Henry Rõigas is the Founder and CEO of evisec.xyz (@evisec), a cybersecurity research and consulting firm delivering evidence-based analysis for security leaders. He is also the lead author of evisec’s Cybersecurity Research Digest, a weekly cybersecurity trends overview. Alongside his work at evisec, Henry is …
Contents: News Analysis Events News: NSO – not government clients – operates its spyware, legal documents https://www.theguardian.com/technology/2024/nov/14/nso-pegasus-spyware-whatsapp New legal documents suggest that NSO Group, not its government clients, operates the Pegasus spyware used to hack into devices. This claim contradicts NSO’s public stance that only …
Contents: News Analysis Events News: Amazon confirms employee data breach after vendor hack https://www.bleepingcomputer.com/news/security/amazon-confirms-employee-data-breach-after-vendor-hack/ Amazon has confirmed that a data breach compromised employee information following a cyberattack on one of its third-party vendors. The breach exposed sensitive employee data, raising concerns about the security of …
Please welcome our newest member from the UK, Jonathan K. Tullett Jonathan is a trading and systems expert with a focus on information security and risk management in the financial services sector. After beginning his career in systems and network engineering, Jonathan specialized in automated …
Contents: News Trust in Focus [Monthly Supplement] Events News: 24% of CISOs Actively Looking to Leave Their Jobs https://www.csoonline.com/article/3595796/24-of-cisos-actively-looking-to-leave-their-jobs.html A recent survey reveals that 24% of Chief Information Security Officers (CISOs) are actively seeking new job opportunities, with many others contemplating leaving within three years …
Contents: News Analysis Events News: DocuSign’s Envelopes API abused to send realistic fake invoices https://www.bleepingcomputer.com/news/security/docusigns-envelopes-api-abused-to-send-realistic-fake-invoices/ Cybercriminals are exploiting DocuSign’s Envelopes API to deliver highly convincing fake invoices, tricking recipients into clicking on malicious links. By abusing this legitimate API, attackers are able to create phishing …
Contents: News Events News: LottieFiles hacked in supply chain attack to steal users’ crypto https://www.bleepingcomputer.com/news/security/lottiefiles-hacked-in-supply-chain-attack-to-steal-users-crypto/ LottieFiles, a platform for animated graphics, recently suffered a supply chain attack compromising its ‘lottie-player’ library versions 2.0.5 to 2.0.7. The attackers injected malicious code designed to steal cryptocurrency by …
