Security News > 2024 > April > Week in review: 73M customers affected by AT&T data leak, errors led to US govt inboxes compromise

How Google plans to make stolen session cookies worthless for attackersGoogle is working on a new security feature for Chrome called Device Bound Session Credentials, meant to prevent attackers from using stolen session cookies to gain access user accounts.
A "Cascade" of errors let Chinese hackers into US government inboxesMicrosoft still doesn't known how Storm-0558 attackers managed to steal the Microsoft Services Account cryptographic key they used to forge authentication tokens needed to access email accounts belonging to US government officials.
Ivanti vows to transform its security operating model, reveals new vulnerabilitiesIvanti has released patches for new DoS vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure, some of which could also lead to execution of arbitrary code or information disclosure.
Human risk is the top cyber threat for IT teamsIn this Help Net Security video, Julian Martin, VP of Technology Alliances at Mimecast, discusses the Mimecast 2024 State of Email and Collaboration Security report.
Six steps for security and compliance in AI-enabled low-code/no-code developmentAI is quickly transforming how individuals create their own apps, copilots, and automations.
Strengthening defenses against nation-state and for-profit cyber attacksIn this Help Net Security video, Geoffrey Mattson, CEO of Xage Security, discusses the steps enterprises and critical infrastructure must take to improve their environments from for-profit and nation-state attacks.
News URL
Related news
- FBI, Europol, and NCA Take Down 8Base Ransomware Data Leak and Negotiation Sites (source)
- Data Leak Exposes TopSec's Role in China’s Censorship-as-a-Service Operations (source)
- Browser-Based Data Leaks: 3 Biggest Data Security Challenges Today (source)
- Microsoft Adds Inline Data Protection to Edge for Business to Block GenAI Data Leaks (source)
- Cardiff's children's chief confirms data leak 2 months after cyber risk was 'escalated' (source)
- Oracle Health breach compromises patient data at US hospitals (source)