Hot Topics

Digital Transformation

Apple CEO Tim Cook, with superimposed text: “No Such Agency”

NSA iPhone Backdoor? Apple Avoids Russian Blame Game

| | Apple, back door, backdoor, CVE-2023-32434, CVE-2023-32435, CVE-2023-32439, CVE-2023-38606, CVE-2023-41990, FSB, imessage, ios, iPhone, kaspersky, Kaspersky Lab, Kaspersky Security, nsa, Russia, Russian FSB, SB Blogwatch, spyware, triangulation, Zero Click Attack, Zero-Click Exploit
“No Ordinary Vulnerability” — Operation Triangulation research uncovers new details of fantastic attack chain ...
Security Boulevard
Line drawing of a diamondback terrapin

SSH FAIL: Terrapin Attack Smashes ‘Secure’ Shell Spec

| | Authentication, CBC, ChaCha20, chaves ssh, CVE-2023-48795, libSSH, Man In The Middle, man in the middle attack, man in the middle attacks, mitm, MitM Attack, mitm attack prevention, mitm attacks, openssh, OpenSSH protocol, SB Blogwatch, SSH, Terrapin
Testy Testudine: Lurking vuln in SSH spec means EVERY implementation must build patches ...
Security Boulevard
Mr. Cooper Hackers Stole ~15 Million Users’ Data

Mr. Cooper Hackers Stole ~15 Million Users’ Data

| | breach disclosure, Centex, Jay Bray, mortgage, Mr. Cooper, Nationstar, pii, PII Leakage, PII Protection, SB Blogwatch
Another day, another huge leak: In October, they called it an “outage;” last month, it became a “cybersecurity incident;” now it’s a full-on PII leak ...
Security Boulevard
The Ukrainian president, Volodymyr Zelenskyy, with superimposed text: “Bring it.”

Russia Hacks Ukraine, Ukraine Hacks Russia — Day#658

| | Kyivstar, Russia, russia hacker, Russia-Ukraine, russia-ukraine conflict, Russia's War on Ukraine, Russian Cyber War, Russian cybercrime, SB Blogwatch, Ukraine, ukraine conflict, Ukraine Cyber War, Ukraine cyberattack
When will it end? Russia takes down Kyivstar cellular system, Ukraine destroys Russian tax system ...
Security Boulevard
A caricature of Russian president-for-life Vladimir Vladimirovich Putin

Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan

| | 2FA phishing, advanced phishing threats, Aleksandrovich Peretuatko, Alexey Doguzhiev, Andrey Stanislavovich Korinets, Callisto Group, center 18, Evilginx, Federal Security Service, five eyes, FSB, linkedin, Phishing, Russia, russia hacker, russia-based, russian, Russian Cyber Interests, Russian Cyber War, Russian FSB, SB Blogwatch, Seaborgium, spear fishing, spear phishing attacks, spear-phishing, SpearPhishing, Star Blizzard, TA446
TA446’s new TTPs: “Star Blizzard” FSB team called out by Five Eyes governments (again) ...
Security Boulevard
A 3D render of a DNA strand, with the text “It’s even worse” superimposed

23andMe Finally Admits: 6.9 MILLION Users’ PII Breached

| | 23andMe, Compromised Credential, compromised credentials, compromised credentials monitoring, Credential Compromise, credential replay attacks, credential reuse, credential stuffing, credential stuffing attack, Credential Stuffing Attacks, DEVOPS, DevSecOps, DNA, GDPR, iam, password reuse, pii, PII Leakage, SB Blogwatch, SEC, Securities and Exchange Commission, Securities Exchange Commission (SEC), U.S. Securities and Exchange Commission
Not nice: Hacker claimed 20 million, 23andMe said it was only 14,000—but now admits to 6.9 million ...
Security Boulevard
The state flag of Montana (detail)

TikTok Ban Banned — Montana Loses in US Court

| | Bytedance, china, chinese government, Donald Molloy, Montana, Privacy, SB Blogwatch, spyware, TikTok
For you plague, still: States can’t just ban apps, says federal judge ...
Security Boulevard
A number ‘10’ printed on a roughly rendered wall

Atlassian Bug now a Perfect 10: Riot of Ransomware Raids

| | atlassian, Atlassian Confluence, cerber, Confluence, CVE-2023-22518, CVSS10, Java, Ransomware, SB Blogwatch, vulnerability
Step #1: Get it off the Internet—Confluence Data Center and Server on-prem products perfectly pwned, so patch ...
Security Boulevard
A ballet dancer sits in a chair, head in hands

Okta Hacked Yet Again: 2FA Firm Failed to 2FA

| | 2 factor auth, 2-fa authentication, 2-factor authentication, 2fa, 2FA Authenticator, 2FA/MFA, auth, Authentication, CIAM, ciam authentication, ciam solution, ciam solutions, ciam vs iam, cloud IAM, Cloud IAM architecture, Cloud IAM as a Service, cloud IAM platform, Cloud IAM Solution, hosted single sign-on, iam, Identity as a service and single sign on, Identity management and Single sign-on, MFA, MFA rollout, Multi-Factor Authentication (MFA), Okta, okta alternative, Okta replacements, Okta SSO, replace okta, SB Blogwatch, single sign on, Single Sign On (SSO), sso, two-factor-authentication.2fa, web application single sign on
You had one job: Once is happenstance, twice is coincidence, FIVE TIMES is sheer incompetence ...
Security Boulevard
Two old vehicles rust away in a junkyard

This SUCKS: ‘Cars Are a Privacy Nightmare,’ Mozilla Fumes

| | automaker, Car, cars, cellular IoT, cellular IoT security, Connected Cars, Consumer IoT, Internet of things, Internet of Things (IoT), Internet of Things (IoT) Security, Internet of Things cyber security, iot, Mozilla, Mozilla Foundation, New Cars, Privacy, Privacy4Cars, SB Blogwatch, vehicle, vehicle cybersecurity, vehicle OTAs
IoT cars considered harmful: Own a car? Care about your privacy? Mozilla Foundation has bad news for you ...
Security Boulevard
Load more