Recent Security News
-
CISA and OpenSSF Release Framework for Package Repository Security
February 12, 2024 at 06:27AM The U.S. CISA and OpenSSF are collaborating to establish the Principles for Package Repository Security, a framework aiming to enhance security in open-source software ecosystems. It outlines four security maturity levels and emphasizes the importance of continual security improvements. This development addresses growing security concerns related to open-source software in…
-
China’s Dogged Campaign to Portray Itself as Victim of US Hacking
February 12, 2024 at 06:09AM China has been accused of attempting to frame the US for cyber espionage, but a recent report from SentinelOne found most claims to be unsubstantiated. China seeks to shift global opinion on its hacking activities, but their reports lack technical evidence. Additionally, China has been coordinating a disinformation campaign to…
-
Why Are Compromised Identities the Nightmare to IR Speed and Efficiency?
February 12, 2024 at 05:39AM This article discusses the challenges associated with Incident Response (IR) and the critical role of identifying compromised user accounts in containing and mitigating cyber attacks. It introduces Silverfort’s Unified Identity Protection Platform, highlighting how its real-time Multi-Factor Authentication (MFA) and identity segmentation address blind spots and accelerate the IR process,…
-
Ongoing Azure Compromises Target Senior Execs, Microsoft 365 Apps
February 12, 2024 at 05:05AM An ongoing campaign targeting Microsoft Azure corporate clouds has compromised dozens of environments and hundreds of user accounts. The attacks involve data exfiltration, financial fraud, and impersonation across various industries and geographic regions. The threat actors show sophistication and adaptability, using tailor-made phishing and diverse toolkits. To defend against this,…