Some security experts worry that open source Twitter code would thus not be tremendously helpful in revealing how the system selects content, but would create avenues of attack for threat actors that could now scrutinize its internal workings.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Phishing emails were sent to DoD vendors to capture login credentials on lookalike vendor payment website. The hackers then routed payments to shell entity.
Cybersecurity practices are most effective when they are integrated as a way of life for employees, rather than a once-a-year IT requirement.
Threat group has a specific focus on corporate M&A that are in the works. This mass cyber espionage campaign has been going on since at least December 2019.
Security incidents happen; that’s just reality. But how a company decides to handle an event says more about their values and priorities than their product. The recent Okta compromise reminds us of the damage inflicted when there is a lack of transparency between a security vendor and its customers.
A recent report investigated how much of that funding went to companies led by women. Of the 654 startups analyzed, only 22 — or 3.3% — were led by female CEOs.
Microsoft 365 Defender researcher team discovered a privilege escalation vulnerability dubbed Nimbuspwn allowing an attacker to gain root privileges and deploy malicious payloads.
The term protestware recently made global news when organizations in Russia and Belarus were attacked by malicious code that wiped their computers’ files. This malware was distributed through the popular open source JavaScript library, node-ipc, and was introduced by its maintainer in retaliation for Russia's invasion of Ukraine.
The FBI warned that BlackCat ransomware had compromised 60 organizations worldwide as of March 2022 and demanded millions in ransom payment. Alert linked BlackCat to the now-defunct BlackMatter ransomware group.
With an immediate need to remedy the headcount shortage in cybersecurity, staffing a security operations center (SOC) is only half the battle though. We need to focus on cultivating our workplace culture to better retain talent.










