Dell is facing a serious security breach as a user named “menelik” offered a database containing 49 million customer records for sale on the dark web’s Breach Forums site. The breach, which includes customer names, postal addresses, hardware information, order
The concept of Zero Trust has been a source of confusion and interest for IT and cybersecurity professionals for almost two decades. It has been described as a vulnerability, a decision, a mindset, and even a paradigm shift. Its definition
Microsoft is potentially facing an anti-trust investigation from an overseas competition watchdog following a complaint filed by a Spanish startup trade association. The Spanish Startup Association (SSA) lodged a complaint with Spain’s National Markets and Competition Commission (CNMC) citing restrictive
The UK Ministry of Defence (MoD) has experienced a significant data breach in its supply chain, believed to be the work of an undisclosed advanced persistent threat (APT) actor possibly backed by the Chinese government. The cyber attack targeted MoD
Microsoft is significantly expanding its Secure Future Initiative (SFI) in response to recent cyberattacks and the findings of the United States government’s Cyber Safety Review Board (CSRB) report. The company recognizes the severity of the threats facing its operations and
The Fancy Bear cyber attack campaign, backed by Russian intelligence, has been condemned by the European Union (EU), Czechia, Germany, and other partners including the UK. The attacks targeted various email accounts belonging to political parties and government institutions. Several
Adobe has expanded its bug bounty programme to include generative AI, offering rewards to ethical hackers who discover vulnerabilities in its AI platform, Adobe Firefly, and its Content Credentials service. The company believes that as generative AI becomes more integrated
The US Cybersecurity and Infrastructure Security Agency (CISA) has recently included a vulnerability from the GitLab open source platform in its Known Exploited Vulnerabilities (KEV) catalogue. The vulnerability, labeled as CVE-2023-7028, was originally disclosed in January and affects GitLab Community
The UK’s National Cyber Security Centre (NCSC) and the US partner, the Cybersecurity and Infrastructure Security Agency (CISA), have issued a warning about the evolving threat from Russia-backed hacktivist groups targeting critical national infrastructure (CNI). These groups have recently been
Secure Code Warrior (SCW) has launched the industry’s first benchmark to measure the security competence of software developer teams. The SCW Trust Score aims to assess the impact of organisations’ learning programmes and improve collaboration between security, developer and engineering