Security
Cybersecurity has been a challenge from the beginning of IT and it will be until the end. It all started with endpoint and network security, but today we are also dealing with cloud security and training our employees to incorporate good security practices. All these new technologies that help us innovate also help cybercriminals and state-sponsored hackers get new tools that they can use to access our systems and, in the worst cases, gain access to our most valuable data and trade secrets. Moreover, with new legislation such as GDPR, you have to make sure everything is secure or you will not only lose your reputation, but you could also be fined by the government. In short, protecting IT environments is more important than ever.
Timeline
Internal data Mercedes-Benz was accessible due to public GitHub token
An authentication token for GitHub was accidentally shared publicly by an employee. With this token, the enti...
Top story
Microsoft repeats lessons it hadn’t learned itself before Russian hack
After being attacked itself, Microsoft has warned about the threat from Midnight Blizzard. This Russian-backe...
Critical vulnerability in Cisco UC/CC may lead to RCE attack
A number of Cisco solutions for SMBs suffer from a critical vulnerability that could lead to an RCE attack. ...
Vulnerability in popular WordPress plugin affects million websites
The WordPress plugin Better Search Replace has a critical vulnerability that hackers are actively exploiting....
HPE also infiltrated by the Russian hackers that hit Microsoft
HPE has revealed that it has been infiltrated by hackers employed by Russia. A "small percentage" of HPE emai...
Top story
‘Good password security includes passkeys, but they are not an all-in-one solution’
Passkeys have a marketing problem, in which they get presented as a holy grail that eliminates all forms of p...
More than 5,000 GitLab instances still vulnerable to account takeover
5,379 GitLab instances are still at risk. These instances may be affected by the recently discovered GitLab a...
Inadequately secured Trello API leads to unwanted data breach
A vulnerability in a Trello API from Atlassian allows private data to be linked with that of Trello accounts....
Majority of organizations pay up after ransomware attack
A new report from Barracuda Networks shows that cyber incidents are costing organizations millions. Attacks a...
VPNs European companies abused: suspected Chinese hackers
Hackers exploit critical vulnerabilities worldwide to gain control of Ivanti VPN appliances. Compromised VPNs...