Security News > 2023 > January > Serious Security: How to improve cryptography, resist supply chain attacks, and handle data breaches
So we though we'd take a quick look back at some of the major issues we covered over the last couple of weeks, and reiterate the serious security lessons we can learn from them.
If you are ever stuck with doing a data breach notification, don't try to rewrite history to your marketing advantage.
If you receive a data breach notification, and there are obvious things you can do that will improve both your theoretical security and your practical peace of mind, try to find the time to do them.
Cryptography is essential for national security and for and the functioning of the economy.
These crooks used DNS lookups with "Server names" that were actually exfiltrated data.
Apparently, the attackers in this case are now claiming that they stole personal data, including private keys, for "Research reasons" and say they've deleted the stolen data now.
News URL
Related news
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
- GoDaddy slapped with wet lettuce for years of lax security and 'several major breaches' (source)
- Balancing usability and security in the fight against identity-based attacks (source)
- PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack (source)
- IPany VPN breached in supply-chain attack to push custom malware (source)
- Supply chain attack hits Chrome extensions, could expose millions (source)
- Security pros more confident about fending off ransomware, despite being battered by attacks (source)
- Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant' (source)
- North Korea targets crypto developers via NPM supply chain attack (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)