SecurityWeek
RSA Conference 2024 – Announcements Summary (Day 1)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
SecurityWeek
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
CSO
Tools, platforms, and services that the CSO team recommends 2024 RSA Conference attendees check out.
SC Magazine
The ransomware group posted screenshots of alleged insurer and patient information Monday.
DarkReading
With stores of mega-corporate business intelligence, a Sisense compromise could potentially mushroom into supply chain cyberattack disaster, experts fear.
CyberSecurity Dive
The hotel chain has been responding to the attack since March 29, when it shut down some of its systems.
DarkReading
The restaurant chain hasn't provided any information regarding what led to a widespread IT outage, and customers and employees are asking for answers.
The Cyber Express
The world of cybersecurity has long been dominated by men, presenting women with numerous hurdles, from biases to systemic obstacles.
SecurityWeek
Unpatched Google vulnerability exploited, 3D printers hacked by white hats, WhatsApp will get NSO Group spyware.
CSO
SAML authentication certificates, generated with tools other than dedicated cloud identity solutions, can be forged by hackers, according to a new proof of concept.
The Hacker News
Researchers have disclosed a new attack technique, "Silver SAML," targeting applications that use cloud identity providers such as Microsoft Entra ID.
DarkReading
A successor to the "Golden SAML" tactic used in the SolarWinds campaign, this new technique taps SAML response forgery to gain illegitimate access to apps and services.
CyberNews
The LockBit ransom gang is back up since global police allege it decimated the group’s infrastructure and claimed the Ernest Health hospital network as its latest victim.
Infosecurity News
The incident has impacted numerous Change Healthcare applications, including pharmacy, medical records
SecurityWeek
The ransomware threat will continue to grow and expand. It is the quintessential business plan for cybercriminals.
DarkReading
Operation Cronos, a collab between authorities in the US, Canada, UK, Europe, Japan, and Australia — seizes data and website associated with the prolific cybercriminal organization and its affiliates.
SecurityWeek
Supply chain security: A successful attack against a supplier can lead to multiple opportunities against the supplier’s downstream customers
SC Magazine
Security pros say more companies will report early in 8-K filings even if there’s no “material impact.”
CyberNews
The Hyundai Motor Corporation’s European division has reportedly been the victim of a January ransomware attack carried out by the Russian-linked Black Basta ransom gang.
DarkReading
The Russian APT behind the SolarWinds attacks exfiltrated data from HPE email accounts last May.
The Record
In a notice on its website, LoanDepot said that it has been forced to “take certain systems offline” while it deals with the cyber incident.
The Cyber Wire
The CyberAv3ngers and Predatory Sparrow engage in the Hamas-Israel war.
The Record
Ransomware group AlphV claimed on its leak site that it reported MeridianLink to the Securities and Exchange Commission (SEC) for not informing the regulator of a cyberattack.
The Record
The company said it became aware of a data security incident on October 20 after hackers broke into their systems the day before.
CSO
Semperis leverages existing identity security capabilities along with a new migration tool, to offer a comprehensive Active Directory transition and consolidation offering.
Infosecurity News
exhibitors at Infosecurity Europe are lining up to provide insight and advice to focus on response
DarkReading
One researcher thinks trust is broken in AD. Microsoft disagrees that there's a security vulnerability. But enterprise IT environments should be aware of an authentication gap either way.
Infosecurity News
Ransomware, nation-state attacks, and supply chains were cited as the biggest threats in the Infosecurity Group's annual report
SecurityWeek
Private equity investment firm KKR leads a $200 million round in enterprise identity protection vendor Semperis.