Written by Eleftherios Skoutaris. The landscape of cloud security compliance is constantly evolving, and the U.S. Federal Risk and Authorization Management Program (FedRAMP) is no exception. As highlighted recently, FedRAMP will be undergoing a significant transformation with the rollout of FedRAMP 20x, aiming to modernize and streamline the authorization process for Cloud Service Providers (CSPs) working […]
Author Archives: [email protected]
03
Apr
Apr
As we look ahead to Microsoft’s 50th anniversary, we’re celebrating the iconic memories and moments you’ve made over the past five decades. What better way to celebrate than with exclusive products like nostalgic Windows wallpapers—channeling the retro colors, pixelated edges and anticipation of new Windows releases across time. Made by three Microsoft designers and Windows […]
A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen from a SpotBugs workflow, which allowed a threat actor to compromise multiple GitHub projects. […]
The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job seekers in the cryptocurrency sector to deliver a previously undocumented Go-based backdoor called GolangGhost on Windows and macOS systems. The new activity, assessed to be a continuation of the campaign, has been codenamed ClickFake Interview […]
The rules have changed. Again. Artificial intelligence is bringing powerful new tools to businesses. But it’s also giving cybercriminals smarter ways to attack. They’re moving quicker, targeting more precisely, and slipping past old defenses without being noticed. And here’s the harsh truth: If your security strategy hasn’t evolved with AI in mind, you’re already behind. […]
AI holds the promise to revolutionize all sectors of enterpriseーfrom fraud detection and content personalization to customer service and security operations. Yet, despite its potential, implementation often stalls behind a wall of security, legal, and compliance hurdles. Imagine this all-too-familiar scenario: A CISO wants to deploy an AI-driven SOC to handle the overwhelming volume of […]
Cybersecurity researchers have disclosed details of a new vulnerability impacting Google’s Quick Share data transfer utility for Windows that could be exploited to achieve a denial-of-service (DoS) or send arbitrary files to a target’s device without their approval. The flaw, tracked as CVE-2024-10668 (CVSS score: 5.9), is a bypass for two of the 10 shortcomings […]
03
Apr
Apr
The Science Museum Group’s latest digital stories are now on Google Arts & Culture. Inspired by their Wonderlab+ online hub, these narratives delve into scientific t…
Counterfeit versions of popular smartphone models that are sold at reduced prices have been found to be preloaded with a modified version of an Android malware called Triada. “More than 2,600 users in different countries have encountered the new version of Triada, the majority in Russia,” Kaspersky said in a report. The infections were recorded […]
Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen payment information prior to exfiltration. “This tactic ensures that only valid card data is sent to the attackers, making the operation more efficient and potentially harder to detect,” Jscrambler researchers […]