This week's Lame List: More secrets in code, Supply Chain attacks from not using SCA scanning, SSDF/SSDLC fails, etc.
More AI fails and Healthcare breaches, office phone botnets, US Copyright Office AI guidance, and much more ...
This Week's Highlights: Legal US InfoSec changes. Epic Fails: data breaches - Sage AI financial data leaks, PowerSchool 62m students and teachers, Mastercard DNS typo, HPE, United Healthcare 190m Americans + more
New Year Starts with a Bang: Cyber Security Legal & Regulatory Guidance
Lame List: Gravy Analytics, Marriott, Telfonica, Docker, Microsoft, traffic cams, DNA sequencers. And HIPAA update
UnitedHealth exposed chatbot, misconfigured AWS Bucket, sensitive info in Inbox, supply chain attacks, MS 365 security logging, VS Code, Cloudfare Tunnels, etc.
This week’s news roundup: Epic Fails Stolli Bankruptcy, Romanian elections, vulnerable gateway services, MOVEIT ongoing, NTLM, malicious coded backdoor, etc.
Epic Fails American Associated Pharmacies, MS Power Pages. AI Android AI Scam Detection scambusting chatbot.
Epic Fails: DocuSign BEC, Nokia code and secrets, Schneider Electric Baguettes, Microsoft Update
Epic Fails: secrets in code, encryption implementation, privileged accounts management, CI/CD pipeline control, geolocation tracking, end-of-supported devices, AI
Lame List: UnitedHeathcare, Landmark insurance, LinkedIn, hard coded credentials, verified email addresses, legal actions and penalties, ...
