CISA issues Binding Operational Directive 23-01. LAUSD says ransomware operators missed most sensitive PII. Trends in API protection SaaS security. Making a pest of oneself in a hybrid war.
CISA issues a Binding Operational Directive. An LA school district says ransomware operators missed most sensitive PII. An API protection report describes malicious transactions. Analysis of cyber risk in relation to SaaS applications. Joe Carrigan describes underground groups using stolen identities and deepfakes. Our guest is Eve Maler from ForgeRock on consumer identity breaches. And someone is making a nuisance of themself in Russia.
CISA Directs Federal Agencies to Improve Cybersecurity Asset Visibility and Vulnerability Detection (Cybersecurity and Infrastructure Security Agency)
CISA aims to expand cyber defense service across fed agencies, potentially further (Federal News Network)
CISA directs federal agencies to track software and vulnerabilities (The Record by Recorded Future)
Student, Teacher Data Not Affected in Los Angeles School District Hack (Wall Street Journal)
New API Threat Research Shows that Shadow APIs Are the Top Threat Vecto (Cequence Security)
Russian Citizens Wage Cyberwar From Within (Kyiv Post)
Russian Hackers Take Aim at Kremlin Targets: Report (Infosecurity Magazine) Russian retail chain 'DNS' confirms hack after data leaked online (BleepingComputer)