LAUSD Data Breach: Hackers Leak 25M Records, Including Student Locations

The Los Angeles Unified School District (LAUSD) suffered a massive data breach due to a Snowflake vulnerability, exposing personal details of millions of students and thousands of teachers and staff. Continue reading LAUSD Data Breach: Hackers Leak 25M Records, Including Student Locations

Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)

A vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI, which runs on various Intel processors, could be exploited locally to escalate privileges and run arbitrary code within the firmware during runtime. “This type of low-level exploitat… Continue reading Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)

US bans Kaspersky antivirus software due to national security risks

The US Department of Commerce has announced an upcoming US-wide ban of cybersecurity and antivirus software by Kaspersky, as its “ability to gather valuable US business information, including intellectual property, and to gather US persons’ sensi… Continue reading US bans Kaspersky antivirus software due to national security risks

Cilium: Open-source eBPF-based networking, security, observability

Cilium is an open-source, cloud-native solution that leverages eBPF technology in the Linux kernel to provide, secure, and monitor network connectivity between workloads. What is eBPF? eBPF is a technology originating from the Linux kernel that allows … Continue reading Cilium: Open-source eBPF-based networking, security, observability

Pressure mounts on CISOs as SEC bares teeth with legal action

A Panaseer investigation into organizations’ annual 10-K filings reported to the SEC shows that from January-May 2024, at least 1,327 filings mentioned NIST – a key indicator that cybersecurity posture is present in a filing. This compares to just 110 … Continue reading Pressure mounts on CISOs as SEC bares teeth with legal action

New infosec products of the week: June 21, 2024

Here’s a look at the most interesting products from the past week, featuring releases from Atsign, Datadog, Metomic, NinjaOne, Verimatrix, and Veritas Technologies. Datadog App Builder helps accelerate issue remediation Datadog App Builder enables the … Continue reading New infosec products of the week: June 21, 2024

Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks

Ohio-based Crown Equipment, which is among the largest industrial and forklift truck manufacturers in the world, has become a victim of a cyberattack “by an international cybercriminal organization,” the company has finally confirmed to its… Continue reading Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks