MITRE Releases Tool to Design Cyber-Resilient Systems
Engineers can use the Cyber Resiliency Engineering Framework Navigator to visuzalize their cyber-resiliency capabilities.
CISA to Open Supply Chain Risk Management Office
A new supply chain risk management office aims to help public and private sectors implement recent CISA policies and guidance.
Critical RCE Lexmark Printer Bug Has Public Exploit
A nasty SSRF bug in Web Services plagues a laundry list of enterprise printers.
Dutchman Detained for Dealing Details of Tens of Millions of People
The accused sold an enormous data set stolen from the Austrian radio and television licensing authority — to an undercover…
Zacks Investment Research Hack Exposes Data for 820K Customers
Zacks Elite sign-ups for the period 1999–2005 were accessed, including name, address, email address, phone number, and the password associated…
GoTo Encrypted Backups Stolen in LastPass Breach
Encrypted backups for several GoTo remote work tools were exfiltrated from LastPass, along with encryption keys.
Wallarm Aims to Reduce the Harm From Compromised APIs
API Leak Management software discovers exposed API keys and other secrets, blocks their use, and monitors for abuse, the company…
Pair of Galaxy App Store Bugs Offer Cyberattackers Mobile Device Access
Devices running Android 12 and below are at risk of attackers downloading apps that direct users to a malicious domain.
Compromised Zendesk Employee Credentials Lead to Breach
Zendesk has alerted customers to a successful SMS phishing campaign that has exposed "service data," but details remain scarce.
Massive Adware Campaign Shuttered
Mainly Apple iOS in-app ads were targeted, injecting malicious JavaScript code to rack up phony views.