Feds worry AT&T breach could out informants

Shaun NicholsJanuary 17, 2025

The FBI is reportedly in a panic over a possible leak of informant data thanks to an AT&T data breach

RESOURCES

Phishing
Five cybersecurity tips to keep your extended family safe online
Cloud Security
Redefining third-party governance and identity for the cloud-first era
Identity
The hybrid workforce crisis: How it has weakened enterprise security, and what to do about it
Leadership
Noma Security’s Niv Braun shares how he went from Unit 8200 to the cybersecurity startup world
Zero trust
From threats to tactics: What to expect at Zero Trust World 2025

PODCASTS

Vulnerability Management
AIs in Love, UEFI, Fortinet, Godaddy, Juggalos, Aaran Leyland, and More. – SWN #443
Incident Response
Stopping The Bad Things – PSW #857
Leadership
Boards Stepping Up, as CISOs Build Stronger Bonds with Legal and Safeguard Leadership – BSW #378
Vulnerability Management
Smishing, Beyond Trust, CryptoReligion, Aviatrix, Azure, Josh Marpet, and more… – SWN #442
Application security
PyPI’s Quarantine, Phishing & Awareness, Porting Fishshell to Rust, Cyber Trust Mark – ASW #313

FEATURED

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

(Credit: Mojahid Mottakin – stock.adobe.com)

Privacy

TikTok’s national security risk warrants ban, Supreme Court rules

Laura FrenchJanuary 17, 2025

The ruling could have implications for other foreign-owned applications.

Network Security

Woe Daddy: FTC raps hosting giant GoDaddy for security lapses

Shaun NicholsJanuary 16, 2025

GoDaddy must adhere to a number of security compliance requirements by the FTC.

Ransomware

RansomHub infection facilitated by possible AI-assisted Python backdoor

Laura FrenchJanuary 16, 2025

The backdoor spread laterally after initial access via a suspected SocGholish malware download.

VPN Virtual Private Network Technology Secure Connection Cyber Security Background

Network Security

4.2 million internet hosts hijacked via bugs in tunneling protocols

Steve ZurierJanuary 16, 2025

Attackers gain network access by targeting VPN servers, home, and enterprise routers.

Vulnerability Management

Severe Rsync vulnerabilities — CVSS 9.8 — risk RCE, data leaks

Laura FrenchJanuary 15, 2025

The critical and high severity flaws were discovered by Google Cloud researchers.

The FBI seal is seen on its headquarters at the J. Edgar Hoover FBI building in Washington.

Government Regulations

Four take guilty pleas in US government IT bribery scam

Shaun NicholsJanuary 15, 2025

Four people have plead guilty to offering and accepting bribes to government officials in exchange for IT service contracts

Computer keyboard, close-up button of the flag of North Korea.

Security Strategy, Plan, Budget

North Korea’s IT worker scam linked to 2016 crowdfunding operation

Steve ZurierJanuary 15, 2025

Security pros say the link Secureworks made to a decade-old DPRK crowdfunding campaign are credible.

Identity

Millions of online accounts tied to failed startups can be taken over without a password

Paul WagenseilJanuary 15, 2025

Dormant online accounts created by employees at failed companies that used Google SSO can be hijacked by anyone who buys expired domain names, a researcher said at the ShmooCon hacker conference.

Cybersecurity News, Awards, Webinars, eSummits, Research

Feds worry AT&T breach could out informants

RESOURCES

PODCASTS

FEATURED

Perspectives Spotlight: Expert Insights

Get daily email updates

Perspectives

Everything I know about cybersecurity, I learned from video games

Amid all the AI, a ‘human-first’ cybersecurity approach must prevail

Time to streamline security questionnaires

HIPPA Updates Loom as Healthcare Breaches Boom: Prevent and Protect with Microsegmentation

ShmooCon ends 20-year run with tears, malware and electronic fun

In Brief

Additional US sanctions issued to clampdown North Korean IT worker scam

Misconfiguration exposes over Assist Security data

Almost 3.5M impacted by Wolf Haldenstein breach

Purported Cleo hack victimization refuted by some firms

AT&T hack reportedly leads to FBI warning of agent call, text log theft

More Resources

Identity-security predictions for 2025

Disrupting cybercrime: InFocus with Fortinet’s Derek Manky

How two organizations beat the cyber insurance maze

Identity security: Challenges and best practices

Identity resilience: What it is and how to achieve it

TikTok’s national security risk warrants ban, Supreme Court rules

Woe Daddy: FTC raps hosting giant GoDaddy for security lapses

RansomHub infection facilitated by possible AI-assisted Python backdoor

4.2 million internet hosts hijacked via bugs in tunneling protocols

Severe Rsync vulnerabilities — CVSS 9.8 — risk RCE, data leaks

Four take guilty pleas in US government IT bribery scam

North Korea’s IT worker scam linked to 2016 crowdfunding operation

Millions of online accounts tied to failed startups can be taken over without a password

EVENTS

Mastering AI in Security Ops: Essential Strategies for SOC Teams

AI and Cybersecurity: Balancing Innovation, Ethics, and Risk

Healthcare Cybersecurity: Protecting Lives in a Digital Age

Your Network is Gone: How to Secure What’s Left in the New Era of Cloud and Remote Work

Tabletop to Reality: Building Cyber-Resilience Through Incident Response Drills