Cybersecurity
HackerOne says worker stole vulns for profit – fired employee blasts ‘baseless claims’
"We have terminated the employee, and bolstered our defenses to avoid similar situations."
Cloud
New Open CVDB project puts cloud vulnerabilities in the spotlight
“There is currently no universal standard for cloud vulnerability enumeration..."
Cybersecurity
Supplier hack had “scope to impact entire telco industry”: Vodafone
Critical supplier to Vodafone, hundreds of others saw IT, OT systems breached
Cybersecurity
Oracle vuln left scores of blue chips exposed to pre-auth RCE exploit for 6 MONTHS post disclosure
Major firms left exposed to
Cybersecurity
Potemkin security standards propping up "insecure by design" OT
Your shiny security standard award likely means very little, warns Forescout
Cybersecurity
Siemens' CVSS 9.8 advisory features exploited Apache HTTP vulnerability
Nasty Apache HTTP Server bug continues to cause issues...
Cybersecurity
MSFT moves on cross-tenant Azure hardening as shocking "SynLapse" exploit details released
Orca Security takes Azure Synapse off its naughty list after six-month investigation.
Cybersecurity
CISO: Unplugged -- Join The Stack and Friends at a dinner, June 28
From resilience engineering to resilient teams, get behind the scenes of today's security priorities
Cybersecurity
Firmware security in the spotlight after novel ransomware attacks
“The learning curve isn't as steep as people think.”
Cybersecurity
This is how Chinese hackers are breaching telcos worldwide, say US authorities
SOHO devices and unpatched enterprise switches are the way in.
Cybersecurity
Kaspersky says Chinese APT demonstrating "seemingly impossible network behaviors"
Threat group's infrastructure "nothing short of extraordinary"
Cybersecurity
Security teams still face finger-pointing. Blame culture must end
This issue is still rife and causing burnout, says one CISO