Best Infosec-Related Long Reads for the Week of 11/2/24
Cops can't keep up with the rise of infostealers, How a third-party script exploited British Airways, Setting up a risk appetite statement, The security threats poised against Smart Grid 2.0
Read more
Acting CISA head got grilled on mass firings at the agency
EU's CIRCL launches GCVE system, DeFi project EVM was exploited for $6m, Attackers exploit patch bypass for FortiGate flaw, Cisco fixes Unified Communications and Webex Calling RCE flaw, Mass spam wave emanates from unsecured Zendesk support systems, much more
DOGE workers shared SSN data with outsiders, derailed DISA operations
UK launches national fraud reporting service, China blames Taiwan for cyberattacks, EU proposes freezing out Chinese tech suppliers, New Zealand launches Manage My Health breach probe, Curl ends its bug bounty program due to AI flood, Cloudflare fixes WAF flaw, much more
UK's NCSC warns of Russian-aligned hacktivist groups
UK and China enter a forum to discuss cyberattacks, Makina Finance lost $4.2m in an exploit, Ingram Micro report ransomware attack affecting 42k, Minnesota DHS breach affected 304k, SK Telecom appeals $91m fine, NexShield malvertising campaign crashes browsers, much more
Black Basta suspects’ homes raided; gang leader added to most-wanted list
Jordanian national pleads guilty to access broker charges, Acting head of CISA was blocked by colleagues from removing CIO, Iranian campaign sought to steal GMail and other account credentials, Man pleads guilty to hacking US S.Ct., DPRK hackers pose as human rights orgs, much more