Content Paint
Search
Sign in

Cybersecurity

AWS  | Apr 10, 2024
AWS took 6 months to fix Security Token Service bug - IAM policy simulator inadequate, says Stedi
AWS took 6 months to fix Security Token Service bug - IAM policy simulator inadequate, says Stedi

"No system is infallible. Sometimes, it is AWS..."

Microsoft  | Apr 03, 2024
Microsoft’s “top notch” China hack post-mortem was "troubling" speculation
Microsoft’s “top notch” China hack post-mortem was "troubling" speculation

"The loss of a signing key is a serious problem, but the loss of a signing key through unknown means is far more significant... Microsoft’s customers did not have essential facts needed to make their own risk assessments."

Microsoft  | Apr 03, 2024
Microsoft roasted over “cascade of security failures” – authentication system utterly broken
Microsoft roasted over “cascade of security failures” – authentication system utterly broken

"A corporate culture that deprioritized both enterprise security investments and rigorous risk management."

NSA  | Apr 02, 2024
“Bring memes”: Dave Luber takes over as NSA Director of Cybersecurity from Rob Joyce
New NSA cybersecurity director Dave Luber (left)

As well as coming under immediate pressure on social media chatterati to be immediately amusing and bring his meme A-game, Luber faces other challenges too...

 |  utilities  | Apr 02, 2024
Water company dangles £10m for MSSP support
Water company dangles £10m for MSSP support

Assessment by the NCSC of previous industry breaches has seen an “enhanced” Cyber Assessment Framework (e-CAF) created that requires...

Optiv  | Mar 23, 2024
'We found a server under the candy smelter!' Optiv boss talks about the sticky side of enterprise security
'We found a server under the candy smelter!' Optiv boss talks about the sticky side of enterprise security

Optiv exec Sean Tufts said that implementing security in the field isn't always a glamorous task

Bank of England  | Mar 13, 2024
Bank of England warns on expanded operational resilience regime – cloud providers put on notice
Bank of England warns on expanded operational resilience regime – cloud providers put on notice

New demands of "critical third-parties" will "require some adjustments all round" says senior BoE official.

Cybersecurity  | Mar 04, 2024
CI/CD platform TeamCity exposed to critical pre-auth RCE bug, amid disclosure spat
CI/CD platform TeamCity exposed to critical pre-auth RCE bug, amid disclosure spat

JetBrains' platform "a suitable vector to position an attacker to perform a supply chain attack" if compromised warns Rapid7.

 |  Cybersecurity  | Mar 04, 2024
A Russian spy simply dialled into a sensitive German military call on WebEx - and went unnoticed
A Russian spy simply dialled into a sensitive German military call on WebEx - and went unnoticed

"Unfortunately, there are indications that a Russian participant has obviously dialed into the WebEx"

Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.