In recent events, Foresiet researchers identified a significant data leak involving Nokia's internal resources posted on a dark web marketplace. This leak, allegedly stemming from a third-party contractor working closely with Nokia on internal tool development, brings to light both sensitive code repositories and critical access credentials.

Have your users spent hours working on a document in Microsoft Word, only to have it disappear when they try to save it? A recent bug in Microsoft Word, highlighted by Bleeping Computer, caused Word documents to be deleted instead of saved, leaving users frustrated. For IT administrators, it is vital to address these issues and educate users within the organization about best practices to reduce data loss and ensure business continuity.

In a concerning trend, cybercriminals are leveraging DocuSign's APIs to send fake invoices that appear strikingly authentic. Unlike traditional phishing scams that rely on deceptively crafted emails and malicious links, these incidents use genuine DocuSign accounts and templates to impersonate reputable companies, catching users and security tools off guard.

Discover how SecureWV 2024 combined local folklore with cutting-edge security insights, featuring talks on threat modeling, defense strategies, and team collaboration.

The 1Password desktop apps now include the option to show a dedicated developer section, accessible from the sidebar. The next time you open 1Password for Mac, Windows, or Linux, the built-in SSH Agent, 1Password CLI, and Developer Watchtower will be a click away.

On November 1, 2024, details of a critical vulnerability affecting Synology NAS devices, which had been patched a few days earlier, were publicly disclosed. This vulnerability, tracked as CVE-2024-10443 is classified as a zero-click flaw, meaning no user interaction is required for exploitation. The issue originates from the SynologyPhotos application, which comes pre-installed and enabled by default on Synology’s BeeStation storage devices and is also widely used among DiskStation users.

Data breaches happen every day, so companies need to make data security a top priority to keep private data safe and make sure they follow the rules. Data Loss Prevention (DLP) in Office 365 is a powerful tool that finds, monitors, and protects sensitive data across all platforms. This makes an organization's security stronger. Office 365 DLP helps businesses keep private data from being shared or exposed without permission.

JFrog’s security research team continuously monitors open-source software registries, proactively identifying and addressing potential malware and vulnerability threats to foster a secure and reliable ecosystem for open-source software development and deployment.