Former Uber CSO avoids prison for concealing data breach
Joe Sullivan, the former Uber CSO who has been convicted last year for attempting to cover up a data breach Uber suffered in 2016 and kept it hidden from the Federal Trade …
Critical RCE vulnerability in Cisco phone adapters, no update available (CVE-2023-20126)
Cisco has revealed the existence of a critical vulnerability (CVE-2023-20126) in the web-based management interface of Cisco SPA112 2-Port Phone Adapters. The adapters are …
May 2023 Patch Tuesday forecast: Dealing with End-of-Support (EOS)
The April Patch Tuesday releases were unusual because we saw a whopping 62 vulnerabilities addressed in the Microsoft Server 2012 KBs. Granted there was a lot of overlap with …
New infosec products of the week: May 5, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Dashlane, Immersive Labs, Intruder, Private AI, Vanta, and Veza. Immersive Labs …
Universal Data Permissions Scanner: Open-source tool to overcome data authorization blindspots
Satori released Universal Data Permissions Scanner, a free, open-source tool that enables companies to understand which employees have access to what data, reducing the risks …
Organizations brace for cyber attacks despite improved preparedness
Cyber-risk levels have improved from “elevated” to “moderate” for the first time, but insiders represent a persistent threat for global organizations, …
Think your data has no value? Scammers disagree
In the first quarter of 2023 there was a significant increase in cyberattacks exploiting trust in established tech brands Microsoft and Adobe, according to Avast. The Avast …
City of Dallas hit by ransomware
The City of Dallas, Texas, has suffered a ransomware attack that resulted in disruption of several of its services. What do we know so far? “Wednesday morning, the …
ChatGPT and other AI-themed lures used to deliver malicious software
“Since the beginning of 2023 until the end of April, out of 13,296 new domains created related to ChatGPT or OpenAI, 1 out of every 25 new domains were either malicious …
BSidesLjubljana 0x7E7 CFP is still open!
BSidesLjubljana 0x7E7, a non-profit conference organized by the information security community, will take place on June 16, 2023, at the C111 Computer Museum. The deadline for …
Amazon Inspector allows search of its vulnerability intelligence database
Amazon Inspector is designed to manage vulnerabilities by continuously scanning your AWS workloads for software vulnerabilities and unintended network exposure across your …
Top API vulnerabilities organizations can’t afford to ignore
75% of organizations typically change or update their APIs on a daily or weekly basis, creating a significant challenge for protecting the changing API attack surface, …
Featured news
Resources
Don't miss
- Building cybersecurity culture in science-driven organizations
- How Kim Crawley challenges big tech in “Digital Safety in a Dangerous World”
- Google strengthens secure enterprise access from BYOD Android devices
- Southwest Airlines CISO on tackling cyber risks in the aviation industry
- Insider risk management needs a human strategy