CSO Magazine

MAY 12, 2021

SOAR: Meaning and definition. SOAR is the name for a relatively new kind of security platform that coordinates information produced by a wide range of security tools and automate much of their analysis and protective responses. SOAR, which stands for security orchestration, automation, and response, is a term coined by Gartner in 2015 and since embraced by the industry as companies grapple with increasing security threats, a tight labor market, and an increasing flood of information they need to

Marketing 112

Marketing 112

eSecurity Planet

MAY 13, 2021

Oil and gas companies have two key areas of concern when addressing cybersecurity, especially in their unmanned remote facilities. They have to supply physical security that denies access to the cyber-physical assets, and they sometimes must employ several cyber defenses depending on the device or system in question. So when you are looking at doing a Zero Trust deployment for critical infrastructure, it is important to be mindful of the fact that a site’s physical security is typically th

Digital transformation 125

Digital transformation Technology Ransomware IoT 125

Krebs on Security

MAY 14, 2021

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The crime gang announced it was closing up shop after its servers were seized and someone drained the cryptocurrency from an account the group uses to pay affiliates. “Servers were seized (country not named), money of advertisers and founders was transferred to an unknown account,” reads a

Ransomware 364

Ransomware Cryptocurrency Cybercrime Healthcare 364

Schneier on Security

MAY 10, 2021

This is a newly unclassified NSA history of its reaction to academic cryptography in the 1970s: “ New Comes Out of the Closet: The Debate over Public Cryptography in the Inman Era ,” Cryptographic Quarterly , Spring 1996, author still classified.

357

357

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Troy Hunt

MAY 9, 2021

A fairly hectic week this one, in a large part due to chasing down really flakey network issues that are causing devices (namely Shelly relays) to be inaccessible. I suspect it's ARP related and as of now, it's still not fully resolved. You know how much s**t breaks in a connected house when devices become inaccessible? Lots. But hey, at least I've finally automated my aircon!

Encryption 301

Encryption 301

Adam Levin

MAY 14, 2021

Colonial Pipeline paid roughly $5 million to the ransomware group responsible for hacking its systems, contradicting earlier claims. . Bloomberg News reported that the company paid the ransom in cryptocurrency hours after the May 7 cyberattack that shut down the country’s largest fuel pipeline. In exchange for the payment, the hackers responsible provided Colonial with a decryption tool that restored the company’s access to its data. .

Backups 260

Backups Cryptocurrency Ransomware Cybersecurity 260

Schneier on Security

MAY 10, 2021

This is a major story : a probably Russian cybercrime group called DarkSide shut down the Colonial Pipeline in a ransomware attack. The pipeline supplies much of the East Coast. This is the new and improved ransomware attack: the hackers stole nearly 100 gig of data, and are threatening to publish it. The White House has declared a state of emergency and has created a task force to deal with the problem, but it’s unclear what they can do.

Ransomware 345

Ransomware Cybercrime 345

Tech Republic Security

MAY 11, 2021

Cybersecurity expert discusses the many ways attackers could have gotten access to the Colonial Pipeline company and reminds us why the threat always looms.

Cybersecurity 213

Cybersecurity 213

Security Boulevard

MAY 11, 2021

Humans are the biggest risk to an organization’s cybersecurity posture, and it might be a bigger risk than many realize. According to research from Elevate Security, human behavior had a direct role in 88% of total losses in the largest cybersecurity incidents over the past five years and about two-thirds of major data breaches are. The post Your Security Awareness Training Isn’t Working appeared first on Security Boulevard.

Security Awareness 145

Security Awareness Data breaches Risk Cybersecurity 145

Hot for Security

MAY 10, 2021

Tulsa, Oklahoma, is reportedly the latest in a long line of American cities to have fallen victim to a ransomware attack. The attack, which occurred on Friday evening, caused the city’s IT security teams to shut down many of Tula’s internal systems over the weekend “out of an abundance of caution” while they worked around the clock at the weekend in an attempt to restore operations from backups.

Ransomware 145

Ransomware Backups Government Internet 145

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Schneier on Security

MAY 14, 2021

Modern ransomware has two dimensions: pay to get your data back, and pay not to have your data dumped on the Internet. The DC police are the victims of this ransomware, and the criminals have just posted personnel records — “including the results of psychological assessments and polygraph tests; driver’s license images; fingerprints; social security numbers; dates of birth; and residential, financial, and marriage histories” — for two dozen police officers.

Ransomware 319

Ransomware Cryptocurrency Cybercrime Internet 319

Tech Republic Security

MAY 12, 2021

Government and business both need to step up to combat ransomware attacks against critical systems before they spiral further out of control.

Ransomware 217

Ransomware Government 217

Security Boulevard

MAY 10, 2021

Organizations have flocked from on-premises to the cloud over the past year, and protecting data during the transition has proven to be a monumental task. But now companies must focus on what happens after the migration. The new reality is that these organizations and their cloud providers work under a shared responsibility model, in which…. The post Protecting Cloud Data Throughout Its Lifecycle appeared first on Baffle.

