Home - Blue Lava Community

Message Image

Skip main navigation (Press Enter).

Information security is a team effort.
Count us in.

Your safe haven environment to gather, share, support and mentor

Grow your skills and career as a member of the Blue Lava Community - Built with, by and for security leaders.

Our Community Members

Alex
Kreilein

Qualys

Tammy
Moskites

CyAlliance

Mark
Weatherford

AlertEnterprise

Rock Lambros

RockCyber

Roger Hale

Agora

Russell Eubanks

Security Ever After

Jasper Ossentjuk

NielsenIQ

William Pugh

AWS

Frank Kim

SANS

Megan McCann

McCann Partners

Brian Johnson

Armorblox

Brian Contos

Phosphorus Security

Laz

Blue Lava

Deborah Blyth

Crowdstrike

Elizabeth Volini

JLL

Hamish Archer

IBM

Julie Cullivan

FireEye

Eward Driehuis

3Eyes Security

Member Exclusive Resources

Built with, by, and for the Community

Crucial Conversations w/ Matthew Rosenquist - Overcoming the 5 Areas CISOs Tend to Struggle

Organizations are asking a lot of their CISOs—from protecting internal digital assets to verifying the security postures of customers and partners, managing cyber insurance and compliance requirements, and acting...

Crucial Conversations w/ Dutch Schwartz - Developing Cybersecurity Leadership Capabilities and Scaling the Competence of the Team

Dutch Schwartz—a Principal Security Specialist with Amazon Web Services—discusses how CISOs and other...

On-Demand Recording - Women's History Month Meetup

Join 5 transformational female leaders as they share how they overcame cultural, historical and behavioral biases to achieve success in a male dominated industry including tips, advice and resources to assist with...

Membership Benefits

Private collaboration portal allowing members to gather, share, support, and mentor 365-days a year

01

Access to a support system of battle-tested business and security executives

02

Expert guidance on security program management

03

Relevant content and resources created with, by, and for members

04

Private meetups and best practice working groups led by member facilitators

05

Strategic mentor matchmaking

06

Join the community

Criteria to Join

The Blue Lava Community is built with, by and for CISOs and also welcomes those who aspire to lead security teams in the future.

There is no sales, marketing or business development representation in the community.

CISOs (or equivalent responsibility)

01

Cybersecurity stakeholders including CIO, CRO, CTO, CPO

02

High potential cybersecurity leaders and aspiring CISOs

03

vCISOs, Consulting CISO, Business owners, Security Experts and Industry Influencers

04

Blue Lava customers

05

No sales, marketing, or business development executives are eligible

06

Join the community

Latest Discussions

More

Leaderboard

Events

Thursday

6

April

HMG Dallas CIO Executive Leadership Summit (Featuring Community Member Mike Anderson)

Apr 6, 08:00 AM - 05:00 PM (CT)
Tuesday

11

April

CyAlliance Networking Dinner - Seattle (Hosted by community co-founder Tammy Moskites)

Apr 11, 05:30 PM - 08:30 PM (PT)

More

Blogs

How CISOs Can Recruit and Retain IT Security Teams While Also Fulfilling Their Own Careers

By: Megan McCann, 11-28-2022 10:08 AM

Blog Entry

The large ratio gap in the availability of IT security professionals to open positions existed long before COVID-19. And that gap has grown even bigger thanks to the great resignation that has continued ...
Cyberattacks on Complex Supply Chains Difficult to Resolve

By: Mark Weatherford, 11-11-2022 11:54 AM

Blog Entry

Traditional supply chain risk management is a fairly mature discipline where organizations focus on the logistics of how to get vendor products from point A to Point B. The reality however is that the ...
Cybersecurity Talent Challenge

By: Alexis Culp, 10-11-2022 09:23 AM

Blog Entry

After finishing my last blog, " How internships in cybersecurity can help you bridge the talent acquisition gap .” I felt somewhat inspired to continue on this chain of thought. As you probably have ...

