Solomon Klappholz

News The GitHub access token with administrator level privileges could have been used to great effect by threat actors

News CrowdStrike has responded to strong criticism from the CEO at Delta Air Lines, rejecting claims of gross negligence

News KnowBe4 revealed it inadvertently hired a North Korean hacker pretending to be a remote worker based in the US

News The NCSC plans to update its Active Cyber Defence program, introducing a refresh to keep the initiative up to date with the current threat landscape

News Threat actors are actively exploiting vulnerabilities in the ServiceNow platform, with reports of hackers already posting personal data on the dark web

News CISA’s Secure by Design Pledge is picking up momentum, adding a further 100 companies to its list of signees since May

News The VMware ESXi hypervisor has become a favorite target in the digital extortion community, according to researchers

News US tech startups are a prime target for foreign intelligence agencies and threat groups, offering a chance to steal IP and state secrets

News Zscaler’s ThreatLabz identified a new record for the largest ransomware payment ever recorded, which is almost twice the size of the previous record holder

News Data breach costs continued to rise, according to IBM, and they’re taking longer to recover from

Analysis CISOs still cite remote work as one of their major security sticking points four years on from the widespread shift at the beginning of COVID

News The costs associated with the CrowdStrike IT outage could surge in weeks to come, analysis suggests

News US law enforcement after information on the identification or location of a leading affiliate of a North Korean hacking gang, as the NCSC issues warning of its increased focus on critical infrastructure

News Hackers have reportedly dumped internal documents from Leidos Holdings on the dark web, raising questions about how organizations are securing their supply chains

A flood of ghost accounts are manipulating GitHub to promote malicious repositories and accounts – and this could be just the tip of the iceberg

News Social media giant reveals its most powerful open source model yet, but stakeholders continue to question its credibility in the field

News Security firm cites antitrust and investor concerns as it backs out of Google deal, but experts note there are other cloud security specialists the search giant could turn to

A joint operation led by the National Crime Agency to infiltrate the Digitalstress.su criminal marketplace and take control of its infrastructure and domains

Businesses urged to exercise caution and look out for the file named ‘result.txt in %TMP%’ that could indicate a “Daolpu” infection

News A red team assessment performed by CISA on an unnamed federal agency found a series of critical security weaknesses

News Responsible for one of the largest IT outages in years, CrowdStrike has had a tough day, but experts warn customers could face a "nightmare" in the coming days

News Financial difficulties at MediSecure mean it doesn’t have the resources to establish exactly who was impacted in a recent breach and what data was stolen

News The new Labour government has promised fresh cybersecurity legislation aimed at minimizing supply chain risk and improving incident reporting

One security expert told ITPro the Disney hackers could have ulterior motives despite framing themselves as hacktivist champions in support of content creators

News A recent white paper claimed the public sector could save billions every year by embracing AI, but experts warn this requires the right approach