Recent Security News
-
Like Seat Belts and Airbags, 2FA Must Be Mandatory ASAP
February 16, 2024 at 10:08AM The hack of genetic testing company 23andMe exposed 6.9 million people’s genetic data due to faulty security measures. The breach underlines the necessity for mandatory two-factor authentication (2FA) in SaaS applications to bolster security and protect against potential misuse and targeting. Implementing 2FA is crucial for safeguarding genetic and personal…
-
Ex-Employee’s Admin Credentials Used in US Gov Agency Hack
February 16, 2024 at 10:03AM A threat actor gained access to a US government organization’s network using compromised credentials from a former employee’s administrative account, enabling reconnaissance and data theft. CISA advises organizations to review administrative accounts, implement MFA, and maintain robust security measures to prevent similar incidents. Key takeaways from the meeting notes are…
-
In Other News: US Hacks Iranian Spy Ship, Rhysida Ransomware Decryption, NIST Guidance
February 16, 2024 at 10:03AM SecurityWeek’s roundup includes Google Cloud’s threat report, a free decryption tool for Rhysida ransomware, and NIST’s guidance on software supply chain security. It covers OpenTitan’s root of trust availability, Seal Security’s emergence, and Pentagon’s data breach notification. Google denies Hamas cyber support, and China’s hacking claims are criticized for lack…