The Most Relevant Ransomware Statistics and Facts of 2022
The state of ransomware remains, more or less, unchanged; my choice of words would be unchallenged. For the past couple of years, we have witnessed a steady increase in ransomware…
New exploits can bypass Secure Boot and modern UEFI security protections
Two teams of researchers have revealed vulnerabilities this week in Unified Extensible Firmware Interface (UEFI) implementations and bootloaders that could allow attackers to defeat the secure boot defenses of modern…
Ensuring Diversity and Addressing Bias in Data and Software Development
Organizations are increasingly focused on diversity, equity, and inclusion in their hiring practices and workplace culture not only because it’s the right thing to do, but by not doing so,…
The Role of Platform Teams in Accelerating Modernization and Multi-Cloud Journeys
Organizations have seen tremendous digital transformation for several years now, but especially in the past year, we have seen many accelerate that digital journey. From navigating the new world of…
Intel increases its arsenal against physical hardware attacks
Intel introduced at Black Hat USA, a Tunable Replica Circuit to help protect against certain types of physical fault injection attacks without requiring any interaction with the computer owner. The…
Almost 2,000 data breaches reported for the first half of 2022
Though the number of breaches reported in the first half of 2022 were lower than those for the same period in 2021, Flashpoint expects the final numbers to be similar.…
Feds: Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics
The CISA has seen a resurgence of the malware targeting a range of verticals and critical infrastructure organizations by exploiting RDP, firewall vulnerabilities.
Patch Madness: Vendor Bug Advisories Are Broken, So Broken
Duston Childs and Brian Gorenc of ZDI take the opportunity at Black Hat USA to break down the many vulnerability disclosure issues making patch prioritization a nightmare scenario for many…
Software Supply Chain Chalks Up a Security Win With New Crypto Effort
GitHub, the owner of the Node Package Manager (npm), proposes cryptographically linking source code and JavaScript packages in an effort to shore up supply chain security.
North Korean threat actors try to hack cryptocurrency deBridge Finance
A group of hackers, suspected of belonging to the North Korean group Lazarus, has targeted the crypto platform Bridge Finance, which is a platform that uses an inter-chain to allow…