Image: Shutterstock

Another Telco Breach Rocks Australia

Mihir Bagwe • October 4, 2022

Australia's largest telecom provider acknowledged Tuesday a data breach, but said the data came from a now-defunct employee rewards program from 2017. A company executive accused the hacker behind the breach of seeking to profit from a tense climate created by a much larger breach at rival Optus.

Cloud Security

Optus Attacker Halts AU$1.5 Million Extortion Attempt

Latest

Cloud Security

Lacework Co-CEO David Hatfield Out 4 Months After Layoffs

Michael Novinson • October 5, 2022

David "Hat" Hatfield has exited the co-CEO role at Lacework just four months after the cloud security vendor laid off 20% of its employees. The move will bring Lacework's co-CEO experiment to an end after just 14 months, with Facebook engineering head Jay Parikh moving forward as sole CEO.

Artificial Intelligence & Machine Learning

Qualys Buys Blue Hexagon to Aid Secure Public Cloud Adoption

Michael Novinson • October 4, 2022

Qualys has purchased a startup founded by longtime Qualcomm leaders to help detect supply chain infections, crypto miners and unauthorized activity in the cloud. The deal will allow customers to detect active exploitation, identify advanced threats and create an adaptive risk mitigation program.

Blockchain & Cryptocurrency

Hacker Steals $29M From Transit Finance, Returns $19M

Rashmi Ramesh • October 3, 2022

A hacker exploited a smart contract bug to steal about $29 million from DEX aggregator Transit Finance. Within hours of the theft, the attacker returned nearly $19 million - but not before keeping a $2 million "bug bounty" and losing $1.1 million to a bot theft.

Application Security

Tim Eades of vArmour on Expanding From Banking to Government

Michael Novinson • October 3, 2022

While vArmour has enjoyed success in banking, the U.S. government is now the fastest-growing part of its business. CEO Tim Eades says much of the government doesn't understand the relationships and dependencies among vArmour's applications or the consequences of an application going down.

Governance & Risk Management

Digital Identity Bill Passes Key Senate Milestone

Cal Harrison • October 3, 2022

A Senate committee this week approved a bill that would create governmentwide standards for identity verification and provide grants to help states and local agencies upgrade ID systems and offer online digital identity services. Supporter Jeremy Grant hopes to see a full Senate vote in 2022.

Access Management

Passwords Are Unfit - So Why Do We Still Have Them?

Steve King • October 3, 2022

Passwords are supported everywhere. But, says Andrew Shikiar, executive director of the FIDO Alliance, "they have been proven time and time again to simply be unfit for today's networked economy." In this episode of "Cybersecurity Unplugged," Shikiar discusses how to move beyond passwords.

Endpoint Security

Why Is Akamai an Appealing M&A Target for Private Equity?

Michael Novinson • October 3, 2022

The steady barrage of acquisition reports around publicly traded digital experience vendor Akamai has intensified in recent weeks. The latest salvo landed Monday when StreetInsider reported that the intelligent edge platform provider held talks with a private equity firm about a potential takeover.

Business Continuity Management / Disaster Recovery

Pentagon Bug Bounty Program Uncovers 350 Vulnerabilities

Prajeet Nair • October 1, 2022

The U.S. Department of Defense uncovered almost 350 vulnerabilities in the department's networks as part of its experimental bug bounty program launched on American Independence Day. The weeklong bug bounty challenge called "Hack U.S." ran from July Fourth to July 11.

Fraud Management & Cybercrime

North Korea Trojanizing Open-Source Software

Mihir Bagwe • September 30, 2022

North Korea is using weaponized versions of open-source utilities to spy on the technology, defense and entertainment sectors worldwide. Microsoft says it spotted fake profiles of supposed job recruiters who really are Pyongyang hackers manipulating victims into downloading Trojans.

Cloud Security

Cloudflare, VCs Join Forces to Give Away $1.25B to Startups

Michael Novinson • September 30, 2022

Cloudflare has joined forces with 26 venture capital firms to provide up to $1.25 billion in financing to startups building on the company's developer platform. The Workers Launchpad Funding Program will connect developers with investors around the world to scale their startups faster.

Governance & Risk Management

DOJ: Army Doc, Wife Sought to Leak Health Records to Russia

Marianne Kolbasuk McGee • September 30, 2022

A Maryland couple faces federal indictment for an alleged conspiracy to provide the Russian government with military medical records. Anna Gabrielian and U.S. Army Maj. Jamie Lee Henry supplied an undercover FBI agent with medical records of military personnel.

Cloud Security

Orca Security's Avi Shua on Making Cloud Safe for Government

Michael Novinson • September 30, 2022

Security firms must increasingly follow U.S. government security requirements even if they don't serve federal agencies themselves, says Avi Shua, Orca Security co-founder and CEO. That's because cloud vendors such as Orca often serve businesses that contract or subcontract with the U.S. government.