Microsoft on Monday announced another major disruption of an APT actor believed to be linked to the Russian government, cutting off access to accounts used for pre-attack reconnaissance, phishing, and email harvesting.
Black Hat USA 2022 – Announcements Summary
Hundreds of companies and organizations showcased their products and services this week at the 2022 edition of the Black Hat conference in Las Vegas.
Researchers Find Stolen Algorithms in Commercial Cybersecurity Products
LAS VEGAS – BLACK HAT USA 2022 – An analysis conducted by two researchers has revealed that some commercial cybersecurity products rely on algorithms that have been taken from other security tools without authorization.
NIST Post-Quantum Algorithm Finalist Cracked Using a Classical PC
Privya Emerges From Stealth With Data Privacy Code Scanning Platform
Privya emerged from stealth mode on Tuesday with a data privacy-focused code scanning platform and $6 million in seed funding.
Twilio Hacked After Employees Tricked Into Giving Up Login Credentials
Enterprise software vendor Twilio (NYSE: TWLO) has been hacked by a relentless threat actor who successfully tricked employees into giving up login credentials that were then used to steal third-party customer data.
Twitter Breach Exposed Anonymous Account Owners
A vulnerability in Twitter’s software that exposed an undetermined number of owners of anonymous accounts to potential identity compromise last year was apparently exploited by a malicious actor, the social media company said Friday.
Ghost Security Snags $15M Investment for API Security Tech
Texas startup Ghost Security has joined the list of early-stage companies in the API and application security space attracting venture capital funding.
The Austin-based company emerged from stealth this week with $15 million in investments from 468 Capital, DNX Ventures, and Munich Re Ventures.
Slack Forces Password Resets After Discovering Software Flaw
Workplace productivity software giant Slack on Friday forced password resets for a tiny fraction of its users after the discovery of a security flaw that exposed Slack credentials.
Slack’s security response team alerted users to the issue via email and followed up with a blog post warning about the risk of passwords leaking to a skilled attacker.
Traffic Light Protocol 2.0 Brings Wording Improvements, Label Changes
The Forum of Incident Response and Security Team (FIRST) announced on Thursday the release of Traffic Light Protocol version 2.0, which brings important updates to the widely used sensitive information classification system.
