Cyberespionage and used car salesmen. Email extortion through embarrassment, not encryption. The personal is the professional. And a look back at Patch Tuesday.

Cyberespionage and used car salesmen. Email extortion through embarrassment, not encryption. The personal is the professional. And a look back at Patch Tuesday.

A Chinese threat actor hits US organizations with a Microsoft cloud exploit. Open source tools allow threat actors to exploit a loophole in Microsoft’s kernel driver authentication procedures. A RomCom update. Beamer phishbait, email extortion attacks and digital blackmail. A new report concludes companies allowing personal employee devices onto their network are opening themselves to attack. Tim Starks from the Washington Post looks at Microsoft’s recent woes. Our guest is Eyal Benishti from IRONSCALES with insights on business email compromise. And a July Patch Tuesday retrospective.   Read More 

The CyberWire 

Related Posts

Startup Security Tactics: Friction Surveys
Startup Security Tactics: Friction Surveys

Startup Security Tactics: Friction Surveys

When we do quarterly planning, my team categorizes our goals within four evergreen outcomes:

Reduce the risk of information security incidents
Increase trust in Vanta’s information security program
Reduce the friction caused by information security controls
Use security expertise to support the business

In this article, I’m going to focus on number three: reducing friction.
Declaring your   Read More 

The Hacker News | #1 Trusted Cybersecurity News Site 

Microsoft enables Windows Kernel CVE-2023-32019 fix for everyone

Microsoft enables Windows Kernel CVE-2023-32019 fix for everyone

Microsoft has enabled a fix for a Kernel information disclosure vulnerability by default for everyone after previously disabling it out of concerns it could introduce breaking changes to Windows. […]   Read More 

BleepingComputer