Attacker Apparently Didn’t Have to Breach a Single System to Pwn Uber
Alleged teen hacker claims he found an admin password in a network share inside Uber that allowed complete access to…
Opus Security Emerges from Stealth with $10M in Funding for Cloud SecOps and Remediation Processes
Siemplify veterans introduce Cloud Security Orchestration and Remediation platform, backed by high-profile investors including YL Ventures, Tiger Global, and CEOs…
Lampion malware returns in phishing attacks abusing WeTransfer
The Lampion malware is being distributed in greater volumes lately, with threat actors abusing WeTransfer as part of their phishing…
The Future of Cybersecurity in SaaS
By Sean Malone, Chief Information Security Officer, Demandbase Security for Software-as-a-Service (SaaS) solutions has been a priority since […] The…
AWS Tokens Lurking in Android, iOS Apps Crack Open Corporate Cloud Data
Thousands of corporate mobile apps developed by businesses for use by their customers contain hard-coded AWS tokens that can be…
Over 1,000 iOS apps found exposing hardcoded AWS credentials
Security researchers are raising the alarm about mobile app developers relying on insecure practices that expose Amazon Web Services (AWS)…
The Inevitability of Cloud Breaches: Tales of Real-World Cloud Attacks
While cloud breaches are going to happen, that doesn't mean we can't do anything about them. By better understanding cloud…
US govt sues Kochava for selling sensitive geolocation data
The U.S. Federal Trade Commission (FTC) announced today that it filed a lawsuit against Idaho-based location data broker Kochava for…
Capital One Joins Open Source Security Foundation
OpenSSF welcomes Capital One as a premier member affirming its commitment to strengthening the open source software supply chain.
Cyber EO One Year Later: Feds Weigh in On Progress, Areas For Improvement
By Brittany Johnston, Research Director, MeriTalk In May 2021, President Biden issued the Executive Order on Improving the […] The…