News

Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability

3/31/2023 10:07:00 AM

The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. "TA473 since at least February 2023...
Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam

3/31/2023 8:01:00 AM

The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users. Two...
Deep Dive Into 6 Key Steps to Accelerate Your Incident Response

3/31/2023 7:47:00 AM

Organizations rely on Incident response to ensure they are immediately aware of security incidents, allowing for quick action to minimize damage. They also aim to avoid follow on attacks or future related...
3CX Supply Chain Attack — Here's What We Know So Far

3/31/2023 5:37:00 AM

Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are affected by a supply chain attack. The version numbers include 18...
Researchers Detail Severe "Super FabriXss" Vulnerability in Microsoft Azure SFX

3/30/2023 1:02:00 PM

Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code execution. Tracked as CVE-2023-23383 (CVSS score: 8.2), the...
Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor

3/30/2023 11:58:00 AM

A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG. "RedGolf is a particularly prolific Chinese state...
New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices

3/30/2023 8:21:00 AM

A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD...
Cyberstorage: Leveraging the Multi-Cloud to Combat Data Exfiltration

3/30/2023 7:17:00 AM

Multi-cloud data storage, once merely a byproduct of the great cloud migration, has now become a strategy for data management. "Multi-cloud by design," and its companion the supercloud, is an ecosystem...
AlienFox Malware Targets API Keys and Secrets from AWS, Google, and Microsoft Cloud Services

3/30/2023 6:08:00 AM

A new "comprehensive toolset" called AlienFox is being distributed on Telegram as a way for threat actors to harvest credentials from API keys and secrets from popular cloud service providers. "The spread...
3CX Desktop App Supply Chain Attack Leaves Millions at Risk - Urgent Update on the Way!

3/30/2023 2:31:00 AM

3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that's using digitally signed...

German Police Raid DDoS-Friendly Host ‘FlyHosting’

3/31/2023 2:35:15 PM

Authorities in Germany this week seized Internet servers that powered FlyHosting, a dark web service that catered to cybercriminals operating DDoS-for-hire services. Fly Hosting first advertised on cybercrime...
UK Sets Up Fake Booter Sites To Muddy DDoS Market

3/28/2023 1:26:07 PM

The United Kingdom's National Crime Agency (NCA) has been busy setting up phony DDoS-for-hire websites that seek to collect information on users, remind them that launching DDoS attacks is illegal, and...
Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

3/22/2023 7:11:08 PM

Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the app. The move comes just weeks after Chinese security researchers published an...
Why You Should Opt Out of Sharing Data With Your Mobile Provider

3/20/2023 10:47:56 AM

A new breach involving data from nine million ATT customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with...
Feds Charge NY Man as BreachForums Boss “Pompompurin”

3/17/2023 7:39:22 PM

The U.S. Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums, a popular English-language cybercrime forum where some of the world biggest hacked...
Microsoft Patch Tuesday, March 2023 Edition

3/15/2023 11:19:32 AM

Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially...
Two U.S. Men Charged in 2022 Hacking of DEA Portal

3/14/2023 9:25:20 PM

Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger...
Who’s Behind the NetWire Remote Access Trojan?

3/9/2023 1:52:25 PM

A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords...
Sued by Meta, Freenom Halts Domain Registrations

3/7/2023 6:19:26 PM

The domain name registrar Freenom, whose free domain names have long been a draw for spammers and phishers, has stopped allowing new domain name registrations. The move comes just days after the Dutch...
Highlights from the New U.S. Cybersecurity Strategy

3/2/2023 8:33:06 PM

The Biden administration today issued its vision for beefing up the nation's collective cybersecurity posture, including calls for legislation establishing liability for software products and services...

Adaptive Access Technologies Gaining Traction for Security, Agility

3/31/2023 3:15:10 PM

With companies pushing to adopt Zero Trust frameworks, adaptive authentication and access — once languishing — looks finally ready to move out of the doldrums.
Is Decentralized Identity About to Reach an Inflection Point?

3/31/2023 2:16:00 PM

Decentralized identity products are increasingly projected to be introduced to the market in the next couple of years.
Vulkan Playbook Leak Exposes Russia's Plans for Worldwide Cyberwar

3/31/2023 11:22:00 AM

Russian intelligence services, together with a Moscow-based IT company, are planning worldwide hacking operations that will also enable attacks on critical infrastructure facilities.
US Space Force Requests $700M for Cybersecurity Blast Off

3/31/2023 10:30:00 AM

Russia's invasion of Ukraine spurs Space Force to seek astronomical investments in cybersecurity.
What CISOs Can Do to Build Trust & Fight Fraud in the Metaverse

3/31/2023 10:00:00 AM

Until a degree of confidence is established, a platform's credibility can be eroded by scammers and unsuspecting gamers who fall victim to their attacks.
Post-Quantum Satellite Protection Rockets Towards Reality

