Security News
![Infosec products of the month: February 2023](/static/build/img/news/infosec-products-of-the-month-february-2023-small.jpg)
The platform provides real, actionable intelligence to support various security teams across an organization in their efforts to uncover threats and proactively prevent digital crimes. SecuriThings Managed Service Platform secures physical security devices.
![DNA testing biz vows to improve infosec after criminals break into database it forgot it had](/static/build/img/news/dna-testing-biz-vows-to-improve-infosec-after-criminals-break-into-database-it-forgot-it-had-small.jpg)
A DNA diagnostics company will pay $400,000 and tighten its security in the wake of a 2021 attack where criminals broke into its network and swiped personal data on over two million people from a nine-year-old "Legacy" database the company forgot it had. The genetic testing firm, DNA Diagnostics Center reached a settlement deal with states' attorneys general in Ohio and Pennsylvania last week, after the social security numbers of 45,000 residents of the two states was exposed, with each of the states getting $200k. DDC offers paternity testing, immigration testing, veterinary DNA testing and forensic testing.
![FBI catches up with infosec and crypto communities, blames Lazarus Group for $100 million heist](/static/build/img/news/fbi-catches-up-with-infosec-and-crypto-communities-blames-lazarus-group-for-100-million-heist-small.jpg)
The FBI has confirmed what cybersecurity researchers have been saying for months: the North Korean-sponsored Lazarus Group was behind the theft last year of $100 million in crypto assets from blockchain startup Harmony. In its January 23 statement on the matter, the FBI said the attack on Harmony was part of a North Korean malware campaign named "TraderTraitor."
![China aims to grow local infosec industry by 30 percent a year, to $22 billion by 2025](/static/build/img/news/china-aims-to-grow-local-infosec-industry-by-30-percent-a-year-to-22-billion-by-2025-small.jpg)
China's government has declared the nation's information security industry needs to grow - fast. A document with the catchy title of "Guiding Opinions of Sixteen Departments Including the Ministry of Industry and Information Technology on Promoting the Development of the Data Security Industry" was issued last week, setting out an ambitious program to scale the industry at 30 percent compound annual growth rate, so it reaches ¥15 billion of annual revenue by 2025.
![Week in review: ChatGPT as an infosec assistant, Google offers help to EU cybersecurity startups](/static/build/img/news/week-in-review-chatgpt-as-an-infosec-assistant-google-offers-help-to-eu-cybersecurity-startups-small.jpg)
Google is calling EU cybersecurity foundersGoogle announced that the Google for Startups Growth Academy: Cybersecurity program now accepts applications from EU companies. Rackspace ransomware attack was executed by using previously unknown security exploitThe MS Exchange exploit chain recently revealed by Crowdstrike researchers is how the Play ransomware gang breached the Rackspace Hosted Exchange email environment, the company confirmed last week.
![ChatGPT: The infosec assistant that is jack of all trades, master of none](/static/build/img/news/chatgpt-the-infosec-assistant-that-is-jack-of-all-trades-master-of-none-small.jpg)
You can ask ChatGPT to write code, but the results can be mixed. A common task of any SecOps analyst is sometimes having to process specific log files, grep for certain patterns and export them to gain meaningful insight into an incident or issue.
![Ongoing Flipper Zero phishing attacks target infosec community](/static/build/img/news/ongoing-flipper-zero-phishing-attacks-target-infosec-community-small.jpg)
A new phishing campaign is exploiting the increasing interest of security community members towards Flipper Zero to steal their personal information and cryptocurrency. [...]
![NASA infosec again falls short of required US government standard](/static/build/img/news/nasa-infosec-again-falls-short-of-required-us-government-standard-small.jpg)
The NASA Office of Inspector General has published its annual audit of the aerospace agency's infosec capabilities and practices, which earned an overall rating of "Not Effective." We could go on, but you get the idea: NASA infosec isn't great.
![Infosec products of the month: November 2022](/static/build/img/news/infosec-products-of-the-month-november-2022-small.jpg)
The new Picus Complete Security Validation Platform levels up the company's attack simulation capabilities to remove barriers of entry for security teams. The new Security Posture Management product from Abnormal gives security teams immediate visibility to each of the potential entry and exit points to the cloud email platform.
![Infosec products of the month: October 2022](/static/build/img/news/infosec-products-of-the-month-october-2022-small.jpg)
LogRhythm has unveiled LogRhythm Axon, a cloud-native security operations platform built for security teams that are stretched thin by overwhelming amounts of data and an ever-evolving threat landscape. Verica ProwlerPro SaaS strenghtens security posture for companies running software on AWS. Verica launched ProwlerPro SaaS, providing companies running software on AWS with free AWS security solution.