Password manager LastPass notified its customers of a second security breach in 2022, with the threat actor accessing customer data stored on a shared cloud service.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
INTERPOL’s arrested nearly 1,000 cybercriminals, recovered $130 million from 2,800 accounts linked to proceeds of crime, and closed 1,600 cases in Operation HAECHI III.
Lateral movement has been a common factor in breaches, using identity as a universal attack vector to traverse environments unchecked. Organizations must have full visibility of the threat posed by identity and proactively wrap MFA round exposed assets.
Panther recently published their second annual “State of SIEM” report. 49% of cybersecurity professionals surveyed believe their SIEM covers less than half of their security data.
Threat actor is offering the alleged WhatsApp data leak for a relatively low cost, dividing it up by country of origin and offering each package for prices in the range of several thousand dollars via a dark web forum.
Pro-Russian Killnet DDoS group took responsibility for the cyber attack that shut down the EU parliament website after members passed a resolution designating Russia as a state sponsor of terrorism.
One of the biggest obstacles enterprises face during their digital transformation journey is operating in a hybrid model that maintains legacy systems while migrating to the cloud. A main issue with hybrid environments is identity management.
Finding the right balance between security and performance should be the building block of every computer system architecture. This blog post identifies some basic concepts of monitoring system health in an IT infrastructure.
Vulnerability in Twitter's API in 2021 caused a data leak that exposed private user profile information of at least 5.4 million users. The information is now available for free via a dark web forum.
Rogue Meta employees and contractors abused an internal tool called "Oops," which is primarily intended for in-house account recovery for employees and business partners. There were some cases of account hijacking for money.










