Recent Security News
-
JetBrains is still mad at Rapid7 for the ransomware attacks on its customers
March 12, 2024 at 12:34PM JetBrains and Rapid7 are embroiled in a public dispute over a software vulnerability disclosure. Following Rapid7’s detailed disclosure of vulnerabilities in TeamCity, JetBrains accused them of unethical actions which led to ransomware attacks. The spat highlights the need for clear disclosure norms in the infosec space to protect customers and…
-
ICS Patch Tuesday: Siemens Ruggedcom Devices Impacted by 45 Fortinet VulnerabilitiesÂ
March 12, 2024 at 12:03PM Siemens and Schneider Electric have released their March 2024 Patch Tuesday security advisories. Siemens’ advisories cover 214 vulnerabilities, including critical flaws impacting Fortinet products. Impacted organizations can receive patch information from customer support or apply provided mitigations. Schneider Electric’s advisories describe vulnerabilities in Easergy T200 RTUs and EcoStruxure Power Design…
-
Over 12 million auth secrets and keys leaked on GitHub in 2023
March 12, 2024 at 11:25AM GitGuardian reported that during 2023, 12.8 million sensitive secrets were accidentally exposed in over 3 million public repositories on GitHub, with the majority remaining valid after five days. The exposed secrets included account passwords, API keys, and certificates, posing significant security risks. The leakiest countries included India, the United States,…
-
J.P. Morgan Growth Leads $39 Million Investment in Eye Security
March 12, 2024 at 10:57AM Eye Security, a Hague-based cybersecurity firm, raised €36 million in a Series B funding round, led by J.P. Morgan Growth Equity Partners. The company provides mid-market businesses with enterprise-level cybersecurity products and aims to expand its presence in European markets like Belgium and Germany. Eye Security also helps businesses comply…
-
How to Identify a Cyber Adversary: Standards of Proof
March 12, 2024 at 10:11AM Part one of the article explains cybersecurity attribution, distinguishing between attribution and public disclosure, and discussing standards of proof including intelligence, judicial, and technical standards. Attribution is important for understanding the adversary and defending against future attacks. The article promises to delve into the key methods of attributing events to…