%term

Social Engineering Masterstroke: How Deepfake CFO Duped a Firm out of $25 Million

Feb 5, 2024 By Stu Sjouwerman In KnowBe4

Check out this one line for a moment...“duped into attending a video call with what he thought were several other members of staff, but all of whom were in fact deepfake recreations.” In a worrying display of social engineering sophistication, a multinational company was defrauded of $25 million through an intricately planned deepfake scam.

Read Post

KnowBe4

Read more about Social Engineering Masterstroke: How Deepfake CFO Duped a Firm out of $25 Million

Pulumi VS Terraform: The Definitive Guide to Choosing Your IaC Tool

Feb 5, 2024 By Guest Expert In GitGuardian

In the cloud-native era, Infrastructure as Code (IaC; read more about it in this blog here) has become the de-facto standard for managing cloud infrastructure, and more. While Terraform has been around for almost a decade, and it had been the one-and-only cloud-agnostic option for a couple of years before competitors emerged, now the landscape is a whole lot more diverse: we've got AWS CDK, CDK for Terraform, and there is a relatively new kid on the block: Pulumi.

Read Post

GitGuardian

Read more about Pulumi VS Terraform: The Definitive Guide to Choosing Your IaC Tool

CrowdStrike Defends Against Azure Cross-Tenant Synchronization Attacks

Feb 5, 2024 By Manoj Ahuje - Matt Johnston In CrowdStrike

As Microsoft Azure continues to gain market share in the cloud infrastructure space, it has garnered attention from adversaries ranging from hacktivist and eCrime threat actors to nation-state adversaries. Recent attacks on Microsoft by cloud-focused threat actors like COZY BEAR are becoming more frequent and garnering huge attention.

Read Post

CrowdStrike

Read more about CrowdStrike Defends Against Azure Cross-Tenant Synchronization Attacks

10 GitHub Security Best Practices

Feb 5, 2024 By Simon Maple In Snyk

The security landscape is constantly changing. As such, this blog has been updated to reflect the risks developers and security teams face today and how to overcome them. In our rapidly advancing, code-dominated digital landscape, safeguarding your codebase takes center stage. GitHub is the go-to platform for code sharing and version control in the developer community. However, given its widespread adoption, GitHub is not immune to many of the security challenges that developers face daily.

Read Post

Snyk

Read more about 10 GitHub Security Best Practices

Alerts - Working with triggered alerts

Feb 5, 2024 By Devo In Devo

Alerts are critical tools for maintaining system performance and data conditions. Monitor the health of your system with Devo, defining alerts and analyzing when they are triggered.

View Video

Devo

Read more about Alerts - Working with triggered alerts

Cloudflare breach - How the Okta attack led to Cloudflare systems getting hacked: Breach Breakdown

Feb 5, 2024 By GitGuardian In GitGuardian

In this video, we drill down into the recent breach of Cloudflare systems including how attackers were able to use stolen credentials from the Okta attack to move laterally and hack the Cloudflare internal Atlassian server. The security incident shows the dangers of secrets sprawl not only in internal systems but also in the supply chain leading to potential data leaks.

View Video

GitGuardian

Read more about Cloudflare breach - How the Okta attack led to Cloudflare systems getting hacked: Breach Breakdown

Cloudflare hacked - How the Okta breach enabled hackers to breach cloudflare

Feb 5, 2024 By GitGuardian In GitGuardian

Cloudflare is one of the largest networks in the world and had there internal systems breached due to stolen credentials from the October 2023 Okta breach.

View Video

GitGuardian

Read more about Cloudflare hacked - How the Okta breach enabled hackers to breach cloudflare

Cybersecurity in the Age of Regulation - Sysdig

Feb 5, 2024 By Sysdig In Sysdig

Cybersecurity breaches are becoming more frequent and more impactful. Adversaries continue to grow stronger, and defenders aren’t always keeping pace. On July 26th, 2023, the U.S. Securities and Exchange Commission issued new regulations on cybersecurity risk management, strategy, governance, and incident disclosure, leaving many companies concerned about how to ensure compliance with these new rules, and what changes they may need to make to get up to speed.

View Video

Sysdig

Read more about Cybersecurity in the Age of Regulation - Sysdig

February 5 2024 Cyber Threat Intelligence Briefing

Feb 5, 2024 By Kroll In Kroll

This weeks' briefing covers: Dive deeper.

View Video

Kroll

Security

Read more about February 5 2024 Cyber Threat Intelligence Briefing

Fake "I Can't Believe He's Gone" Posts Seek to Steal Facebook Credentials

Feb 5, 2024 By Stu Sjouwerman In KnowBe4

A new scam relies on a victim's sense of curiosity, brand impersonation, and the hopes of a new login to compromise Facebook credentials. We’ve all seen one of those posts on social media about some actor, musician or famous person that has passed away. Feeling a sense of sadness and wanting to know more details, these posts garner a lot of attention.

Read Post

KnowBe4

Read more about Fake "I Can't Believe He's Gone" Posts Seek to Steal Facebook Credentials

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Social Engineering Masterstroke: How Deepfake CFO Duped a Firm out of $25 Million

Pulumi VS Terraform: The Definitive Guide to Choosing Your IaC Tool

CrowdStrike Defends Against Azure Cross-Tenant Synchronization Attacks

10 GitHub Security Best Practices

Alerts - Working with triggered alerts

Cloudflare breach - How the Okta attack led to Cloudflare systems getting hacked: Breach Breakdown

Cloudflare hacked - How the Okta breach enabled hackers to breach cloudflare

Cybersecurity in the Age of Regulation - Sysdig

February 5 2024 Cyber Threat Intelligence Briefing

Fake "I Can't Believe He's Gone" Posts Seek to Steal Facebook Credentials

Monthly Archive

Follow Us