Cybersecurity
The British gov't has identified "previously unknown CNI systems”
18 ransomware incidents this year meanwhile required national coordination
Cybersecurity
OpenSSL vulnerabilities downgraded, no RCE
No RCE...
Cybersecurity
This dance album was made with 200+ exotic malware samples
It uses code, images, network traffic, and entropy values of malware to generate sounds...
Cybersecurity
Security officials condemn "uneducated" ministers, shadow IT, after Liz Truss's phone hacked
The British Gov’t has a serious ‘shadow IT’ problem
Cybersecurity
GCHQ, NCSC Technical Director Dr Ian Levy calls quits after 22 years
UK National Cyber Security Centre (NCSC) and GCHQ veteran Dr Ian Levy is leaving public service. His decision and absence will be felt keenly by many in the cybersecurity community, who speak highly of the Technical Director, who has been an engaged and forthright bridge with business and other industry
Cybersecurity
A jeweller, sociologist, composer, a mum, go into cybersecurity…
This is not the start of a joke: CISOs are searching beyond conventional talent pools...
Cybersecurity
A mystery threat actor is running an "abnormally" large freejacking campaign that taps GitHub, Heroku to mine crypto
Security researchers at Sysdig say that they have identified a previously unreported threat actor “using some of the largest cloud and continuous integration and deployment (CI/CD) service providers” in a massive “freejacking” campaign that makes use of trial accounts’ free compute to power cryptomining campaigns. Dubbing it PURPLEURCHIN, Sysdig
Cybersecurity
GIGABYTE drivers are getting exploited warns CISA as 2018 bugs come back to bite
POCs have circulated for years...
Cybersecurity
Microsoft data breach "BlueBleed" exposes 2.4TB of customer data
Customers being told GDPR disclosure unnecessary
Cybersecurity
3 trillion open source downloads, a 633% rise in malicious activity -- and a worrying sense of security
IT managers say their orgs are better prepared - infosec pros are less confident...
Cybersecurity
FIDO2 is touted as a security panacea: Why isn't it everywhere?
FIDO2 makes the user initiate all authentication attempts.
Cybersecurity
Windows fails to update vulnerable driver blocklist for THREE YEARS
MS now says the blocklist will only be updated alongside major Windows releases.