Cybersecurity researchers have uncovered a malicious Python package in the Python Package Index (PyPI) repository designed to distribute an information stealer known as Lumma (aka LummaC2). The counterfeit package, crytic-compilers, mimics the legitimate crytic-compile library through typosquatting tactics. Before its removal by PyPI maintainers, the counterfeit package was downloaded 441 times. Impersonation and Deception Tactics.

Discover insights from the latest BSides Boulder, focused on AI in cybersecurity, Git mysteries, and exploiting RCEs, along with many great community conversations.

To help businesses develop fast and stay secure, Snyk prioritizes seamless compatibility with developers’ existing workflows. In other words, every major tool or environment a developer touches in their everyday work can interface with Snyk tooling. This compatibility includes partnerships with major cloud providers like Google Cloud.

For security professionals and CISOs, reading about operational technology (OT) security risk feels like nothing new. We know a lot of OT is insecure by design. Despite advisory warnings and perceptions around operational security air gaps, industrial control systems (ICS) and Supervisory Control and Data Acquisition (SCADA) are being targeted more frequently via digital assets on the network. Vulnerabilities in OT systems are not brand new.

At Tines, our mission is to power the world's most important workflows, and AI has recently become a huge part of that story. We currently have two AI-powered capabilities that enable teams to work faster, reduce barriers to entry, and spend more time on the fulfilling work that attracted them to their professions in the first place. But this is only possible because they trust that these features are private and secure by design.

In March 2022, when the not-so-new-anymore SEC cybersecurity regulations were initially drafted, some argued that smaller reporting companies, defined by having a public float of less than $250 million or an annual revenue of less than $100 million, should be exempt, given the "outsized costs" they faced. Others proposed that these smaller organizations should have a longer disclosure deadline, helping to alleviate the chances of non-compliance.

We are excited to announce that Rubrik DSPM now supports Microsoft Information Protection (MIP) sensitivity labels. This integration helps our joint customers to better track and secure files with sensitive data – both within and outside of Microsoft environments. MIP labels are used by organizations to map sensitive data within their Microsoft environment, control access to that data, and enable protection settings such as encryption.

In February 2022, the Center for Internet Security (CIS) released the CIS Microsoft Windows Server 2022 Benchmark v1.0.0, providing security best practices for establishing a secure configuration and hardening guide for Microsoft Windows. For automation of CIS benchmarks, Get in Touch. Following this release, CIS updated their recommendations for older operating systems, extending back to Windows Server 2008 where applicable. Below we discuss CIS Windows server 2022 hardening script we feel are critical.