3/31/2023 9:25:00 AM

A successful multi-orbit cryptography test beamed quantum-agile data up to two different satellites and back down to Earth.
Automatic Updates Deliver Malicious 3CX 'Upgrades' to Enterprises

3/30/2023 5:38:00 PM

In a SolarWinds-like attack, compromised, digitally signed versions of 3CX DesktopApp are landing on user systems via the vendor's update mechanism.
BEC Fraudsters Expand to Snatch Real-World Goods in Commodities Twist

3/30/2023 4:15:00 PM

Business email compromise scams are moving beyond just stealing cash, with some threat actors fooling companies into sending goods and materials on credit, and then skipping out on payment.
Microsoft Patches 'Dangerous' RCE Flaw in Azure Cloud Service

3/30/2023 2:58:13 PM

The vulnerability would have allowed an unauthenticated attacker to execute code on a container hosted on one of the platform's nodes.
Organizations Consider Self-Insurance to Manage Risk

3/30/2023 2:50:00 PM

Risk reassessment is shaking up the cybersecurity insurance market, leading some organizations to consider their options, including self-insurance.

Spyware vendors use exploit chains to take advantage of patch delays in mobile ecosystem

3/31/2023 11:09:00 AM

Several commercial spyware vendors developed and used zero-day exploits against iOS and Android users last year. However, their exploit chains also relied on known vulnerabilities to work, highlighting...
Italian privacy regulator bans ChatGPT over collection, storage of personal data

3/31/2023 9:31:00 AM

Italy’s data privacy regulator has banned ChatGPT over alleged privacy violations relating to the chatbot’s collection and storage of personal data. With immediate effect, the Guarantor for the protection...
New CISO appointments, February 2023

3/31/2023 5:00:00 AM

The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO
Kyndryl lays off staff in search of efficiency

3/30/2023 10:58:00 AM

The layoffs are part of a restructuring initiative aimed at improving efficiency and customer service, Kyndryl says.
3CX DesktopApp compromised by supply chain attack

3/30/2023 8:25:00 AM

3CX is working on a software update for its 3CX DesktopApp, after multiple security researchers alerted the company of an active supply chain attack in it. The update will be released in the next...
APT group Winter Vivern exploits Zimbra webmail flaw to target government entities

3/30/2023 8:25:00 AM

An APT group known in the security industry as Winter Vivern has been exploiting a vulnerability in the Zimbra Collaboration software to gain access to mailboxes from government agencies in several...
DXC Technology says global network is not compromised following Latitude Financial breach

3/30/2023 4:51:00 AM

Soon after Latitude Financial revealed it suffered a cyber attack, DXC Technology quietly published a note on its website stating its global network and customer support networks were not compromised...
BrandPost: R.I.P. passwords. Hello peace of mind

3/29/2023 4:30:00 PM

It is estimated that an average user has close to 100 passwords that they use across various applications and services. Almost two-thirds of users re-use the same password
BrandPost: The importance of low code/no code workflow orchestration in digital transformation

3/29/2023 2:59:00 PM

Have you heard about workflow orchestration? It's a fancy term for automating and managing the flow of work between different systems, applications, and teams. And in today's business world, it's...
BrandPost: Should physical proximity be a required MFA factor?

3/29/2023 2:52:00 PM

The cybercrime marketplace of offering stolen credentials to enable access-as-a-service attacks continues to dominate the market with a 6 fold increase in number of credentials stolen by malware...

Student Loan Breach Exposes 2.5M Records

8/31/2022 8:57:48 AM

2.5 million people were affected, in a breach that could spell more trouble down the line.
Watering Hole Attacks Push ScanBox Keylogger

8/30/2022 12:00:43 PM

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

8/29/2022 10:56:19 AM

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
Ransomware Attacks are on the Rise

8/26/2022 12:44:27 PM

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
Cybercriminals Are Selling Access to Chinese Surveillance Cameras

8/25/2022 2:47:15 PM

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
Twitter Whistleblower Complaint: The TL;DR Version

8/24/2022 10:17:04 AM

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
Firewall Bug Under Active Attack Triggers CISA Warning

8/23/2022 9:19:58 AM

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
Fake Reservation Links Prey on Weary Travelers

8/22/2022 9:59:06 AM

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
iPhone Users Urged to Update to Patch 2 Zero-Days

8/19/2022 11:25:56 AM

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
Google Patches Chrome’s Fifth Zero-Day of the Year

8/18/2022 10:31:38 AM

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.

