91. Granting AWS Console access for Secrets Manager Secrets to address IAM Policy Limitations This is a continuation of my series on Automating Cybersecurity Metrics. If you recall from a prior post we had some complications when trying to protect a user-specific secret due to the way AWS policies work. We couldn’t fully achieve our […]
Cyber News, Cyber Threat Trends
Two point-of-sale (PoS) malware variants have been put to use by a threat actor to steal information related to more than 167,000 credit cards from payment terminals. According to Singapore-headquartered cybersecurity company Group-IB, the stolen data dumps could net the operators as much as $3.34 million by selling them on underground forums. While a significant […]
Cyber News, Cyber Threat Trends
Introduction In many ways, the software supply chain is similar to that of manufactured goods, which we all know has been largely impacted by a global pandemic and shortages of raw materials. However, in the IT world, it is not shortages or pandemics that have been the main obstacles to overcome in recent years, but […]
Cyber News, Cyber Threat TrendsLast week, I was privileged to participate in an important national summit on IoT Security convened by Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technologies. Representatives from across the US government, industry, and academia were invited to the White House to discuss a National Consumer IoT Security Labeling program. In short, we […]
Cyber News, Cyber Threat TrendsIt was all going so well. At first. Read more in my article on the Hot for Security blog.
Cyber News, Cyber Threat Trends
Content delivery network (CDN) provider Akamai said Tuesday that its Prolexic DDoS protection service will become able to handle DDoS attacks of up to 20Tbps, thanks to a new wave of construction of so-called scrubbing centers. The company’s announcement said that this will effectively double its current capacity to handle network-level DDoS attacks, with rollouts […]
Cyber News, Cyber Threat Trends
CISOs have long been tasked with building response and recovery capabilities, the objective being to have teams that can react to a security incident as quickly as possible and can restore business functions with as little damage as possible. The need for those activities is certainly not going to go away, but many security chiefs […]
Cyber News, Cyber Threat Trends
According to data from the Rekt leaderboard, cybercriminals have stolen as much as $3 billion of investor funds through 141 various cryptocurrency exploits since January, putting 2022 on track to top 2021 levels of digital currency malfeasance. Comparitech’s cryptocurrency heists tracker indicates that since 2011, hackers have stolen $7.9 billion in cryptocurrency worth about $45.5 […]
Cyber News, Cyber Threat TrendsSuspected hacktivists inside country share sensitive info
Cyber News, Cyber Threat Trends