Benjamin Carr, Ph.D. 👨🏻‍💻🧬Feb 9
More than 135,000 #OpenClaw instances exposed to internet in latest #vibecoded disaster
By default, the bot listens on all network interfaces, and many users never change it
When combined with previously known vulnerabilities in the vibe-coded AI assistant platform and links to prior breaches, #SecurityScorecard STRIKE warns that there's a systemic #security failure in the #opensource #AIagent space.
https://www.theregister.com/2026/02/09/openclaw_instances_exposed_vibe_code/
More than 135,000 OpenClaw instances exposed to internet in latest vibe-coded disaster

: By default, the bot listens on all network interfaces, and many users never change it

The Register
John LeonardFeb 25, 2025

Cybersecurity researchers say they have uncovered a massive botnet targeting M365 accounts with password-spraying attacks.

https://www.computing.co.uk/news/2025/security/microsoft-365-users-targeted-by-password-spraying-botnet

#microsoft #infosec #m365 #microsoft365 #botnet #technews #cybersecurity #SecurityScorecard

Microsoft 365 users targeted by password-spraying botnet

Cybersecurity researchers say they have uncovered a massive botnet targeting M365 accounts with password-spraying attacks.

Tech Cybersecurity NieuwsFeb 7, 2025
Verhoogd risico op datadiefstal in verzekeringssector door derden https://www.trendingtech.news/trending-news/2025/02/53706/verhoogd-risico-op-datadiefstal-in-verzekeringssector-door-derden #verzekeringssector #datalekken #derde partijen #beveiligingsrisico's #SecurityScorecard #Trending #News #Nieuws
Verhoogd risico op datadiefstal in verzekeringssector door derden

Nieuw onderzoek toont aan dat de verzekeringssector aanzienlijk meer risico loopt op datalekken door derde partijen dan andere industrieën. Uit onderzoek van

Tech Nieuws
Tech Cybersecurity NieuwsJan 29, 2025
Lazarus groep: nieuwe administratieve laag onthuld in cyberaanvallen https://www.trendingtech.news/trending-news/2025/01/51813/lazarus-groep-nieuwe-administratieve-laag-onthuld-in-cyberaanvallen #Lazarus Groep #cyberaanvallen #Noord-Korea #SecurityScorecard #Phantom Circuit #Trending #News #Nieuws
Lazarus groep: nieuwe administratieve laag onthuld in cyberaanvallen

Onderzoekers hebben een verborgen administratieve laag ontdekt die door de Lazarus-groep wordt gebruikt om hun wereldwijde cyberaanvalcampagnes te beheren. Dez

Tech Nieuws
BSidesChicago Oct 31-Nov 1 2025!!Oct 5, 2024

🎯 Silver Sponsor Alert! 🎯
Sasha’s feathers are fluffed with excitement to welcome SecurityScorecard as a Silver Sponsor for BSidesChicago! 🦩💻 They know how to rate security like a pro, and now they’re swooping in to help us level up the fun and the cyber-safety! 🎉

Get ready for a wild (and secure) ride! #BSidesChicago #SashaApproved #SecurityScorecard #CyberFun

Gabriel NAug 29, 2024

If you are a security scoring website and your password requirement look like this and won't accept my 24 letter (words, letters and symbols, but not the right symbols... 115 bits of randomness according to Strongbox) password... I'm sorry, you have already lost your credibility

#passwordrequirements #securityscorecard

Alerta! Alerta!May 20, 2024

Hey #securityscorecard: Go home and read up on secure passwords at https://pages.nist.gov/800-63-3/sp800-63b.html#-5112-memorized-secret-verifiers!

But what does #NIST know about such things. You are for sure much more knowledgeable!

#petpeeve #rollYourOwn

NIST Special Publication 800-63B

NIST Special Publication 800-63B

Tony MorbinFeb 16, 2023
MDR Firm To Use Money to Boost Threat Analytics, Security Scoring, User Interface https://www.bankinfosecurity.com/deepwatch-raises-180m-in-splunk-backed-funding-to-boost-mdr-a-21211 $180m investment in MDR Co Deepwatch to strengthen threat analytics, user interface & security scoring for customers. Michael Novinson #securityscorecard #mdr #cybersecurity
Deepwatch Raises $180M in Splunk-Backed Funding to Boost MDR

Managed detection and response titan Deepwatch has received a $180 million investment to strengthen its threat analytics, user interface and security scoring for

SecurityLabFeb 26, 2021

Microsoft выпустила бесплатный инструмент для удаления Solorigate из зараженных сетей #Microsoft, #Solorigate, #SolarWinds, #CodeQL, #Teardrop, #SecurityScorecard https://t.co/dVEev6MeVk https://t.co/5SSy9TNeE3

Источник: https://twitter.com/SecurityLabnews/status/1365235165820256257

Microsoft выпустила бесплатный инструмент для удаления Solorigate из зараженных сетей

Microsoft предлагает организациям запросы CodeQL, использовавшиеся ею для анализа своего исходного кода после атаки на SolarWinds.