HackDig : Dig high-quality web security articles

NIST Post-Quantum Algorithm Finalist Cracked Using a Classical PC

An algorithm submitted to the NIST post-quantum encryption competition – and one that made it to the fourth round – has been defeated. The algorithm, Supersingular Isogeny Key Encapsulation (SIKE), was broken by Wouter Castryck and Thomas Decru at KU Leuven, and the process described in a paper written at the end of July 2022.Cryptographers are not surprised
Publish At:2022-08-10 16:14 | Read:63 | Comments:0 | Tags:NEWS & INDUSTRY Data Protection

Security Automation Can Save You $3.05M in a Data Breach

When it comes to reducing security breach costs, companies with security artificial intelligence (AI) and automation can save millions, per a new report. According to the most recent IBM Cost of a Data Breach Report, organizations with fully deployed security AI and automation save $3.05 million per data breach compared to those without. That’s a
Publish At:2022-08-10 09:12 | Read:104 | Comments:0 | Tags:Data Protection data breach response cost of data breach cyb

Privya Emerges From Stealth With Data Privacy Code Scanning Platform

Privya emerged from stealth mode on Tuesday with a data privacy-focused code scanning platform and $6 million in seed funding.Founded in 2021, the Tel Aviv-based startup takes a ‘shift left’ approach to data privacy, offering a code scanning platform designed to identify data protection issues and violations during the development process, before they make i
Publish At:2022-08-09 16:14 | Read:96 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Compliance Data Protection Priva

Twilio Hacked After Employees Tricked Into Giving Up Login Credentials

Enterprise software vendor Twilio (NYSE: TWLO) has been hacked by a relentless threat actor who successfully tricked employees into giving up login credentials that were then used to steal third-party customer data.The San Francisco company fessed up to the breach in an online notice that describes a sophisticated threat actor with clever social engineering
Publish At:2022-08-08 12:04 | Read:66 | Comments:0 | Tags:Cyberwarfare Disaster Recovery Endpoint Security Network Sec

Twitter Breach Exposed Anonymous Account Owners

A vulnerability in Twitter’s software that exposed an undetermined number of owners of anonymous accounts to potential identity compromise last year was apparently exploited by a malicious actor, the social media company said Friday.It did not confirm a report that data on 5.4 million users was offered for sale online as a result but said users worldwide wer
Publish At:2022-08-06 08:07 | Read:237 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities Data Protection

Slack Forces Password Resets After Discovering Software Flaw

Workplace productivity software giant Slack on Friday forced password resets for a tiny fraction of its users after the discovery of a security flaw that exposed Slack credentials.Slack's security response team alerted users to the issue via email and followed up with a blog post warning about the risk of passwords leaking to a skilled attacker."We have no r
Publish At:2022-08-05 16:14 | Read:228 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Ghost Security Snags $15M Investment for API Security Tech

Texas startup Ghost Security has joined the list of early-stage companies in the API and application security space attracting venture capital funding.The Austin-based company emerged from stealth this week with $15 million in investments from 468 Capital, DNX Ventures, and Munich Re Ventures."We believe the explosive growth of microservices and APIs in the
Publish At:2022-08-05 16:14 | Read:231 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Priva

Traffic Light Protocol 2.0 Brings Wording Improvements, Label Changes

The Forum of Incident Response and Security Team (FIRST) announced on Thursday the release of Traffic Light Protocol version 2.0, which brings important updates to the widely used sensitive information classification system.The Traffic Light Protocol (TLP) was established by the UK’s National Infrastructure Security Co-ordination Center (NISCC) in 1999, and
Publish At:2022-08-05 12:04 | Read:194 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Data Protection Manage

Cybersecurity and the Metaverse: Patrolling the New Digital World

The metaverse is a hot topic, and it’s easy to see why. It promises a 3D model of the internet, where virtual reality (VR) and mixed reality offer endless escapism. It provides a place parallel to the physical world where you can live a rich digital life: hang out with friends, shop for real or virtual products, play and create games, purchase and mon
Publish At:2022-08-04 13:10 | Read:265 | Comments:0 | Tags:Software Vulnerabilities Data Protection metaverse zero trus

Cost of a Data Breach: Banking and Finance

The importance of cybersecurity has touched almost every industry. Beyond that, robust cybersecurity is table stakes for several sectors, particularly health care and the banking and finance industry. Not only is financial data at risk, but so is customer trust. In banking and finance, trust means everything.  Yet, consumers are hesitant to share their
Publish At:2022-08-03 21:18 | Read:292 | Comments:0 | Tags:Banking & Finance Data Protection cost of data breach data b

Compliance Automation Startup RegScale Scores $20 Million Investment

RegScale, a Virginia startup building technology to manage continuous compliance automation tasks, has attracted $20 million in early-stage venture capital funding.The Series A round was led by SYN Ventures with participation from SineWave Ventures, VIPC’s Virginia Venture Partners and SecureOctane.RegScale, which maintains headquarters in Tyson’s Corner, Vi
Publish At:2022-08-03 20:12 | Read:256 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Priva

VMware Ships Urgent Patch for Authentication Bypass Security Hole

Virtualization technology giant VMware on Tuesday shipped an urgent, high-priority patch to address an authentication bypass vulnerability in its Workspace ONE Access, Identity Manager and vRealize Automation products.The vulnerability carries VMware’s highest severity rating (CVSSv3 base score of 9.8) and should be remediated without delay, the company said
Publish At:2022-08-02 16:13 | Read:315 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Priva

How to Prepare for and Respond to a Data Privacy Breach

Before I started covering cybersecurity, I thought the term ‘breach’ had a single meaning — that an attacker stole data from a computer system. I also thought all the different versions of the word meant the same thing. However, I’ve since learned the nuances and differences between a breach, a data breach and a data privacy breach.
Publish At:2022-08-01 13:09 | Read:200 | Comments:0 | Tags:Data Protection Risk Management SOAR cost of data breach PII

Microsoft Connects USB Worm Attacks to 'EvilCorp' Ransomware Gang

Cybersleuths at Microsoft have found a link between the recent 'Raspberry Robin' USB-based worm attacks and EvilCorp, a notorious Russian ransomware operation sanctioned by the U.S. government.According to fresh data from Redmond’s threat intelligence team, a ransomware-as-a-service gang it tracks as DEV-0206 has been caught rigging online ads to trick targe
Publish At:2022-07-29 16:13 | Read:483 | Comments:0 | Tags:Cyberwarfare Disaster Recovery Endpoint Security Network Sec

France Closes 'Cookies' Case Against Facebook

French privacy regulators on Thursday closed a case against Facebook after determining the US tech giant had changed the way it collected user data to comply with the law.Facebook was slapped with a 60-million-euro ($61-million) fine last December when the French regulator CNIL ruled it was failing to allow users to easily opt out of cookies, tiny data files
Publish At:2022-07-28 08:05 | Read:302 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Compliance Data Protection Track

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud