, 2023
- BlackCat ransomware gang updates tradecraft with stealth and speed
Simon Hendery June 2, 2023 - Five ways to prevent the risks from hardcoding secrets in code generated by LLMs
Lotem Guy June 2, 2023
- MOVEit victims emerge: British Airways, BBC and Nova Scotia
- Simon Hendery June 6, 2023
- ‘AI package hallucination’ can spread malicious code into developer environments
- Simon Hendery June 6, 2023
- May 2023:
- March 2023:
- Lack of respect, career opportunities lead to exclusion for women in cybersecurity
Menghan Xiao March 31, 2023 - Healthcare vendor reports breach from 2021, at least 9 providers impacted
Jessica Davis March 31, 2023 - High-cost lender TMX Finance data breach affects nearly 5 million customers
Menghan Xiao March 31, 2023 - Azure bug, patched this month, could have allowed access to critical systems
Steve Zurier March 31, 2023 - Tech layoffs bring secure software supply chain security to the forefront
Aaron Bray March 31, 2023 - MKS Instruments hit with lawsuit following ransomware attack
Derek B. Johnson March 15, 2023 - Feds fine Florida children’s health insurance site for massive 2020 hack
Jessica Davis March 15, 2023 - Microsoft March Patch Tuesday fixes two zero-day bugs
Menghan Xiao March 15, 2023 - Bad actors exploited RCE in Progress Telerik to hack US agency server
Stephen Weigand March 15, 2023 - Research indicates humans are still better than ChatGPT at phishing — for now
Steve Zurier March 15, 2023 - Lesson learned from the US Marshals Service cyber incident: we’re all targets – and the stakes are high
Steve Stone March 15, 2023 - Malware campaign targets unpatched SonicWall SMA100 Series edge devices
Steve Zurier March 9, 2023 - Enterprise browser aims to offer secure access to legacy Internet Explorer apps
Steve Zurier March 8, 2023 - A LIGHT WEEK, INFOSEC TABLETOP GAMING, WHITE HOUSE CYBERSEC, & AI GALORE! – ESW #308 March 9, 2023
- Active attacks exploiting old bugs in VMware NSX Manager spike
Menghan Xiao March 8, 2023
- TSA issues emergency cybersecurity mandates for aviation sector
Derek B. Johnson March 7, 2023 - Barcelona hospital experiencing care delays after RansomHouse attack
Jessica Davis March 7, 2023 - Microsoft discovers Shein app accessing clipboard on Android devices
Menghan Xiao March 7, 2023 - Russian ‘pranksters’ target Moscow critics, Ukraine war opponents
Derek B. Johnson March 7, 2023 - Info stealer targets Facebook business accounts to land sensitive data
Steve Zurier March 7, 2023 - Why we must finally draw more women into cybersecurity in 2023
Lisa Tetrault March 7, 2023
- Blackbaud pays $3 million for misleading disclosures in 2020 ransomware attack
Jessica Davis March 13, 2023 - Threat actors turn to AI-generated YouTube videos to spread info stealers
Steve Zurier March 13, 2023 - Employees are entering sensitive business data into ChatGPT
Stephen Weigand March 13, 2023 - MITRE’S MANAGED SERVICES EVALUATIONS: MAKING THE MOST OUT OF THE ATT&CK FRAMEWORK – ASHWIN RADHAKRISHNAN – CFH #12
March 14, 2023 - Six reasons why today’s SOCs don’t work – and why AI is the fix
Gonen Fink March 13, 2023
- Lack of respect, career opportunities lead to exclusion for women in cybersecurity
- February 2023:
- Critical vulnerabilities hidden in hundreds of popular open source containers
Menghan Xiao February 24, 2023 - Biden admin’s push for cyber regulations could clash with skeptical Republicans
Derek B. Johnson February 24, 2023 - Security of voice verification ID systems put into question, again
Steve Zurier February 24, 2023 - Three data privacy myths every business leader should challenge
Russell Howe February 24, 2023
- Medical labs, shipping companies targeted by new threat group Hydrochasma
Jessica Davis February 23, 2023 - Google patches critical RCE bug in Chrome browser
Menghan Xiao February 23, 2023 - This ransomware group wants you to double-cross your insurer
Stephen Weigand February 23, 2023 - Shift Left? Shift Right? Neither: Here’s why smart companies should shift up
Ganesh Pai February 23, 2023
- Critical vulnerabilities hidden in hundreds of popular open source containers
- January 2023
- Here are the top 4 security threats facing SaaS apps in 2023, according to this firm by Steve Zurier January 13, 2023
- Juniper starts the year listing more than 230 vulnerabilities Steve ZurierJanuary 13, 2023
- Database encryption takes work, but it’s achievable Dan Garcia January 13, 2023
- Abuse of Telegram bots for credential phishing increased 800% in 2022
Menghan Xiao January 12, 2023 - SolarWinds shareholders ask Delaware Supreme Court to revive Orion breach lawsuit by Menghan Xiao January 6, 2023
- NJ hospital CentraState diverting patients after cyberattack, IT shutdown – by Jessica Davis January 3, 2023
- Top challenges for cloud security in 2023: managing growing cyberattacks, delivering visibility, and consolidating tool sprawl – by Steve Zurier January 3, 2023