Content Paint
Search
Sign in

Cybersecurity

Cybersecurity  | Jun 26, 2024
Feds to CIOs: Actively ask your vendors if they’ve done a SQLi audit...
Feds to CIOs: Actively ask your vendors if they’ve done a SQLi audit...

Fix up, look sharp: Uncle Sam is running out of patience with tech firms shipping insecure software. Vendors? Get familiar with the phrase "query parameterization"...

Cybersecurity  | Jun 25, 2024
CISA breach: Hackers gained access to chemical sector's vulnerability assessments
CISA breach chemicals

Cybersecurity agency's cybersecurity appliance breached (yes, everything is broken) but no exfiltration seen says CISA

Cloud  | Jun 17, 2024
EU Cloud Certification Scheme could be "discriminatory" to Amazon, Google and Microsoft
EU Cloud Certification Scheme could be "discriminatory" to Amazon, Google and Microsoft

Companies and countries clash over ENISA cloud security certification

Cybersecurity  | Jun 13, 2024
💀This malware campaign uses Discord emojis for C2 instructions
discord emojis malware C2

Camera emoji? "Take a screenshot of the victim's screen and upload it to the command channel as an attachment."

SolarWinds  | Jun 11, 2024
“Trivially exploitable” bug in SolarWinds file server needs prompt fixing
“Trivially exploitable” bug in SolarWinds file server needs prompt fixing

“CVE-2024-28995 is not known to be exploited in the wild as of 9 AM ET on June 11. We expect this to change."

Snowflake  | Jun 01, 2024
Snowflake warns over “rapeflake” data breaches
snowflake breach update

"The user must be left in the disabled state for 6 hours to fully invalidate any possible unauthorized access via this ID token feature."

vulnerabilities  | May 30, 2024
Check Point vulnerability far worse than thought – exploited in wild since April
Check Point vulnerability CVE-2024-24919

106,000 customers publicly exposed, initial searches suggest.

Cybersecurity  | May 30, 2024
Turf wars? NIST to fix NVD backlog by September – insists it’s right agency to run vulnerability database
Turf wars? NIST to fix NVD backlog by September – insists it’s right agency to run vulnerability database

Update comes after CISA started enriching CVEs itself…

Cybersecurity  | May 29, 2024
EU shows "a complete lack of security thinking" says former Estonian president
EU shows "a complete lack of security thinking" says former Estonian president

Estonian ex-prez Ilves and Columbia Law prof deliver stark warning to cyberpros

Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.