Researchers at cloud security startup Orca Security have publicly documented a pair of vulnerabilities in AWS CloudFormation and AWS Glue that attackers could use to leak sensitive files or access other customers’ data.
Meshed Cybersecurity Platforms Enable Complex Business Environments
Cybercriminals are exploiting the confusion that results from organizations simply throwing money at their cybersecurity challenges
FCC Chair Proposes New Policies for Carrier Data Breach Reporting
Federal Communications Commission (FCC) chairwoman Jessica Rosenworcel this week proposed updated policies around telecom providers’ reporting of data breaches.
Recorded Future Acquires SecurityTrails in $65M Deal
With eyes firmly set on the booming attack surface management space, threat intel powerhouse Recorded Future is shelling out $65 million to purchase SecurityTrails, a startup that helps organizations keep track of internet-facing assets.
The Second Building Block for the SOC of the Future: An Open Integration Framework
The SOC of the future must be data driven, so it’s essential that systems and tools can work together
Research: Simulated Phishing Tests Make Organizations Less Secure
A large-scale, long-term phishing experiment conducted in a 56,000-employee organization has come to a startling conclusion: Those simulated phishing tests commonly seen in corporate user-education campaigns are actually making things much worse.
Microsoft Confirms ‘NotLegit’ Azure Flaw Exposed Source Code Repositories
Microsoft has quietly started notifying some Azure customers that a serious security vulnerability in the Azure App Service has caused the exposure of hundreds of source code repositories.
The Need for Survivable, Trustworthy Secure Systems
Cybersecurity and cyber resilience measures are most effective when applied in concert
Google Finds 35,863 Java Packages Using Defective Log4j
The computer security industry is bracing for travel on long, bumpy roads littered with Log4j security problems as experts warn that software dependency patching hiccups will slow global mitigation efforts.
Corellium Lands $25 Million Investment for Virtualization Tech
Fresh off a high-profile legal triumph over Apple, virtualization technology startup Corellium is now enjoying the attention of investors with Paladin Capital Group leading a $25 million funding round.