Cyberhaven Chrome Extension Hacked, Customer Passwords and Session Tokens at Risk
Data-loss prevention startup Cyberhaven confirms Chrome extension hack, potentially exposing customer passwords and session tokens in suspected supply-chain attack.
Cybersecurity
Cybersecurity Community Mourns Loss of Tenable CEO and Chairman Amit Yoran
Amit Yoran, CEO and chairman of cybersecurity company Tenable, passes away after battle with cancer, leaving behind a legacy in the industry.
DHS Abruptly Dissolves Cybersecurity Review Board, Other Advisory Committees
The Department of Homeland Security terminates memberships of several advisory committees, including the Cyber Security Review Board, sparking concerns about national security and cybersecurity preparedness.
ENGlobal Confirms Sensitive Data Breach in Ransomware Attack
US engineering firm ENGlobal discloses cyberattack, sensitive personal info accessed, and ransomware encryption of data files
ENGlobal Corporation Hit by Cyberattack, Restricts IT Access
ENGlobal, a US energy sector and federal government services provider, restricts IT access after a cyberattack, limiting business operations.
EU's Cyber Resilience Act Takes Effect, Boosting Security for Connected Devices
The European Union's Cyber Resilience Act has come into force, mandating security support and updates for connected devices, with fines of up to 2.5% of global annual turnover for non-compliance.
Facebook Awards $100,000 Bug Bounty for Critical Ad Platform Vulnerability
Security researcher discovers critical vulnerability in Facebook's ad platform, allowing control of internal servers, and receives $100,000 bug bounty payout.
Failed Startup Employees at Risk of Data Theft Due to Domain Takeover
A security researcher discovers a vulnerability that puts former employees of failed startups at risk of data theft, including Social Security numbers and bank accounts.
FBI Hacks Thousands of Computers to Remove Chinese Malware
The FBI has successfully removed PlugX malware from 4,200 infected devices in the US, using the malware's own command-and-control server against it.