Industry Spotlight
![Satya Nadella and President Xi Jinping](png/lazy_image.png)
‘China’ Azure Breach: MUCH Worse Than Microsoft Said
Richi Jennings | | Active Directory, Authentication, azure, Azure Active Directory, Azure AD, Entra ID, Exchange, Microsoft, Microsoft Azure, Microsoft Azure Active Directory, Microsoft Azure Security, OpenID, Outlook.com, SB Blogwatch, Storm-0558, Wiz
Storm-0558 Breaks: Satya and Pooh, sitting in a tree, K.I.S.S.I.N.G ...
Security Boulevard
![Biden Admin. Adds ‘Mercenary Spyware’ Firms to Ban List](png/lazy_image.png)
Biden Admin. Adds ‘Mercenary Spyware’ Firms to Ban List
Richi Jennings | | android spyware, Biden administration, Commerce Department, Cytrox, Department of Commerce, Entity List, eu, Europe, European Union, European Union (EU), Intellexa, iOS spyware, Malware Spyware, Predator spyware, SB Blogwatch, spyware
European cousins Intellexa and Cytrox essentially banned by Commerce Dept. — Predator/ALIEN not welcome in U.S ...
Security Boulevard
![PCI-DSS PayPal Visa AI digital payments Security the Price of Convenience in Supply Chain Payments](png/lazy_image.png)
PCI-DSS 4.0 is Here. What Does it Mean for Online Retailers?
PCI-DSS 4.0 was released in early 2022 with a two-year transition period to allow organizations time to learn about and implement it. Are you ready for the transition? ...
Security Boulevard
![OPSEC FAIL: US Military Email Going to Mali — via Typo](png/lazy_image.png)
OPSEC FAIL: US Military Email Going to Mali — via Typo
Richi Jennings | | defense department, Department of Defense, DoD, E-mail, email, Johannes Zuurbier, Mali, military, Military Communications, mxrecords, pentagon, Russia, SB Blogwatch, U.S. Department of Defense, U.S. military, United States Department of Defense, US DOD, US Military
MX Mixup: Russian-allied government can intercept “highly sensitive information”—because there’s no “I” in .ML ...
Security Boulevard
![PRC flag](png/lazy_image.png)
China Breaches Microsoft Cloud — Spied on US Govt. Email
Richi Jennings | | Active Directory, Authentication, Azure Active Directory, Azure AD, Exchange, Microsoft, Outlook.com, SB Blogwatch, Storm-0558
Storm-0558 Brewing: Multiple Microsoft failures cause data leaks at State and Commerce depts., plus 23 other orgs ...
Security Boulevard
![Solar array, ground mounted in field, under blue sky](png/lazy_image.png)
Contec SolarView: Critical Bug Unpatched After 14 MONTHS
Richi Jennings | | Contec, CVE-2022-29303, CVE-2022-44354, CVE-2023-23333, ICS, ICS/SCADA, iot, Mirai, Mirai botnet, OT, SB Blogwatch, SCADA, SolarView
PV OT: VPN PDQ! 9.8 CVSS known since May 2022—but still exploitable on 400+ net-connected OT/ICS/SCADA systems ...
Security Boulevard
![vehicular cybersecurity automotive security](png/lazy_image.png)
Digital ‘Birth Certificates’ for Vehicular Cybersecurity
There's a growing likelihood for catastrophic cyberattacks on vehicles that could disable brakes, take over steering and even steal personal information ...
Security Boulevard
![running](png/lazy_image.png)
Fortinet Bug: RUN — Don’t Walk — to Patch Critical RCE
Richi Jennings | | CVE-2023-27997, Fortigate, FortiNAC, Fortinet, Fortinet VPN, Fortiphyd, FortiSIEM, Heap Overflow, rce, SB Blogwatch
Or just get it off the internet, stat ...
Security Boulevard
![a woman laying in the grass](png/lazy_image.png)
Ironic: LetMeSpy Spyware Hackers Were Hacked (by Hackers)
Richi Jennings | | android spyware, cyberstalking, Data breach, Data Leaks, iOS spyware, LetMeSpy, maia arson crimew, Malware Spyware, Parental Control, parental controls, Privacy, SB Blogwatch, spyware, Stalkerware, Stalking, Stalkware
Content warning: Abuse, stalking, controlling behavior, Schadenfreude, irony, doxxing ...
Security Boulevard
![Woman talking on the phone](png/lazy_image.png)
GDPR FAIL: US Firm ‘Profiles Half the World’ — it’s Max Schrems Again
Richi Jennings | | Belgium, BICS, Data Privacy, EEA, eu, EU GDPR, EU Privacy Shield, EU-US Privacy Shield, Europe, Europe Regulation, European Compliance, European Court of Human Rights, European Digital Rights, European Union, European Union (EU), GDPR, GDPR compliance, gdpr eu, GDPR fine, GDPR violations, Privacy, Privacy Shield, Proximus, risk scoring, safe harbor, SB Blogwatch, Schrems, Schrems II, Scoring, social credit scores, TeleSign, Trans-Atlantic Data Privacy Framework
NYOB accuses TeleSign, Proximus and BICS of misusing phone users’ private data. Reputation scoring = privacy violation? ...
Security Boulevard