It’s hunting season for tax fraudsters. Judge rules against class action lawsuit for CareFirst breach. Top FBI official speaks out in suppor...

3/31/2023 3:30:00 PM

It’s hunting season for tax fraudsters. Judge rules against class action lawsuit for CareFirst breach. Top FBI official speaks out in support of Section 702.
Creating Connections: Agents of change.

3/31/2023 1:29:00 PM

Last month, I shared the quote: “There is no limit to what we, as women, can accomplish.” – Michelle Obama I wanted to take a moment to thank all of you women in cybersecurity for the contributions...
The Vulkan papers. 3CXDesktopApp incident. XSS flaw can lead to remote code execution. AlienFox targets misconfigured servers.

3/31/2023 11:28:36 AM

The Vulkan papers. 3CXDesktopApp vulnerability and supply chain risk. XSS flaw can lead to remote code execution. AlienFox targets misconfigured servers.
3CX supply chain attacks.

3/31/2023 11:10:28 AM

Enterprise phone company 3CX has seen the exploitation of a vulnerability in their 3CXDesktop App, potentially compromising thousands of business networks.
Super FabriXss.

3/31/2023 10:56:03 AM

Researchers discover cross-site scripting flaw in Azure Service Fabric platform.
AlienFox, the spammer's friend.

3/31/2023 10:39:59 AM

Commodity toolkit is designed to set the stage for further attacks.
Ukraine at D+400: the Vulkan papers.

3/31/2023 10:34:18 AM

The Vulkan papers offer a rare opportunity for an inside look at Russian cyber warfare.
Medical data exposed in latest GoAnywhere hack. Toyota Italy accidentally leaks (phishing) fuel. Meriton becomes latest Australian company t...

3/30/2023 5:51:37 PM

Medical data exposed in latest GoAnywhere hack. Toyota Italy accidentally leaks (phishing) fuel. Meriton becomes latest Australian company targeted by hackers.
A major supply chain attack is underway. Ms Connor, call your office. Combosquatting. False positives fixed. Tanks don’t work, so Russia tri...

3/30/2023 4:15:00 PM

The 3CXDesktopApp is under exploitation in a supply chain campaign. An open letter asks for a pause in advanced AI development. All your grammar and usage are belong us. Combosquatting might fool even...
Forever war and nuclear misrepresentation. De-anonymizing Telegram? Censorship, civil society, and transnational repression.

3/30/2023 4:00:00 PM

The Kremlin's narrative of a forever war. Nuclear talk as a tool of persuasion. De-anonymizing Telegram? Censorship, civil society, and transnational repression.

Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability

3/31/2023 10:07:00 AM

The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. "TA473 since at least February 2023...
Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam

3/31/2023 8:01:00 AM

The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users. Two...
Deep Dive Into 6 Key Steps to Accelerate Your Incident Response

3/31/2023 7:47:00 AM

Organizations rely on Incident response to ensure they are immediately aware of security incidents, allowing for quick action to minimize damage. They also aim to avoid follow on attacks or future related...
3CX Supply Chain Attack — Here's What We Know So Far

3/31/2023 5:37:00 AM

Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are affected by a supply chain attack. The version numbers include 18...
Researchers Detail Severe "Super FabriXss" Vulnerability in Microsoft Azure SFX

3/30/2023 1:02:00 PM

Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code execution. Tracked as CVE-2023-23383 (CVSS score: 8.2), the...
Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor

3/30/2023 11:58:00 AM

A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG. "RedGolf is a particularly prolific Chinese state...
New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices

3/30/2023 8:21:00 AM

A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD...
Cyberstorage: Leveraging the Multi-Cloud to Combat Data Exfiltration

3/30/2023 7:17:00 AM

Multi-cloud data storage, once merely a byproduct of the great cloud migration, has now become a strategy for data management. "Multi-cloud by design," and its companion the supercloud, is an ecosystem...
AlienFox Malware Targets API Keys and Secrets from AWS, Google, and Microsoft Cloud Services

3/30/2023 6:08:00 AM

A new "comprehensive toolset" called AlienFox is being distributed on Telegram as a way for threat actors to harvest credentials from API keys and secrets from popular cloud service providers. "The spread...
3CX Desktop App Supply Chain Attack Leaves Millions at Risk - Urgent Update on the Way!

