Security News
China's government has declared the nation's information security industry needs to grow - fast. A document with the catchy title of "Guiding Opinions of Sixteen Departments Including the Ministry of Industry and Information Technology on Promoting the Development of the Data Security Industry" was issued last week, setting out an ambitious program to scale the industry at 30 percent compound annual growth rate, so it reaches ¥15 billion of annual revenue by 2025.
Google is calling EU cybersecurity foundersGoogle announced that the Google for Startups Growth Academy: Cybersecurity program now accepts applications from EU companies. Rackspace ransomware attack was executed by using previously unknown security exploitThe MS Exchange exploit chain recently revealed by Crowdstrike researchers is how the Play ransomware gang breached the Rackspace Hosted Exchange email environment, the company confirmed last week.
You can ask ChatGPT to write code, but the results can be mixed. A common task of any SecOps analyst is sometimes having to process specific log files, grep for certain patterns and export them to gain meaningful insight into an incident or issue.
A new phishing campaign is exploiting the increasing interest of security community members towards Flipper Zero to steal their personal information and cryptocurrency. [...]
The NASA Office of Inspector General has published its annual audit of the aerospace agency's infosec capabilities and practices, which earned an overall rating of "Not Effective." We could go on, but you get the idea: NASA infosec isn't great.
The new Picus Complete Security Validation Platform levels up the company's attack simulation capabilities to remove barriers of entry for security teams. The new Security Posture Management product from Abnormal gives security teams immediate visibility to each of the potential entry and exit points to the cloud email platform.
LogRhythm has unveiled LogRhythm Axon, a cloud-native security operations platform built for security teams that are stretched thin by overwhelming amounts of data and an ever-evolving threat landscape. Verica ProwlerPro SaaS strenghtens security posture for companies running software on AWS. Verica launched ProwlerPro SaaS, providing companies running software on AWS with free AWS security solution.
Britain's data watchdog has slapped construction business Interserve Group with a potential £4.4 million fine after a successful phishing attack by criminals exposed the personal data of up to 113,000 employees. The Information Commissioner's Office said the Berkshire-based company failed to exercise good security hygiene, missing alerts and more, and so was deemed to have broken data protection laws.
Australian health insurer Medibank has revealed it's been contacted by a group that claims to have its customers' data and is threatening to distribute it. Today Medibank Group has received messages from a group that wishes to negotiate with the company regarding their alleged removal of customer data.
The Reg attended Singapore International Cyber Week 2022, where officials from twelve countries had an airing of grievances across three separate panels, as if they were seated at carefully arranged tables at a wedding. "We should stop these actions and come to the table, and talk the way you do here in Singapore in International Cyber Week. I was lucky to be invited. I prefer coming here than to the UN because the US does everything possible to restrict discussions."