Preventing data leakage in low-node/no-code environments

Low-code/no-code (LCNC) platforms enable application development by citizen developers, often generating “shadow engineering” projects that evade security oversight. While LCNC solutions like Power BI reports and automated workflows foster agility and … Continue reading Preventing data leakage in low-node/no-code environments

Massive troves of Amazon, HSBC employee data leaked

A threat actor who goes by the online moniker “Nam3L3ss” has leaked employee data belonging to a number of corporations – including Amazon, 3M, HSBC and HP – ostensibly compromised during the May 2023 MOVEit hack by the Cl0p ran… Continue reading Massive troves of Amazon, HSBC employee data leaked

Patching problems: The “return” of a Windows Themes spoofing vulnerability

Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes file still affects Microsoft’s operating system, 0patch researchers have … Continue reading Patching problems: The “return” of a Windows Themes spoofing vulnerability

Internet Archive data breach, defacement, and DDoS: Users’ data compromised

The Internet Archive has suffered a data breach, leading to the compromise of email addresses, screen names and bcrypt password hashes of some 31 million users. The compromise was revealed on Wednesday afternoon, when the digital library’s websit… Continue reading Internet Archive data breach, defacement, and DDoS: Users’ data compromised

Deloitte Says No Threat to Sensitive Data After Hacker Claims Server Breach

Deloitte says no sensitive data exposed after a notorious hacker leaked what he claimed to be internal communications. 
The post Deloitte Says No Threat to Sensitive Data After Hacker Claims Server Breach appeared first on SecurityWeek.
Continue reading Deloitte Says No Threat to Sensitive Data After Hacker Claims Server Breach

Using Authy? Beware of impending phishing attempts

Do you use Authy for your multi-factor authentication needs? If you do, you should keep an eye out for phishing attempts, as well as implement defenses against SIM swapping attacks. What happened? On July 1, Twilio – the company that develops the… Continue reading Using Authy? Beware of impending phishing attempts