Plus: Ukraine partners with EU on cybersecurity
| Part of  Network | |
 Presented by  |
Germany's head of cybersecurity is accused of being tied with suspicious Russian individuals, risking being fired by the Minister of Interior Affairs. The issue was reported by the German press. More: - German authorities have stated that the issue is being handled internally, but local media believes that the president of the Federal Office for Information Security could be replaced sooner rather than later due to the sensitivity of the issue.
- The current head of the Federal Office for Information Security, Arne Schönbohm, is allegedly a member of an association with ties to former Russian intelligence members.
- It is believed that the German government advised Schönbohm to distance himself from the association, but the latter chose to continue participating in activities held by the group.
- The news comes at a time when Germany is rationing its gas and hoping to have gas reserves that last a population of more than 80 million for the entire winter, in addition to withstanding several cyberattacks.
Share your thoughts: - What are a couple of your favorite infosec tools?
| |
Several U.S. airports shut down their websites today after what are believed to have been Russian-based hackers breached their security systems. No incidents were reported as a result. More: - Some of the affected airports were The Los Angeles International Airport and Atlanta's Hartsfield-Jackson International Airport.
- The hacking campaign successfully managed to shut down the websites of 14 different airports.
- All of the targeted organizations reported that no further damage had been caused by the cyberattack.
- Russian hacker group KillNet is believed to be possibly linked with the attack, as the group has been active in supporting Russia's actors ever since the Ukraine invasion in March 2022. The group has launched cyberattacks against Ukraine, the U.S. Congress, and other NATO countries.
| |
 A message from SECURITY COMPASS Discover an automated, scalable, developer-centric approach to threat modeling. So what differentiates a developer-centric threat modeling platform from more traditional threat modeling tools? A holistic developer-centric threat modeling platform offers a solution that covers the entire process—from analysis to implementation to measurement and reporting. It will help you release secure software faster by: - Automatically generating threat modeling diagrams
- Identifying required threat countermeasures and security controls
- Engaging key stakeholders (especially developers)
- Ensuring developers implement the required controls
- Measuring the effectiveness of the program
- Maintaining audit trails and data
- Understanding a change in risk profile
Read Developer Centric Software Threat Modeling Powered by Automation, a comprehensive guide on why developer-centric threat modeling is critical for your business. Get the guide
| |
Toyota has admitted that a data leak exposed customers for five years. The flaw was accessible through GitHub. More: - The world's largest auto manufacturer, based in Japan, announced that the data leak has been tracked only recently.
- Hackers may have been able to abuse a security flaw present in T-Connect, Toyota's mobile connectivity app that enables them to have access to multimedia services.
- Source code from the app had been accidentally posted in GitHub, where threat actors may have been able to abuse unauthorized access for over five years.
- The company has confirmed that it has tracked two cases where hackers have stolen the data of over 290,000 users, but any unauthorized access gained through the flaw was removed by Toyota.
- Toyota blamed a sub-contractor for the mistake but also admitted to being careless with security practices.
| |
Ukraine has announced a new partnership with the EU cybersecurity agency ENISA. The partnership will let Ukraine bring its laws in line with other EU nations and also let Ukraine use its experience in fighting cyberattacks to help other democracies. More: - The European Union Agency for Cybersecurity is considered the premier authority regarding cybersecurity in the EU.
- Ukrainian officials stated that this visit would help both parties involved improve their security against Russian cyberattacks and also help Ukraine’s State Service of Special Communications and Information Protection adopt EU legislation.
- Ukraine recently officially received EU candidate status, a historic step that was seen as a sign of encouragement for the war-struck country.
| |
 A message from IMPACT A partnership manager’s guide to surviving economic downturns and uncertainty The economic storm has wreaked havoc and is forcing cost-reduction efforts on some businesses. With the economic downturn and imminent uncertainty in the air, how do you pivot your influencer and affiliate partnerships strategy and stay on course toward sunnier days? More innovative partnerships offer a resilient, low-risk source of revenue and can help businesses find ways to cope (and even thrive) regardless of economic conditions. Ride out the storm by learning about: - How partnerships programs change during stormy economic conditions
- The five steps to thriving during a downturn
- Riding out the storm with thoughtful decision-making
Get the guide
| |
Cybersecurity startup Endor has raised a $25M funding round. The company has been in stealth mode so far. More: - The round was led by Lightspeed Venture Partners, Dell Technologies Capital, and Sierra Ventures.
- Endor has created a software solution that scans open-source code packages that companies use and analyze where potential vulnerabilities may show up in the future.
- Endor will use the funds to expand its R&D efforts and boost product development.
- The startup currently has 30 employees.
| |
Quick Hits: - Get the best practices from seven successful influencer campaigns and the brands that created them.*
- Chip company Intel has confirmed that source code from its Alder Lake chip has leaked on the internet. The leak is believed to be a result of third-party abuse from an unknown threat actor.
- Mastercard has announced the release of its new card, believed to be resistant to quantum computing that may crack highly sophisticated algorithms.
- Researchers have tracked a new Ransomware-as-a-Service tool that enables users to create easy-to-use phishing tools. The tools, named Caffeine, target Microsoft 365.
- Chinese threat actor Taidoor has been tracked deploying new hacking campaigns targeting Japanese organizations.
*This is sponsored content.
| |
Upcoming events at Inside: - October 11 - AMA with Mike Malone (Smallstep)* (Register Here)
- October 13 - AMA with Ram Bartov (Chief Accounting Officer at TripActions)* (Register Here)
- October 19 - AMA with Zecca Lehn (Responsibly VC) (Register Here)
- October 25 - Meet Our Fund 4, an Inside.com Summit (Register Here)
- November 02 - AMA with Bill Glenn (Executive Chairman at Crenshaw Associates) (Register Here)
- December 07 - Live AMA with Deividi Silva ( Head of Developer Relations at Gun.io) (Register Here)
*This is a sponsored listing.
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
Security Compass is on a mission to accelerate software time-to-market while managing risk. | |
| |
| 767 Bryant St. #203, San Francisco, CA 94107
Copyright © 2022 Inside.com | |
| |
