Cybersecurity News including Analytics, CISO, Cloud Security, Cybercrime, Data Security, DevOps, GRC, IoT, Social Engineering, Threats & Breaches and more.
Tax Scams Ramping Up as the April 15 Deadline Approaches
With the IRS deadline only weeks away, businesses and individuals are racing to get their taxes filed, and bad actors are doing what they can to keep pace with them. Both Microsoft and Malwarebytes in recent days have outlined various scams being used to steal sensitive information, drop malicious payloads, ... Read More
Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys
Richi Jennings | | Apple, apple bug, Apple Data Security, apple hack, apple hacker, Apple iOS, Apple iPad, ARM, cache, dmp, GoFetch, iPad, M1, M2, M3, Macintosh, macos, SB Blogwatch
GoFAIL: Researchers worm their way into broken cache-filling microcode in most Macs and iPads ... Read More
RaaS Groups Go Recruiting in Wake of LockBit, BlackCat Takedowns
The effects of the recent high-profile disruptions of LockBit’s and BlackCat ransomware operations by law enforcement agencies are rippling through the dark web, with smaller threat gangs looking to scoop up the larger groups’ disaffected affiliates. Law enforcement agencies in the United States, the UK, and elsewhere in recent years ... Read More
CISA, NSA, Others Outline Security Steps Against Volt Typhoon
Top cybersecurity agencies in the United States and other countries are again warning critical infrastructure companies about the “urgent risk” posed by Chinese state-sponsored threat group Volt Typhoon and are recommending steps to harden their protections. The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and the FBI ... Read More
Sentry, GitHub Use AI to Help Fix Coding Errors
Developers are getting more help detecting and addressing bugs in their code through new AI-based tools that Sentry.io and GitHub each introduced this week. Sentry unveiled the beta of Autofix, a feature that uses company’s machine learning and AI capabilities and is aimed at debugging errors in production by leveraging ... Read More
Ordr Taps AI to Augment Attack Surface Management
Michael Vizard | | AI, ASM, asset management, Attack Surface, Attack Surface Management, generative AI, Ordr
Ordr this week added an attack surface management (ASM) tool infused with artificial intelligence (AI) to its existing asset management portfolio ... Read More
EPA and White House Raise Alarm on Water Cybersecurity
Richi Jennings | | Critical Infrastructure, critical infrastructure assets, critical infrastructure attack, Critical Infrastructure Cyber security, Critical Infrastructure Cybersecurity, Drinking Water, Environmental Protection Agency, EPA, ICS, operational technologies, OT, public water systems, SB Blogwatch, wastewater, water, water distribution systems, Water industry, water infrastructure, White House
Iran and China fingered: Biden admin. chides governors: Water infra. lacks “even basic cybersecurity precautions.” ... Read More
TikTok ‘Ban’ — ByteDance CEO and EFF are BFFs
Richi Jennings | | Bytedance, china, chinese government, EFF, Electronic Frontier Foundation, Privacy, SB Blogwatch, Shou Zi Chew, social media, spyware, TikTok, TikTok Ban
7521 momentum builds: Shou Zi Chew plays for time, while Electronic Frontier Foundation says TikTok-kill bill is DOA ... Read More
Microsoft Preps AI-Based Copilot for Security for April 1 Release
Microsoft for more than a year has been infusing generative AI capabilities throughout much of its product and services portfolio – such as Microsoft 365 and Bing – through its Copilot initiative, an effort to help enterprise IT administrators, developers, and other users to get the benefits of the emerging ... Read More
French Gov. Leaks 43 Million People’s Data — ‘France Travail’ Says Sorry
Richi Jennings | | Alexandre Saubot, Cap emploi, CNIL, cyber attacks on governm, devops in government, DevSecOps in Government, digital government, European Governments, france, France Travail, government, Government & Regulatory News, government agencies, Government Authority, SB Blogwatch
La grande cybermalveillance: French government’s employment agency loses control of citizens’ data after biggest breach in Gallic history ... Read More