Air France-KLM loses customer info in data breach
KLM warns of a data breach. The organization notified members of frequent flyer program Flying Blue that an unauthorized party may have accessed personal data.
The breach was confirmed by parent company Air France-KLM, according to Dutch media. The damage appears to be limited to members of freq... Read more
VSCode Marketplace poses security risks, researchers warn
The online marketplace could easily host malicious VSCode extensions, Aqua Security says.
Researchers from Aqua Security have recently discovered that attackers can easily trick unknowing developers into downloading malicious files disguised as popular Visual Studio Code extensions. "In original... Read more
AWS adds default encryption to Amazon S3
All objects added to the storage service will now be encrypted by default.
AWS has announced that all objects added to Simple Storage Service (S3) will be encrypted automatically by default, effective immediately. This means that the Amazon Server Side Encryption (SSE) service will be applied au... Read more
Twitter breach: ‘approximately 235 million email addresses leaked’
A leaked database of more than 235 million Twitter user e-mail addresses has been published online.
Alon Gal, CTO of security firm HudsonRock, shared the news in a post on LinkedIn. Gal reports that a major Twitter database has been publicly leaked after circulating for some time.
Accordin... Read more
Netskope raises $401M for platform development and go-to-market plans
Cloud security company Netskope has announced that it has raised $401 million in funding through convertible notes to enhance its platform and increase its marketing efforts.
The funding round was led by Morgan Stanley Tactical Value and included participation from the Ontario Teachers' Pension ... Read more
LogRhythm expands its platform’s capabilities to help security teams
New platform features and integrations enable analysts to quickly detect and remediate threats.
LogRhythm announced a series of expanded capabilities and integrations for its security operations solutions this week. The company, which specializes in security intelligence, says the updates "prope... Read more
Slack loses code repositories to unauthorized user
An unauthorized user gained access to Slack's GitHub repositories. The user managed to download the repositories before Slack plugged the leak.
The damage appears limited, as none of the stolen repositories involve Slack's source code or user data. The organization stresses that source code and... Read more
Hackers use Windows error reporting tool to attack devices
Hackers are abusing the Windows Problem Reporting tool (WerFault.exe) to compromise systems, according to a report in BleepingComputer.
The attackers exploit WerFault.exe to load malware into a compromised system's memory using a DLL sideloading technique. The legitimate Windows executable allo... Read more
LockBit cyberattack hits Port of Lisbon
The Christmas Day attack did not compromise operations, the Port Authority said.
Portugal’s third largest port suffered an attack by the LockBit ransomware gang over Christmas, according to a report in BleepingComputer. The Port of Lisbon is part of the critical infrastructure in Portugal's ca... Read more
Lateral security and XDR will be big in 2023, and here’s why
Predictions for 2023 are all the rage right now, but most are either highly speculative or so obvious they are hardly worth publishing. Here’s one that should be different: two of the hottest topics in networking next year will be lateral security and XDR, or eXtended detection and response.
O... Read more