3 Interesting Articles

Cybersecurity professional accused of stealing $9M in crypto

Tech Crunch:  Shakeeb Ahmed, a cybersecurity professional, has been indicted by the U.S. Attorney’s Office of the Southern District of New York for allegedly hacking a cryptocurrency exchange and stealing about $9 million. Ahmed, who used to be a senior security engineer at Amazon, leveraged his expertise in reverse engineering and blockchain audits to carry out the attack. The description and timing of the incident align with the attack on Solana-based exchange, Crema Finance, in July 2022. Ahmed offered to return all but $1.5 million of the stolen funds if the victim agreed not to involve law enforcement. He now faces charges of wire fraud and money laundering.

Microsoft says Chinese hackers breached email, including U.S. government agencies 

NPR: Microsoft revealed that Chinese hackers, dubbed Storm-0558, infiltrated some of its customers’ email systems to collect intelligence. The breach, involving unclassified data, was initially detected by an unidentified federal government agency, which promptly informed Microsoft and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). While the exact targets and the stolen data remain uncertain, Microsoft assures that the breach is now contained. Microsoft is now working closely with (CISA to improve authentication security and system monitoring, with the tech company bearing the responsibility for patching the vulnerability.

How Has GDPR Changed Our Approach to Data Protection?

Infosecurity Magazine: Five years after the introduction of the General Data Protection Regulation (GDPR), the data privacy landscape continues to evolve, with businesses now eyeing the UK’s upcoming Data Protection and Digital Information (DPDI) Bill. Despite these advances, the threat of cybersecurity breaches remains, posing significant potential harm ranging from personal identity theft to corporate financial fraud and reputational damage. A report indicates that it takes companies an average of 277 days to identify and respond to cyber-attacks, highlighting the sophistication and organizational capacity of contemporary cybercriminals. The increasing adoption of zero trust cloud security and the pivotal role of Data Protection Officers (DPOs) are critical for mitigating these threats. As cyber threats continue to evolve, GDPR encourages businesses to improve security practices and handle collected data responsibly.

2 Stats You Should Know

Since March 2023, there’s been a 300% uptick in SaaS attacks on Salesforce Community Sites and other SaaS applications. (source)

Cybersecurity revenues will reach $344 billion worldwide by 2030. (source)

1 More Thing