Password management solution LastPass shared more details pertaining to the security incident last month, disclosing that the threat actor had access to its systems for a four-day period in August 2022. "There is no evidence of any threat actor activity beyond the established timeline," LastPass CEO Karim Toubba said in an update shared on September 15, adding, "there is no … [Read more...] about Hackers Had Access to LastPass’s Development Systems for Four Days
access
How Cisco Duo Is Simplifying Secure Access for Organizations Around the World
At Cisco Duo, we continually strive to enhance our products to make it easy for security practitioners to apply access policies based on the principles of zero trust. This blog highlights how Duo is achieving that goal by simplifying user and administrator experience and supporting data sovereignty requirements for customers around the world. Read on to get an overview of what … [Read more...] about How Cisco Duo Is Simplifying Secure Access for Organizations Around the World
Get Lifetime Access to 2022 Cybersecurity Certification Prep Courses @ 95% Off
Ever thought about working full-time in cybersecurity? With millions of unfilled jobs around, now is a great time to get into the industry. Of course, there are many different roles in this field. But all of them require the same handful of professional certifications. The 2022 Ultimate Advanced CyberSecurity Professional Certification Bundle helps you collect the full house, … [Read more...] about Get Lifetime Access to 2022 Cybersecurity Certification Prep Courses @ 95% Off
Detect Credential Access with Elastic Security
Within our Elastic Security research group, a strong area of focus is implementing detection mechanisms for capabilities we understand adversaries are currently exploiting within environments. We’ll often wait to see the impact that bringing these capabilities to market will have from a detection standpoint. This allows our researchers to explore different detection strategies … [Read more...] about Detect Credential Access with Elastic Security
T-Mobile Admits Lapsus$ Hackers Gained Access to its Internal Tools and Source Code
Telecom company T-Mobile on Friday confirmed that it was the victim of a security breach in March after the LAPSUS$ mercenary gang managed to gain access to its networks. The acknowledgment came after investigative journalist Brian Krebs shared internal chats belonging to the core members of the group indicating that LAPSUS$ breached the company several times in March prior to … [Read more...] about T-Mobile Admits Lapsus$ Hackers Gained Access to its Internal Tools and Source Code
Get Lifetime Access to This 60-Hour Java Programming Training Bundle @ 97% Discount
Java is a very versatile programming language. From Android apps to Oracle databases, it can be used to power a wide range of software and systems. As with most technical skills, the best way to learn Java is through building your own projects. But you can definitely speed things up with high-quality training. The Complete 2022 Java Coder Bundle provides plenty of that — nine … [Read more...] about Get Lifetime Access to This 60-Hour Java Programming Training Bundle @ 97% Discount
Google Uncovers ‘Initial Access Broker’ Working with Conti Ransomware Gang
Google's Threat Analysis Group (TAG) took the wraps off a new initial access broker that it said is closely affiliated to a Russian cyber crime gang notorious for its Conti and Diavol ransomware operations. Dubbed Exotic Lily, the financially motivated threat actor has been observed exploiting a now-patched critical flaw in the Microsoft Windows MSHTML platform (CVE-2021-40444) … [Read more...] about Google Uncovers ‘Initial Access Broker’ Working with Conti Ransomware Gang
Access Brokers: Their Targets and Their Worth
Access brokers have become a key component of the eCrime threat landscape, selling access to threat actors and facilitating myriad criminal activities. Many have established relationships with big game hunting (BGH) ransomware operators and affiliates of prolific ransomware-as-a-Service (RaaS) programs. The CrowdStrike Intelligence team analyzed the multitude of access brokers’ … [Read more...] about Access Brokers: Their Targets and Their Worth
Announcing Service Performance Monitoring in Early Access
Today, we’re thrilled to announce the early access of our Service Performance Monitoring capability.As today’s DevOps teams know all too well, monitoring application requests in modern microservices architectures is extremely difficult. Requests typically travel across a vast ecosystem of microservices and, as a result, it is often a significant challenge to pinpoint a specific … [Read more...] about Announcing Service Performance Monitoring in Early Access
Chrome Limits Websites’ Direct Access to Private Networks for Security Reasons
Google Chrome has announced plans to prohibit public websites from directly accessing endpoints located within private networks as part of an upcoming major security shakeup to prevent intrusions via the browser. The proposed change is set to be rolled out in two phases consisting of releases Chrome 98 and Chrome 101 scheduled in the coming months via a newly implemented W3C … [Read more...] about Chrome Limits Websites’ Direct Access to Private Networks for Security Reasons