News that source code of Nissan North America tools leaked online because of a misconfigured Git server spurs questions not only about potential cyberattacks by bad actors, but also whether competitors could use the sensitive data against the automobile giant.
The agency has found evidence of authentication token abuse in networks infected with corrupted versions of Orion software and say restoring integrity will require a full network rebuild in certain cases.
The incident, as well as the response among those on Capitol Hill tasked with securing government technology assets, serves as a dramatic and evolving case study for public and private sector entities on the scope of the cybersecurity risk tied to a physical breach.
T-Mobile reported a breach that compromised customer data – the company’s fourth in three years – raises questions about whether the mobile carrier’s massive merger with Sprint left the combined company more vulnerable. Indeed, when companies merge, particularly sizable ones, the integration of technology systems and networks can often introduce new security considerations. “The volume…
In the course of investigating the impacts of the SolarWinds breach, Microsoft security specialists discovered “unusual activity” within a number of internal accounts, including one that was used to view the company’s internal source code.
What might go down as the most consequential story of the year for the cybersecurity community only surfaced in December. And yet, experts predict years of clean up, both physical and political, and potential shifts in how the nation secures the supply chain.