eSecurity Planet contributor Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009. He’s also written extensively about wireless and broadband infrastructure and semiconductor engineering. He started his career at MTV, but soon decided that technology writing was a more promising path.
Microsoft’s Patch Tuesday for September 2023 includes 59 vulnerabilities, five of them rated critical and two currently being exploited in the wild. The two vulnerabilities currently being exploited are CVE-2023-36761, an information disclosure flaw in Microsoft Word with a CVSS score of 6.2; and CVE-2023-36802, an elevation of privilege flaw in Microsoft Streaming Service with […]
SandboxAQ today introduced an open-source cryptography management framework built for the post-quantum era. The AI and quantum spin-out from Alphabet uses the Sandwich framework for its SandboxAQ Security Suite, currently used by several U.S. government agencies, global banks, telcos, and tech companies. The framework is designed to simplify cryptography management and give developers greater observability […]
The U.S. Securities and Exchange Commission this week announced new rules mandating the disclosure of cybersecurity incidents as well as ongoing risk management, strategy, and governance. The rules, which will become effective 30 days after publication, require public companies to disclose any cybersecurity incident they determine to be material within four business days, detailing its […]
Microsoft has hardened security following a Chinese hack of U.S. government agency email accounts, but some details remain a mystery. Even as the threat has passed, Microsoft officials are still analyzing how a Chinese threat group was able to access U.S. government accounts using a stolen inactive Microsoft account (MSA) consumer signing key. Chinese hacker […]