Cybersecurity News: Snowflake Incident Continues to Grow, Microsoft Recall Security Exposures
ฝัง
- เผยแพร่เมื่อ 4 มิ.ย. 2024
- Join us every Wednesday for an exclusive session with Cory Wolff, the Director of Offensive Security at risk3sixty. As a seasoned cybersecurity leader, Cory brings a wealth of expertise to the table, offering more than just information - he delivers actionable insights vital in strengthening your organization against ever-evolving threats.
What you can expect:
- Weekly videos diving into recent breaches, regulations, and industry trends
- Actionable takeaways to strengthen your security programs
- Executive summaries for easy communication with stakeholders
Penetration Testing ROI Calculator: risk3sixty.com/whitepaper/pen...
Week of May 26 Ransomware Stats: / corywolff_ransomware-i...
Microsoft Recall Security Exposures
Executive Summary:
Microsoft's new Recall feature in Windows 11 Copilot+ PCs aims to enhance user experience by keeping a comprehensive record of all PC activities. However, security experts are concerned about potential risks, as Recall can store sensitive data like usernames and passwords without redaction. Despite assurances that data is processed locally and protected by encryption, flaws in implementation allow easy access to this data, raising privacy concerns. As Microsoft emphasizes security, addressing these issues is critical before Recall's full deployment.
Additional Reading:
arstechnica.com/ai/2024/06/wi...
doublepulsar.com/recall-steal...
Snowflake Instances of Ticketmaster, Santander Bank Involved in Security Incident
Executive Summary:
Over the weekend, Snowflake denied responsibility for the recent data breaches affecting Ticketmaster and Santander Bank, which exposed sensitive information of over half a billion customers. While Snowflake found evidence that a threat actor accessed a demo account of a former employee, it emphasized that no vulnerability or breach of its platform was involved. Snowflake urged organizations to enforce multi-factor authentication, restrict network policies, and rotate credentials. Despite Snowflake's statements, research firm Hudson Rock suggested the breaches stemmed from a single hack involving Snowflake, which Snowflake's CISO Brad Jones refuted.
Additional Reading:
www.informationweek.com/cyber...
www.bleepingcomputer.com/news... - วิทยาศาสตร์และเทคโนโลยี
