Featured
04/24/2024
Vintage Microsoft flaw resurfaces, threat actors attack with golden GooseEgg
State-linked actors are using a custom tool for post exploitation activity of a vulnerability in Windows Print Spooler, which could result in credential theft and backdoor installs.
04/24/2024
Vintage Microsoft flaw resurfaces, threat actors attack with golden GooseEgg
State-linked actors are using a custom tool for post exploitation activity of a vulnerability in Windows Print Spooler, which could result in credential theft and backdoor installs.
04/24/2024
People on the Move
04/23/2024
State-Sponsored Russian Hackers Linked to Breach of Texas Water Treatment Plant
Leading cybersecurity firm Mandiant believes that a notorious group of Russian hackers is behind a recent rash of attacks on water utilities in several countries, including the United States. On January 18 the group was able to induce a tank overflow at a Texas water treatment plant, and has made similar incursions in France and Poland.
04/23/2024
Contrast Security Welcomes Shay Mowlem as Chief Marketing Officer to Drive Global Expansion
Contrast Security announces the appointment of Shay Mowlem as Chief Marketing Officer (CMO), tasked with leading the company's global marketing endeavors. With a focus on Contrast's groundbreaking Runtime Security platform, Mowlem brings a wealth of experience from esteemed enterprise software companies, setting the stage for heightened strategic direction and accelerated growth.
04/18/2024
OWASP looks to future-proof SBOMs with CycloneDX 1.6
The foundation is upgrading the standard for the quantum era, adding ML-readable attestation and more. Here's how it boosts software supply chain security.
04/12/2024
ISC2 study pegs average US cybersecurity salary at $147K, up from $119K in 2021
Gender and ethnicity gaps persist, but female executives and middle managers earned more on average than male counterparts, according to the survey.
04/11/2024
How MSSPs, MSPs Can Help Defend the Water Supply
It’s hard to imagine a cyberattack on critical infrastructure target any more disastrous and cruel than to a source of drinking water. Yet, the White House says there is now evidence that state-sponsored threat actors are doing just that.
04/11/2024
Will There Ever Be a Solution to Zero-Day Exploits? Expert Analysis
Pushed by the rapid acceleration and abundance of new software, updates, and apps being released, the software development sector is leaving wide security gaps and weak points across architectures.
04/09/2024
DOJ data on 341,000 people leaked in cyberattack on consulting firm
A cyberattack on a consulting firm working for the U.S. Department of Justice resulted in the theft of personal and medical data belonging to more than 340,000 individuals.
04/09/2024
When GenAI and low-code collide: What could go wrong for AppSec?
Here's why the duo results in a perfect storm, key considerations — and expert advice on how engineering and application security teams can tackle the problem.
04/04/2024
Russian Hackers Target German Political Parties with Fake Dinners to Deploy WINELOADER Backdoors
State-sponsored Russian hackers are targeting German political parties with fake dinner invites to deploy malware, establish persistence, and exfiltrate data.
04/03/2024
Microsoft Online Exchange Attack Preventable: CSRB
An attack on the Microsoft Exchange Online intrusion conducted by a Chinese-based attack group was preventable, the Cyber Safety Review Board (CSRB) said in a report.