Homeland Security Today

CISA’s ScubaGear Tool Improves Security for Organizations Using M365 and Hits Major Milestone

Avoidable misconfiguration vulnerabilities, such as not enabling multifactor authentication, could result in breaches, compromised data, and damaged customer trust. ScubaGear rapidly and thoroughly ...

Gianna Maldonado on Cloud Breaches in Wealth Management: Why Security Must Be Broken Before It Can Be Trusted

Patterns within the wealth management sector, in Maldonado's view, contribute to recurring vulnerabilities. She notes a surge ...
Security Boulevard

AI Vulnerability Chaining – Why Your Security Stack Cannot Detect What Comes Next

Mythos combined four separate low-severity bugs into a complete browser sandbox escape. Traditional scanners evaluate ...
dbta

Aqua Security Unveils Trivy Partner Connect to Boost Open Source Security Scanning

Aqua Security, a pioneer in cloud native security and the primary maintainer of Aqua Trivy, is launching the Trivy Partner Connect Program, expanding the commercial ecosystem around Trivy, an open ...
Hosted on MSN

Critical AWS supply chain vulnerability could have let hackers take over key GitHub repositories

Wiz discovered AWS CodeBuild misconfiguration enabling unauthorized privileged builds, dubbed “CodeBreach.” Flaw risked exposing GitHub tokens and enabling supply chain attacks across AWS projects AWS ...
SiliconANGLE

Location data from 800,000 Volkswagen vehicles exposed by cloud misconfiguration

A misconfiguration in a cloud environment made data from hundreds of thousands of Volkswagen AG vehicles available online, multiple publications reported today. The issue was brought to the attention ...
Forbes

Security Baselines: Establishing A Foundation For Robust Protection

Tannu Jiwnani is a cybersecurity leader focused on incident response, IAM and threat detection, with a passion for resilience and community. Security failures seldom arise from a deficiency of ...
Government Technology

The Silent Threat: How Misconfigurations Fuel the Cyber Crime Economy

The conventional wisdom is that public- and private-sector enterprises are outgunned, outspent, outmaneuvered and just plain out of their league when it comes to defending themselves online against ...