Data Breaches

To solve the cybersecurity worker gap, forget the job title and search for the skills you need

BlackBerry CISO Arvind Raman looks beyond job titles when he has open positions to fill and instead focuses on the key skills required to do the work. That mindset allows Raman to readily identify and recruit qualified professionals from outside the security field, instead of simply seeking candidates working their way up the typical chain of security roles. For example, he has hired finance professionals for risk- and compliance-related work and marketing pros for awareness…

Read More

Cycode’s free CI/CD monitoring tool offers new DevOps visibility

Cycode’s new Cimon monitoring tool for continuous integration and continuous delivery is designed to offer a new level of visibility into the CI/CD process, securing code against data exfiltration and other malicious activity. According to the company’s announcement, Cimon — short for CI Monitor — is a runtime security agent that uses the enhanced Berkeley Packet Filter (eBPF) system to look directly into the CI pipeline, develop a baseline understanding of what normal behavior looks…

Read More

Health Service Ireland latest victim of MOVEit cyber attack

Health Service Ireland (HSE) has become the latest victim of a supply chain cyber attack launched against document transfer service MOVEit. The attack was launched by ransomware gang, Clop. Clop were able to infiltrate MOVEit by exploiting a zero-day vulnerability that allowed the malicious group to break into company networks and steal data. Professional services partnership EY was also impacted by the cyber attack, leading to the breach. HSE was working with EY to automate…

Read More

Threat intelligence programs poised for growth

In my last CSO article, I detailed cybersecurity professionals’ opinions on the characteristics of a mature cyber-threat intelligence (CTI) program. According to ESG research, the top attributes of a mature CTI program include dissemination of reports to a broad audience, analysis of massive amounts of threat data, and CTI integration with lots of security technologies. Alas, most CTI programs are far from mature, but this may change over the next few years as most enterprise…

Read More

Google launches Secure AI Framework to help secure AI technology

Google has announced the launch of the Secure AI Framework (SAIF), a conceptual framework for securing AI systems. Google, owner of the generative AI chatbot Bard and parent company of AI research lab DeepMind, said a framework across the public and private sectors is essential for making sure that responsible actors safeguard the technology that supports AI advancements so that when AI models are implemented, they’re secure-by-default. Its new framework concept is an important step…

Read More

Key role targeted cyber attacks are on the rise

Research by Ponemon Institute and cyber security company BlackCloak has found that hackers have been directly targeting C-suite executives and their family members with cyber attacks via their personal email addresses.  In Understanding the serious risks to executives’ personal cybersecurity and digital lives, which was released on June 5, researchers found that 42 percent of organizations said that an executive or an executive’s family member had been the direct target of a cyber attack. This…

Read More

ACT government falls victim to Barracuda’s ESG vulnerability

The Australian Capital Territory government is one of the victims of a vulnerability found in Barracuda’s email security gateway (ESG). In a press conference on 8 June, ACT government chief digital officer Bettina Konti said there is a likelihood that some personal information is involved but the harms assessment needs to completed for that to be clear. Barracuda had first identified the CVE-2023-2838 vulnerability on 19 May issuing a patch worldwide on 20 May followed…

Read More

North Korean APT group targets email credentials in social engineering campaign

Researchers warn of a social engineering campaign by the North Korean APT group known as Kimsuky that attempts to steal email credentials and plant malware. The campaign, focused on experts in North Korean affairs, is part of this group’s larger intelligence gathering operations that target research centers, think tanks, academic institutions, and news outlets globally. “Kimsuky, a suspected North Korean advanced persistent threat (APT) group whose activities align with the interests of the North Korean…

Read More

Google Cloud launches Cryptomining Protection Program

Google Cloud has launched its Cryptomining Protection Program for Security Command Center (SCC) Premium customers with up to $1 million to cover unauthorized Google Cloud compute expenses associated with undetected cryptomining attacks. SCC Premium customers will have access to the new product for free. SCC Premium works with a pay-as-you-go pricing, and as one-year and multi-year fixed-price subscriptions.  According to Google Cybersecurity Action Team (GCAT) September 2022 Threat Horizons Report, threat actors frequently targeted weak and default…

Read More

BastionZero releases SplitCert for password-free authentication and access

BastionZero has announced the release of SplitCert to provide password-free authentication access to databases. It uses Mutual TLS (mTLS) and cryptographic multi-party computation (MPC) to provide certificate-based authentication for popular, self-hosted Postgres and MongoDB databases, according to the vendor. Other new BastionZero platform features include passwordless access support for GCP cloud SQL and AWS RDS via a new desktop app, along with password-free support for Microsoft Windows servers with Remote Desktop Protocol (RDP), BastionZero said.…

Read More