Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! A request for an eye watering amount received an obvious rejection.

In the modern era of digitized operations, even non-tech companies must prioritize cybersecurity and operational resilience. This especially applies to industries where security is of paramount importance, such as the financial industry.

CrowdStrike is excited to bring new capabilities to platform engineering and operations teams that manage hybrid cloud infrastructure, including on Red Hat Enterprise Linux and Red Hat OpenShift.

Law enforcement agencies worldwide have coordinated to take down one of the world’s largest hacker forums, scoring a victory against cybercrime. BreachForums, a notorious marketplace for stolen data, was seized by the authorities on Wednesday, according to a message on its website.

Rapid7 reports an interesting social engineering scheme that easily bypasses content filtering defenses and creatively uses a fake help desk to supposedly “help” users put down the attack. The Black Basta ransomware group, also covered in a recent CISA warning bulletin, floods a victim’s email inbox with many, many emails. The emails are often otherwise legitimate emails, such as newsletter confirmation emails, which most email content filtering gateways would not block.

The proliferation of mobile devices has much to do with getting work done fast in modern business environments. Living without smartphones and tablets today is unthinkable. However, as mobile devices become central to our professional and personal lives, they also become prime targets for security breaches. Hence, mobile device security threats loom large. There are many SaaS solutions out there that help businesses thwart mobile security risks. All of them are equally important.

An organization’s software supply chain includes all the elements involved in developing and distributing software, such as components, tools, processes, and dependencies. Each link in this important chain presents the potential for security threats. Recent research conducted by Gartner shows a major increase in attacks targeting code, tools, open-source components, and development processes, particularly in areas where organizations lack visibility.

With economic sanctions being levied by the US against Iran and a trade war heating up with China, some security experts are cautioning that attacks targeting US critical infrastructure may be inevitable. Are electric utilities prepared to defend themselves and their facilities against these attacks?

The cybersecurity world is no doubt aware that the National Vulnerability Database (NVD) has been experiencing issues over the last three months.

Your website is your business’s online face. This is measured with only one currency – customer trust. Once gone, it will take years and years to earn it back, and in some cases, you lose customers to competitors.