Security Bulletin

Immuta announced that several of its retrieval-augmented generation-based generative AI solutions across various cloud platforms have received new data governance and audit features, SiliconAngle reports.

A Sonrai Security report on 25 large enterprises with over 10,000 cloud accounts revealed that 61% of associated identities are unused, according to Security Boulevard.

Lacework has launched Lacework Edge, a security service edge solution designed to enhance its cloud-native application protection platform, reports SDxCentral.

Data breach notification service Have I Been Pwned has been updated to include 361 million email addresses from credentials exfiltrated in credential-stuffing attacks and password-stealing malware intrusions that have been leaked on Telegram channels...

CyberScoop reports that ransomware attacks became more prevalent last year following a slight decline in 2022, with data leak site posts increasing 75% year-over-year to their highest since being first monitored in 2020.

Millions of modems by U.S. broadband provider Cox could have been hacked through the exploitation of several authentication bypass vulnerabilities that could enable privilege escalation and data exfiltration activities, reports The Hacker News.

Microsoft has contradicted a Tenable report describing a high-severity vulnerability within Azure Service Tags that could be exploited to facilitate Azure service spoofing and firewall rule bypass, emphasizing service tags' purpose as routing...

BleepingComputer reports that more than 3.2 million individuals were noted to have had their data exfiltrated in the breach of U.S. nationally licensed debt collection agency Financial Business and Consumer Solutions in February, which is over a...

Digital Pix & Composites, a professional photography firm specializing in graduation, fraternity, and sorority composites, had personal information from 43,000 students from 222 universities across the U.S., including Stanford University, the...

The US broadband provider fixed an issue that allowed attackers to gain access to business customers’ modems, and then access info and execute commands with the same permissions of an ISP support team.

Widely known threat actor USDoD was discovered by VX-Underground researchers was planning to expose 2.9 billion records belonging to U.S., Canadian, and British citizens believed to have been stolen by the SXUL threat operation from Florida-based...