In a startling cybersecurity development, an anonymous threat actor has posted what they claim to be 270GB of source code stolen from the New York Times on a popular imageboard website. This incident, reported on Friday, suggests the leak contains "basically all source code" from the publisher.

It’s no easy feat for a company to maintain security and enforce standardized policies across a fleet of devices.

Fireblocks has expanded its exchange connectivity with new support for Coinbase International Exchange to provide perpetual futures and spot trading features for institutional and retail clients in eligible jurisdictions. Fireblocks customers can now connect to their Coinbase International Exchange account via the Fireblocks Network, and protect exchange operations – such as withdrawals and deposits – with Fireblocks’ governance and policy rules.

With the increasing threat of cyber breaches, it has become crucial for businesses and government entities to have effective cybersecurity measures in place. However, many organizations struggle with deploying and operating these technologies with best practices and properly trained staff.

As more and more organizations use automation and orchestration to streamline their security operations, defining clear success criteria becomes critical to ensure the effectiveness and scalability of their program. Recently, an enterprise prospect approached us seeking help on establishing success criteria for their upcoming journey with Tines workflow automation.

On June 7, 2024, a new critical PHP vulnerability CVE-2024-4577 was revealed, mainly impacting XAMPP on Windows. It happens when PHP runs in CGI mode with specific language settings, like Chinese or Japanese. The problem comes from how PHP handles certain characters, allowing attackers to inject code through web requests and take control of servers. This vulnerability, if exploited, could lead to the execution of arbitrary code, a scenario with severe consequences for system integrity and data security.

Businesses increasingly migrate to cloud-based solutions for storage, applications, and critical functions. While the cloud offers scalability and agility, it also introduces new security challenges. Cloud penetration testing is a crucial defence mechanism for proactively identifying and addressing these vulnerabilities.

On May 21, 2024, Veeam revealed a severe flaw across its Veeam Backup Enterprise Manager (VBEM) web interface that enables an unauthenticated attacker to log into the web interface as any user. Officially designated as CVE-2024-29849, the vulnerability presents a major threat with a CVSS V3 rating of 9.8 (critical). VBEM is a web-based platform that allows administrators to oversee Veeam Backup and Replication installations through a web interface console.

By 2028, connected Internet of Things (IoT) devices will expand to over 25 billion. Yet, today’s connected devices are raising the stakes for assessing risk and managing cybersecurity. They have significantly expanded the attack surface creating new challenges and vulnerabilities. The need for accurate, rapid information from systems across every industry is essential for business operations.

This blog is part of the ongoing “I&O Perspectives” series, which features insights from industry experts about the impact of current threats, networking, and other cybersecurity trends.