A strong security program will sometimes require substantial organizational and cultural changes around security practices, and inevitably, a higher cost. The post Zero to Hero – A “Measured” Approach to Building a World-Class Offensive Security Program appeared first on SecurityWeek.
Hacker leaks 270,000 customer tickets allegedly stolen from Samsung Germany using long-compromised credentials. The post Hacker Leaks Samsung Customer Data appeared first on SecurityWeek.
The European Commission plans on investing €1.3 billion ($1.4 billion) in cybersecurity, artificial intelligence and digital skills. The post Part of EU’s New €1.3 Billion Investment Going to Cybersecurity appeared first on SecurityWeek.
US National Security Advisor Mike Waltz, who started the now-infamous group chat coordinating a US attack against the Yemen-based Houthis on March 15, is seemingly now suggesting that the secure messaging service Signal has security vulnerabilities. “I didn’t see this loser in the group,” Waltz told Fox News about Atlantic editor in chief JeffreyRead More »The Signal Chat Leak and the NSA
In another rare squid/cybersecurity intersection, APT37 is also known as “Squid Werewolf.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Analysis found that 99% of healthcare organizations are vulnerable to publicly available exploits. The post Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware appeared first on SecurityWeek.
Nearly a dozen crypto packages on NPM, including one published 9 years ago, have been hijacked to deliver infostealers. The post 9-Year-Old NPM Crypto Package Hijacked for Information Theft appeared first on SecurityWeek.
Research has revealed that an Australia-based fintech company had a database exposed.
Noteworthy stories that might have slipped under the radar: Key members of Hellcat ransomware group identified, controversy around CrushFTP flaw CVE, NYU website hacked and defaced. The post In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked appeared first on SecurityWeek.
HTTPS certificate issuance now requires Multi-Perspective Issuance Corroboration and linting to improve validation. The post New Issuance Requirements Improve HTTPS Certificate Validation appeared first on SecurityWeek.
