Harmony blockchain loses nearly $100M due to hacked private keys
The crooks needed at least two private keys, each stored in two parts... but they got them anyway. Source
FTC warns of LGBTQ+ extortion scams – be aware before you share!
It's a simple jingle and it's solid advice: "If in doubt, don't give it out!" Source
It’s a Race to Secure the Software Supply Chain — Have You Already Stumbled?
If you haven't properly addressed the issue, you're already behind. But even if you've had a false start, it's never too late to get back up.Source
Threat Intelligence Services Are Universally Valued by IT Staff
Most of those surveyed are concerned about AI-based attacks and deepfakes, but suggest that their organization is ready.Source
APT Groups Swarming on VMware Servers with Log4Shell
CISA tells organizations running VMware servers without Log4Shell mitigations to assume compromise.Source
Only 3% of Open Source Software Bugs Are Actually Attackable, Researchers Say
A new study says 97% of open source vulnerabilities linked to software supply chain risks are not attackable — but is "attackability" the best method for prioritizing bugs?Source
OpenSSL issues a bugfix for the previous bugfix
Fortunately, it's not a major bugfix, which means it's easy to patch and can teach us all some useful lessons. Source
7 Steps to Stronger SaaS Security
Continuous monitoring is key to keeping up with software-as-a-service changes, but that's not all you'll need to get better visibility into your SaaS security.Source
The Cybersecurity Talent Shortage Is a Myth
We have a tech innovation problem, not a staff retention (or recruitment) problem.Source
Without Conti On The Scene, LockBit 2.0 Leads Ransomware Attacks
Analysts say an 18% drop in ransomware attacks seen in May is likely fleeting, as Conti actors regroup.Source