MSI’s firmware, Intel Boot Guard private keys leaked
The cybercriminals who breached Taiwanese multinational MSI last month have apparently leaked the company’s private code signing keys on their dark web site. The breach …
Western Digital store offline due to March breach
The Western Digital online store is offline as a result of the “network security incident” it suffered in March 2023. Users have been notified On May 5, 2023, the …
Your voice could be your biggest vulnerability
AI technology is fueling a rise in online voice scams, with just three seconds of audio required to clone a person’s voice, according to McAfee. McAfee surveyed 7,054 people …
Consumer skepticism is the biggest barrier to AI-driven personalization
Businesses worldwide are eagerly embracing the potential for AI to provide personalized customer experiences, but customers remain cynical, according to Twilio. This year’s …
Lessons from a 40-year-long automotive OEM leader
Paul Cha is a cyber and product security leader, serving as the VP of Cybersecurity at LG Electronics Vehicle component Solutions. Paul held critical positions at Synopsis, …
Week in review: Fake ChatGPT desktop client steals data, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Former Uber CSO avoids prison for concealing data breach Joe Sullivan, the …
Former Uber CSO avoids prison for concealing data breach
Joe Sullivan, the former Uber CSO who has been convicted last year for attempting to cover up a data breach Uber suffered in 2016 and kept it hidden from the Federal Trade …
Critical RCE vulnerability in Cisco phone adapters, no update available (CVE-2023-20126)
Cisco has revealed the existence of a critical vulnerability (CVE-2023-20126) in the web-based management interface of Cisco SPA112 2-Port Phone Adapters. The adapters are …
May 2023 Patch Tuesday forecast: Dealing with End-of-Support (EOS)
The April Patch Tuesday releases were unusual because we saw a whopping 62 vulnerabilities addressed in the Microsoft Server 2012 KBs. Granted there was a lot of overlap with …
New infosec products of the week: May 5, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Dashlane, Immersive Labs, Intruder, Private AI, Vanta, and Veza. Immersive Labs …
Universal Data Permissions Scanner: Open-source tool to overcome data authorization blindspots
Satori released Universal Data Permissions Scanner, a free, open-source tool that enables companies to understand which employees have access to what data, reducing the risks …
Organizations brace for cyber attacks despite improved preparedness
Cyber-risk levels have improved from “elevated” to “moderate” for the first time, but insiders represent a persistent threat for global organizations, …
Featured news
Resources
Don't miss
- Gainsight breach: Salesforce details attack window, issues investigation guidance
- New “HashJack” attack can hijack AI browsers and assistants
- Heineken CISO champions a new risk mindset to unlock innovation
- Small language models step into the fight against phishing sites
- Black Friday 2025 for InfoSec: How to spot real value and avoid the noise