Public URL scanning tools – when security leads to insecurity
Never make your users cry/By how you use an API
Cyber News, Cyber Threat Trends
- November 7, 2022
- November 7, 2022
Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack
Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident. The attack, according to the company, was detected in its IT network on October 12 in a manner that it said was “consistent with the precursors to a ransomware event,” […]
Cyber News, Cyber Threat TrendsAndroid RAT Group Targets Indian Defense Personnel
The app asked for several permissions, including camera, microphone, internet and storage
Cyber News, Cyber Threat Trends
- November 7, 2022
This Hidden Facebook Tool Lets Users Remove Their Email or Phone Number Shared by Others
Facebook appears to have silently rolled out a tool that allows users to remove their contact information, such as phone numbers and email addresses, uploaded by others. The existence of the tool, which is buried inside a Help Center page about “Friending,” was first reported by Business Insider last week. It’s offered as a way for “Non-users” to “exercise their […]
Cyber News, Cyber Threat TrendsCyber Insurance Market Stabilizing as Security Awareness Improves
The cyber insurance market is beginning to stabilize following several years of steep rate increases, according to a recent report
Cyber News, Cyber Threat Trends
- November 7, 2022
How an EIPAssociation in CloudFormation can Help Prevent Dependency Issues
ACM.104 Maintaining a static IP address when you need to delete and recreate an EC2 instance This is a continuation of my series on Automating Cybersecurity Metrics. We ran into a snag in the last post and we’re going to fix it in this post. In that post, we used an AWS-managed prefix list ot add […]
Cyber News, Cyber Threat Trends
- November 7, 2022
Experts Find Urlscan Security Scanner Inadvertently Leaks Sensitive URLs and Data
Security researchers are warning of “a trove of sensitive information” leaking through urlscan.io, a website scanner for suspicious and malicious URLs. “Sensitive URLs to shared documents, password reset pages, team invites, payment invoices and more are publicly listed and searchable,” Positive Security co-founder, Fabian Bräunlein, said in a report published on November 2, 2022. The
Cyber News, Cyber Threat TrendsThe Conviction of Uber’s Chief Security Officer
I have been meaning to write about Joe Sullivan, Uber’s former Chief Security Officer. He was convicted of crimes related to covering up a cyberattack against Uber. It’s a complicated case, and I’m not convinced that he deserved a guilty ruling or that it’s a good thing for the industry. I may still write something, […]
Cyber News, Cyber Threat Trends
- November 7, 2022
How to prepare for a SOC 2 audit – it’s a big deal, so you’d better get ready
Organizations that want to prove to others – and to themselves – that they have a solid cybersecurity and data privacy program will undergo a SOC 2 audit. As such, a SOC 2 audit is a big deal, and it’s demanding, and it requires some serious preparation. SOC audits were created by the American Institute […]
Cyber News, Cyber Threat Trends