CISA has issued Binding Operational Directive (BOD) 25-01, requiring federal civilian agencies to improve the security of their Microsoft 365 cloud environments. This directive is part of CISA’s effort to reduce risks from cloud misconfigurations and weak security controls that have been targeted in recent cyberattacks. BOD 25-01 introduces Secure …

The Irish Data Protection Commission fined Meta €251 million ($263.6 million) for GDPR violations related to a 2018 data breach that affected 29 million Facebook accounts. The breach occurred when unauthorized parties exploited user access tokens, exposing sensitive information like names, email addresses, phone numbers, and physical locations, including data …

More than 25,000 SonicWall SSL VPN devices are vulnerable to critical flaws, with 20,000 running outdated SonicOS/OSX firmware that is no longer supported. This analysis by cybersecurity firm Bishop Fox was prompted by key vulnerabilities disclosed this year in SonicWall devices. Ransomware groups, like Fog and Akira, have recently exploited …