Microsoft SharePoint RCE bug exploited to breach corporate network
A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access…
EmeraldWhale’s Massive Git Breach Highlights Config Gaps
The large-scale operation took advantage of open repositories, hardcoded credentials in source code, and other cloud oversights.
LA housing authority confirms breach claimed by Cactus ransomware
The Housing Authority of the City of Los Angeles (HACLA), one of the largest public housing authorities in the United…
Synology hurries out patches for zero-days exploited at Pwn2Own
Synology, a Taiwanese network-attached storage (NAS) appliance maker, patched two critical zero-days exploited during last week's Pwn2Own hacking competition within…
Cybersecurity Job Market Stagnates, Dissatisfaction Abounds
The 2024 ISC2 Cybersecurity Workforce Study found that amid a tightening job market and dynamic cyber-threat environment, ongoing staffing and…
Interbank confirms data breach following failed extortion, data leak
Interbank, one of Peru's leading financial institutions, has confirmed a data breach after a threat actor who hacked into its…
Why Did Snowflake Have a Target on It? Handling Data Warehouse Security Risks
In early June, the Ticketmaster breach brought widespread attention to the fact that Snowflake accounts did not require multi-factor authentication…
Change Healthcare Breach Hits 100M Americans
Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been…
Building Resilience: A Post-Breach Security Strategy for Any Organization
In the wake of a recent breach that compromised sensitive information, a healthcare organization sought my guidance on how to…
Innovator Spotlight: Cloud Range
by Dan K. Anderson CEO, CISO, and vCISO The cybersecurity landscape is rapidly evolving, and so are the tactics of…