Cybersecurity
Las Vegas casino ransomware attacks: Okta in the spotlight as MGM slowly recovers
"I think our biggest challenge was, and this is something we learned the hard way, was the password reset..."
Microsoft
Microsoft exposed 38TB of private AI data, including passwords and secret keys
Microsoft itself warns that it is "not possible to audit the generation of SAS tokens"
Cybersecurity
MGM Resorts’ ransomware attack started with a single phone call
Social engineering allegedly led to MGM attack: $13 billion firm's cybersecurity "defeated by a 10-minute conversation"?
Patch Tuesday
Patch Tuesday puts the cherry on a cake of zero days
From SAP, an "update that only became necessary because the Security Note was accidentally previously deleted" and from Microsoft, some strange assessments.
Cybersecurity
$13 billion MGM Resorts in severe cybersecurity incident
"We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems."
Microsoft
A powerful key was stolen from one of the world’s largest companies. It still has questions to answer.
An attacker could have been forging access tokens to Microsoft services for up to two years, unnoticed
Cybersecurity
Aerospace firm hacked by “multiple” adversaries
"The goddam plane has crashed into the mountain!"
Cybersecurity
Security contractor hit through "rogue" Windows 7 PC amid fears for sensitive NatSec sites
Details of security perimeters for highly sensitive national security sites published for anyone to read
privacy
Apple warns that scanning encrypted photos leads to a “dystopian dragnet”
"Scanning for one type of content, for instance, opens the door for bulk surveillance" says Apple's user privacy chief.
EU
EU Cyber Resilience Act antagonises, troubles open-source sector
The EU has proposed a new Cyber Resilience Act. The lack of industry dialogue has the open-source sector worry that the act will stifle development.
NCSC
NCSC’s new CTO Ollie Whitehouse is a seasoned hacker
His "knowledge of software security appears to exceed that of most governments"
Cybersecurity
Quis custodiet? Powerful Japanese cybersecurity agency hacked, as allies fret
"Japan's cybersecurity nightmare is everyone else's problem, too"