Cato Networks
The Big Interview: Cato Networks CSO Yishay Yovel
We stab a fork in an acronym soup and come up with something meaty.
ransomware
After CEO’s testimony, 3 vital lessons from Change Healthcare’s $1.6 billion ransomware attack
Two of America's most impactful cybersecurity incidents (Change Healthcare and Colonial Pipeline) began with attackers exploiting leaked credentials for VPNs with no MFA.
cybersecurity
CISO-CEO communication gaps continue to undermine cybersecurity
Qualys CEO says disconnect can hinder effective security strategies.
Sponsored
From the Marines to the “4 Cs”: BigID’s Brenton Gumucio on code camps, preventing data exposure and working with MongoDB
“We are pretty tightly aligned with the MongoDB product team. That allowed us to scale up and attack use cases where we're scanning petabytes of data, and solving really hard problems for customers.”
Rubrik
Rubrik files for IPO, reveals rapid growth, $354 million loss
Data security and backup firm's SEC filing shows it sees a TAM of $36.3 billion by the end of 2024.
cybersecurity
Malicious backdoor, CVSS 10, slipped onto major Linux distributions
Poisoned Easter eggs for all: Apparent supply chain attack caught mercifully early…
cybersecurity
UK nuclear waste firm Sellafield Ltd. prosecuted over cyber failings
Prosecution follows allegations of extensive pwnage, desperately poor hygiene, and as CISO falls on his sword.
Cloud
Scoop: Fujitsu spilled private client data, passwords into the open unnoticed for a year
It takes a special kind of stupid to export a LastPass vault and dump it into a public bucket along with a bunch of AWS keys. How do these people win critical government contracts again, please?
cybersecurity
China's I-Soon-linked threat group hit 70 organisations in 45 countries
Group screwed up their opsec, let Trend Micro pull samples, configuration files, and log files from attackers' servers.
operational technology
Missing vulnerabilities and threadbare staff: CISA ill-equipped to support on OT security: Watchdog
CISA has just two federal staff and five contractor staff working on its OT-specific threat hunting and/or incident response services...
cybersecurity
US gov tells software suppliers exactly how it wants them to develop secure code
As CISA reportedly admits two of its systems were breached in February due to Ivanti flaws
CISO
Anthropic’s CISO drinks the AI kool aid - backpedals frantically on security analysis claim
"The entire analysis from the original post is wrong. It shows only the negative value of using LLM in such cases..."