145

145

Bleeping Computer

MAY 10, 2021

After a ransomware attack on Colonial Pipeline forced the company to shut down 5,500 miles of fuel pipeline, the Federal Motor Carrier Safety Administration (FMCSA) issued a regional emergency declaration affecting 17 states and the District of Columbia. [.].

Ransomware 145

Ransomware 145

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Schneier on Security

MAY 11, 2021

Microsoft researchers just released an open-source automation tool for security testing AI systems: “ Counterfit.” Details on their blog.

Risk 303

Risk Artificial Intelligence 303

Tech Republic Security

MAY 12, 2021

Attackers are not only demanding ransom from organizations, but also threatening their customers, users and other third parties.

Ransomware 218

Ransomware 218

Digital Shadows

MAY 12, 2021

Gotta do it for the ‘Gram (Instagram), as the kids might say. After a year in quarantine, you just got. The post How Cybercriminals Can Leverage Your Vaccination Card Selfie first appeared on Digital Shadows.

145

145

Security Boulevard

MAY 8, 2021

Every time there’s a cyberattack like the recent ransomware targeting Colonial Pipeline, industry experts scramble to share thoughts on what could have been done to thwart it, or what the impact of a breach could be. Organizations need to reset themselves to have a post-breach mindset, pre-breach. The post OT and IoT Security: Adopt a Post-Breach Mindset Today appeared first on Nozomi Networks.

IoT 145

IoT Ransomware 145

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Bleeping Computer

MAY 13, 2021

Chemical distribution company Brenntag paid a $4.4 million ransom in Bitcoin to the DarkSide ransomware gang to receive a decryptor for encrypted files and prevent the threat actors from publicly leaking stolen data. [.].

Ransomware 145

Ransomware Encryption 145

Tech Republic Security

MAY 12, 2021

A new HP Wolf Security study focuses on shifting cybersecurity threats in the age of remote working as employees use work devices for personal entertainment.

Cybersecurity 181

Cybersecurity 181

The Hacker News

MAY 12, 2021

Adobe has released Patch Tuesday updates for the month of May with fixes for multiple vulnerabilities spanning 12 different products, including a zero-day flaw affecting Adobe Reader that's actively exploited in the wild.

145

145

CyberSecurity Insiders

MAY 12, 2021

Your staff members may fail to notice how they expose their business to security risks. Beware of the most common insider threats and learn how to resist. Let us assume you do your best to protect your business from security risks. But do you know that a good deal of the danger accounts for insiders? Dealing with insider threats is an awfully bad experience for too many businesses so far.

Accountability 144

Accountability Scams Risk Software 144

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Bleeping Computer

MAY 9, 2021

WhatsApp says that it will not delete or deactivate the accounts of users who oppose its latest privacy policy update that requires sharing data with Facebook companies. [.].

Accountability 145

Accountability Technology 145

Tech Republic Security

MAY 10, 2021

A recent survey found an unusual reason cybersecurity is failing. Experts share what it is and how to correct it.

Technology 213

Technology Cybersecurity 213

Security Boulevard

MAY 14, 2021

To say that the world was unprepared for what happened in March of 2020 would be a gross understatement. Nobody needs a reminder of the seismic changes that the coronavirus pandemic introduced. Large enterprises were caught off guard, to be sure. But many small and medium-sized enterprises (SMEs), which typically operate with lean and sometimes. The post Remote Work Lessons Learned appeared first on Security Boulevard.

Cybersecurity 144

Cybersecurity Network Security 144

Malwarebytes

MAY 14, 2021

Recently, we have seen an increasing number of reports from iPhone users about their calendars filling up with junk events. These events are most often either pornographic in nature, or claim that the device has been infected or hacked, and in all cases they contain malicious links. This phenomenon is known as “calendar spam.” Calendar spam became a big problem for Apple’s iCloud calendars back in 2016.

Scams 144

Scams Hacking Engineering 144

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

Bleeping Computer

MAY 13, 2021

US cybersecurity firm Rapid7 has disclosed that some source code repositories were accessed in a security incident linked to the supply-chain attack that recently impacted customers of the popular Codecov code coverage tool. [.].

Cybersecurity 144

Cybersecurity 144

Tech Republic Security

MAY 11, 2021

Though it likes to promote itself as being "philanthropic," the DarkSide gang represents a dangerous threat to organizations around the world.

Ransomware 187

Ransomware 187

Graham Cluley

MAY 10, 2021

The 5,500 miles of Colonial Pipeline, which carry over 100 million gallons of fuel every day, from Houston, Texas to the New York Harbor, has been offline since May 7 following a ransomware attack.

Ransomware 144

Ransomware Malware 144

Hot for Security

MAY 14, 2021

A leading manufacturer of gaming hardware has warned internet users to be wary of downloading fake versions of free software it distributes to overclock GPUs. According to a blog post by MSI , cybercriminals have created a fake version of the MSI website and are using it to distribute a malware-laced version of their free utility, Afterburner. MSI Afterburner is the most popular GPU overclocking software available, and highly regarded by gamers for its ability to squeeze out maximum performance,

Manufacturing 143

Manufacturing Software Internet Internet 143

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

Risk