3/30/2023 2:31:00 AM

3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that's using digitally signed...

German Police Raid DDoS-Friendly Host ‘FlyHosting’

3/31/2023 2:35:15 PM

Authorities in Germany this week seized Internet servers that powered FlyHosting, a dark web service that catered to cybercriminals operating DDoS-for-hire services. Fly Hosting first advertised on cybercrime...
UK Sets Up Fake Booter Sites To Muddy DDoS Market

3/28/2023 1:26:07 PM

The United Kingdom's National Crime Agency (NCA) has been busy setting up phony DDoS-for-hire websites that seek to collect information on users, remind them that launching DDoS attacks is illegal, and...
Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

3/22/2023 7:11:08 PM

Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the app. The move comes just weeks after Chinese security researchers published an...
Why You Should Opt Out of Sharing Data With Your Mobile Provider

3/20/2023 10:47:56 AM

A new breach involving data from nine million ATT customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with...
Feds Charge NY Man as BreachForums Boss “Pompompurin”

3/17/2023 7:39:22 PM

The U.S. Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums, a popular English-language cybercrime forum where some of the world biggest hacked...
Microsoft Patch Tuesday, March 2023 Edition

3/15/2023 11:19:32 AM

Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially...
Two U.S. Men Charged in 2022 Hacking of DEA Portal

3/14/2023 9:25:20 PM

Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger...
Who’s Behind the NetWire Remote Access Trojan?

3/9/2023 1:52:25 PM

A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords...
Sued by Meta, Freenom Halts Domain Registrations

3/7/2023 6:19:26 PM

The domain name registrar Freenom, whose free domain names have long been a draw for spammers and phishers, has stopped allowing new domain name registrations. The move comes just days after the Dutch...
Highlights from the New U.S. Cybersecurity Strategy

3/2/2023 8:33:06 PM

The Biden administration today issued its vision for beefing up the nation's collective cybersecurity posture, including calls for legislation establishing liability for software products and services...

Adaptive Access Technologies Gaining Traction for Security, Agility

3/31/2023 3:15:10 PM

With companies pushing to adopt Zero Trust frameworks, adaptive authentication and access — once languishing — looks finally ready to move out of the doldrums.
Is Decentralized Identity About to Reach an Inflection Point?

3/31/2023 2:16:00 PM

Decentralized identity products are increasingly projected to be introduced to the market in the next couple of years.
Vulkan Playbook Leak Exposes Russia's Plans for Worldwide Cyberwar

3/31/2023 11:22:00 AM

Russian intelligence services, together with a Moscow-based IT company, are planning worldwide hacking operations that will also enable attacks on critical infrastructure facilities.
US Space Force Requests $700M for Cybersecurity Blast Off

3/31/2023 10:30:00 AM

Russia's invasion of Ukraine spurs Space Force to seek astronomical investments in cybersecurity.
What CISOs Can Do to Build Trust & Fight Fraud in the Metaverse

3/31/2023 10:00:00 AM

Until a degree of confidence is established, a platform's credibility can be eroded by scammers and unsuspecting gamers who fall victim to their attacks.
Post-Quantum Satellite Protection Rockets Towards Reality

3/31/2023 9:25:00 AM

A successful multi-orbit cryptography test beamed quantum-agile data up to two different satellites and back down to Earth.
Automatic Updates Deliver Malicious 3CX 'Upgrades' to Enterprises

3/30/2023 5:38:00 PM

In a SolarWinds-like attack, compromised, digitally signed versions of 3CX DesktopApp are landing on user systems via the vendor's update mechanism.
BEC Fraudsters Expand to Snatch Real-World Goods in Commodities Twist

3/30/2023 4:15:00 PM

Business email compromise scams are moving beyond just stealing cash, with some threat actors fooling companies into sending goods and materials on credit, and then skipping out on payment.
Microsoft Patches 'Dangerous' RCE Flaw in Azure Cloud Service

3/30/2023 2:58:13 PM

The vulnerability would have allowed an unauthenticated attacker to execute code on a container hosted on one of the platform's nodes.
Organizations Consider Self-Insurance to Manage Risk

3/30/2023 2:50:00 PM

Risk reassessment is shaking up the cybersecurity insurance market, leading some organizations to consider their options, including self-insurance.

Powered by Higher Logic