Security News
You can ask ChatGPT to write code, but the results can be mixed. A common task of any SecOps analyst is sometimes having to process specific log files, grep for certain patterns and export them to gain meaningful insight into an incident or issue.
A new phishing campaign is exploiting the increasing interest of security community members towards Flipper Zero to steal their personal information and cryptocurrency. [...]
The NASA Office of Inspector General has published its annual audit of the aerospace agency's infosec capabilities and practices, which earned an overall rating of "Not Effective." We could go on, but you get the idea: NASA infosec isn't great.
The new Picus Complete Security Validation Platform levels up the company's attack simulation capabilities to remove barriers of entry for security teams. The new Security Posture Management product from Abnormal gives security teams immediate visibility to each of the potential entry and exit points to the cloud email platform.
LogRhythm has unveiled LogRhythm Axon, a cloud-native security operations platform built for security teams that are stretched thin by overwhelming amounts of data and an ever-evolving threat landscape. Verica ProwlerPro SaaS strenghtens security posture for companies running software on AWS. Verica launched ProwlerPro SaaS, providing companies running software on AWS with free AWS security solution.
Britain's data watchdog has slapped construction business Interserve Group with a potential £4.4 million fine after a successful phishing attack by criminals exposed the personal data of up to 113,000 employees. The Information Commissioner's Office said the Berkshire-based company failed to exercise good security hygiene, missing alerts and more, and so was deemed to have broken data protection laws.
Australian health insurer Medibank has revealed it's been contacted by a group that claims to have its customers' data and is threatening to distribute it. Today Medibank Group has received messages from a group that wishes to negotiate with the company regarding their alleged removal of customer data.
The Reg attended Singapore International Cyber Week 2022, where officials from twelve countries had an airing of grievances across three separate panels, as if they were seated at carefully arranged tables at a wedding. "We should stop these actions and come to the table, and talk the way you do here in Singapore in International Cyber Week. I was lucky to be invited. I prefer coming here than to the UN because the US does everything possible to restrict discussions."
Does that mean REvil - which was behind the high-profile attack on Colonial Pipeline last year and essentially went dark just months before Ransom Cartel came to the surface - morphed into the new group and is just continuing with its nefarious ways under a new name? "Based on the fact that the Ransom Cartel operators clearly have access to the original REvil ransomware source code, yet likely do not possess the obfuscation engine used to encrypt strings and hide API calls, we speculate that the operators of Ransom Cartel had a relationship with the REvil group at one point, before starting their own operation," Unit 42 researchers Amer Elsad and Daniel Bunce write in a recent report.
Before organizations can work on retaining female infosec professionals, the industry needs to bring more women into cybersecurity jobs in the first place, she opined. "A lack of representation can perpetuate and reinforce the gender gap by dissuading women from entering the industry," Vasu Jakkal, a Microsoft Security corporate vice-president, told The Register.