IT has to get its hands around cloud data sprawl. Another area of focus should be on ghost data, as it expands the organization’s cloud attack surface.

from Dark Reading https://ift.tt/LX4R63P
via IFTTT

“JuiceLedger” has escalated a campaign to distribute its information stealer by now going after developers who published code on the widely used Python code repository.

from Dark Reading https://ift.tt/6SYtVMB
via IFTTT

Neopets has confirmed that its IT systems were compromised from January 2021 through July 2022, exposing 69 million user accounts and source code.

from Dark Reading https://ift.tt/cSz63I9
via IFTTT

The expanding Internet of Things ecosystem is seeing a startling rate of vulnerability disclosures, leaving companies with a greater need for visibility into and patching of IoT devices.

from Dark Reading https://ift.tt/4V6Aswv
via IFTTT

The proposed AMTSO guidelines offer a roadmap for comprehensive testing of IoT security products.

from Dark Reading https://ift.tt/DgkcsOi
via IFTTT

The insecurities exist in CI/CD pipelines and can be used by attackers to subvert modern development and roll out malicious code at deployment.

from Dark Reading https://ift.tt/94GnvR0
via IFTTT

Apple continues a staged update process to address a WebKit vulnerability that allows attackers to craft malicious web content to load malware on affected devices.

from Dark Reading https://ift.tt/WbkO4sy
via IFTTT

After a rigorous pilot program, the association’s newest certification is officially operational. More than 1,500 pilot participants who passed the exam are on the path to full certification.

from Dark Reading https://ift.tt/vPTcFja
via IFTTT

Cloud breaches are inevitable — and so is cloud ransomware. (Second of two parts.)

from Dark Reading https://ift.tt/mUCOnQ5
via IFTTT