Week in review: Attackers trying to access Check Point VPNs, NIST CSF 2.0 security metrics evolution
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RansomLord: Open-source anti-ransomware exploit tool RansomLord is an …
Snowflake denies breach, blames data theft on poorly secured customer accounts
Snowflake is disputing claims made by a threat actor who stole data belonging to Santander and Ticketmaster, and maintains that the theft of customer data was the result of …
Snowflake compromised? Attackers exploit stolen credentials
New story – Saturday, June 1, 2024 at 4:48 PM Snowflake denies breach, Santander and Ticketmaster confirm data theft, Hudson Rock deletes report Have attackers …
25,000 individuals affected in BBC Pension Scheme data breach
Personal information of current and former BBC employees has been exposed in a data breach that affected the broadcaster’s in-house pension scheme. More than 25,000 …
Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919)
Attackers have been exploiting CVE-2024-24919, a zero-day vulnerability in Check Point Security Gateways, to pinpoint and extract password hashes for local accounts, which …
Lack of skills and budget slow zero-trust implementation
The risk of a cyber breach is the number one global driver for zero trust strategy implementation, according to Entrust. The 2024 State of Zero Trust & Encryption Study …
Encrypted Notepad: Open-source text editor
Encrypted Notepad, an open-source text editor, ensures your files are saved and loaded encrypted with AES-256. With no ads, no network connection required, and no unnecessary …
New infosec products of the week: May 31, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Adaptive Shield, Dashlane, Detectify, and Truecaller. Adaptive Shield unveils …
NIST says NVD will be back on track by September 2024
The National Institute of Standards and Technology (NIST) has awarded a contract for an unnamed company/organization to help them process incoming Common Vulnerabilities and …
59% of public sector apps carry long-standing security flaws
Applications developed by public sector organizations have more security debt than those created by the private sector, according to Veracode. Security debt, defined for this …
NIST unveils ARIA to evaluate and verify AI capabilities, impacts
The National Institute of Standards and Technology (NIST) is launching a new testing, evaluation, validation and verification (TEVV) program intended to help improve …
Identity-related incidents becoming severe, costing organizations a fortune
With the rise of identity sprawl and system complexity, more businesses are suffering identity-related incidents than ever before, according to IDSA. Identity-related …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD