Network Security

Issued by: Dark Reading

Bitwarden, the leading open source password manager trusted by millions, today launched the open beta of Bitwarden Secrets Manager, designed to centrally secure and manage highly sensitive authentication credentials within privileged developer and DevOps environments. Development teams work across applications and multi-cloud infrastructures, using different tools and platforms. This leads to distributed secrets – API…

Application Security

Issued by: SecurityWeek

Microsoft on Wednesday rolled out an AI-powered security analysis tool to automate incident response and threat hunting tasks, showcasing a security use-case for the popular chatbot developed by OpenAI. The new tool, called Microsoft Security Copilot, is powered by OpenAI’s newest GPT-4 model and will be trained on data from Redmond’s massive trove of telemetry…

Network Security

Issued by: Security Affairs

The US Cybersecurity and Infrastructure Security Agency announced a new Pre-Ransomware Notification initiative that aims at alerting organizations of early-stage ransomware attacks. The principle behind the initiative is simple, ransomware actors initially gain access to the target organization, then they take some time before stealing or encrypting data. The time-lapse between initial access to a…

Network Security

Issued by: Dark Reading

Cybersecure IPS and LockDown Inc. jointly announce that they have entered a strategic alliance to combine their unique offerings to address the rapidly increasing threat to critical infrastructures around the world. This partnership couples the CyberSecure IPS Manhole Protection System with Lockdown’s suite of security devices to strengthen the Defense in Depth (DiD) critical infrastructure…

Malware & Threats

Issued by: Security Affairs

In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. According to the researchers, the activity is part of the Operation Soft Cell that was first reported in June 2019 by Cybereason. At the time, researchers at Cybereason uncovered the long-running espionage campaign tracked…

Malware & Threats

Issued by: DataBreach Today

Not all ransomware groups wield crypto-locking malware. In their continuing quest for extortionate profits, some have moved away from encryption and pressure victims purely by threatening to leak stolen data unless they receive a ransom payment. This seems to have been the case for BianLian, a prolific ransomware group that emerged in the summer of…

Vulnerabilities

Issued by: DataBreach Today

The online health insurance marketplace servicing residents of Washington, D.C., and staffers and members of the U.S. Congress is facing two proposed class action lawsuits in the aftermath of a hacking incident that affected at least 56,400 individuals. Some of the data stolen in the incident was posted for sale on the dark web earlier…

Mobile Security

Issued by: DataBreach Today

Google suspended popular budget e-commerce application Pinduoduo from the Play Store after detecting malware on versions of the Chinese app downloadable from other online stores. In a statement on Tuesday, Google said it took action to block the installation of Pinduoduo on Android devices and said it would scan smartphones for malicious versions through its…

Cloud Security

Issued by: CSO Online

Digital transformation is sweeping across the public and private sectors. This has pushed organizations to increasingly turn to hybrid and multicloud environments as a way to manage a sprawling digital infrastructure and growing mountains of data. But while cloud technology promises to increase collaboration among distributed workforces and quickly scale digital workloads, it also creates…

Vulnerabilities

Issued by: DataBreach Today

Last year was another bonanza in zero-days for Chinese state hackers, say security researchers in a report predicting a permanent uptick in nation-state exploitation of yet-unpatched vulnerabilities. Data taken from original research by cybersecurity firm Mandiant and from open-source reporting suggests zero-day exploitation is generally trending upward despite fluctuation from year to year in the…