Security News > 2023 > March > Week in review: LastPass breach, GCP data exfiltration, UEFI bootkit
5 open source Burp Suite penetration testing extensions you should check outWhen it comes to assessing the security of computer systems, penetration testing tools are critical for identifying vulnerabilities that attackers may exploit.
LastPass breach: Hacker accessed corporate vault by compromising senior developer's home PCLastPass is, once again, telling customers about a security incident related to the August 2022 breach of its development environment and subsequent unauthorized access to the company's third-party cloud storage service that hosted backups.
Expert strategies for defending against multilingual email-based attacksIn this Help Net Security video, Crane Hassold, Director of Threat Intelligence at Abnormal Security, provides insight into the impact of multilingual BEC attacks.
Developers can make a great extension of your security teamHistorically, the developer-security relationship has been defined by the perception that security tooling adds friction and frustration to the developer workflow.
A modern-day look at AppSec testing toolsIn this Help Net Security video, Frank Catucci, CTO, and Dan Murphy, Distinguished Architect at Invicti Security, break down the different types of application security testing tools, explore the strengths and tradeoffs, and provide you with the information you need to select the AppSec tooling that is right for your organization.
BlackLotus UEFI bootkit disables Windows security mechanismsESET researchers have published the first analysis of a UEFI bootkit capable of circumventing UEFI Secure Boot, a critical platform security feature.