The Last Watchdog

JANUARY 23, 2024

Between social media, mobile apps, internet-connected devices and the rise of artificial intelligence vast amounts of personal data is being gathered constantly, putting individuals’ privacy at risk,” said Lisa Plaggemier, Executive Director at NCA.

Data privacy 100

Data privacy Education Artificial Intelligence Cybersecurity 100

Joseph Steinberg

DECEMBER 11, 2023

Veteran cybersecurity expert witness executive will help strengthen law enforcement capabilities to prevent, investigate, and prosecute information-age crimes. He will also review relevant materials and initiate topical recommendations. Steinberg, who is based in New York, is expected to serve on the committee through mid-2026.

Cybersecurity 250

Cybersecurity Artificial Intelligence CISO Technology 250

Krebs on Security

JUNE 7, 2022

They didn’t specify what additional topics the series would scrutinize, but Netflix’s teaser for the show suggests it concerns cybercrimes that result in deadly, real-world kinetic attacks. More recently, our family was subjected to swatting attacks by a neo-Nazi group that targeted journalists, judges and corporate executives.

Cybercrime 269

Cybercrime Internet Internet Web Fraud 269

Security Boulevard

JULY 10, 2023

Enhancing the trust and security of the supply chain is on the minds of many a cybersecurity executive today, and will likely be a topic of interest and concern in the months and years to come. It’s not surprising then, that the focal point of a recent RSA Conference virtual seminar was supply chain security.

Cybersecurity 71

Cybersecurity Software Risk 71

CSO Magazine

DECEMBER 2, 2022

This is a primary reason why MFA was a key topic for this year’s cybersecurity awareness month. For leaders and executives, the key is to ensure employees are trained to understand the importance of the security tools – like MFA – available to them while also making the process easy for them.

Authentication 111

Authentication Accountability Cybersecurity 111

Schneier on Security

JULY 10, 2020

A criminal group called Cosmic Lynx seems to be based in Russia: Dubbed Cosmic Lynx, the group has carried out more than 200 BEC campaigns since July 2019, according to researchers from the email security firm Agari, particularly targeting senior executives at large organizations and corporations in 46 countries.

Scams 222

Scams Accountability Authentication Phishing 222

PCI perspectives

JANUARY 23, 2023

The PCI SSC Global Content Library is home to hours of video content from our Global Community Events, covering topics on industry trends, strategies on best practices, and solutions for anyone within the payment ecosystem. Learn directly from Council executives and industry experts as they share their knowledge with you!

57

57

Schneier on Security

DECEMBER 15, 2023

ChatGPT both surprised and amazed the world with its ability to understand human language and generate credible, on-topic, humanlike responses. It’s as if all the executive assistants or lawyers in an industry worked for the same agency. But what these are really good at is interacting with systems formerly designed for humans.

Internet 264

Internet Internet IoT Banking 264

CSO Magazine

AUGUST 16, 2022

The fallout of the SolarWinds cybersecurity incident, coupled with Cybersecurity Executive Order (EO) put the topic of software supply chain security, and by association, software bills of material (SBOM) center stage in the security dialog.

Software 62

Software Cybersecurity 62

Security Affairs

JUNE 27, 2022

The malspam messages have the topic “Free primary legal aid” use a password-protected attachment “Algorithm of actions of members of the family of a missing serviceman LegalAid.rar.” ” Upon opening the document and enabling the macro, a PowerShell command will be executed. .”

Telecommunications 127

Telecommunications Malware Media Passwords 127

The Last Watchdog

MAY 2, 2023

Every automation tool is like an added employee , strengthening SOCs and empowering individual analysts to find more valuable ways to employ their expertise or receive additional training on more complex topics. Execute data minimization protocol by backing up and deleting data as needed. Submit, close or escalate case tickets.

Cybersecurity 167

Cybersecurity Firewall Risk Cyber Risk 167

Anton on Security

NOVEMBER 6, 2020

It is made up of senior security executives with experience managing large security organizations across multiple industries. These executives serve as the trusted security and compliance advisors and advocates for customers. Furthermore, Google Cloud Security is putting together hot topics for future CISO discussions.

CISO 100

CISO Cloud Migration CSO Information Security 100

Malwarebytes

MARCH 1, 2024

It contains a basic AppleScript executable and the script to be run. The code could be pretty bland, and unlikely to trigger any kind of detection from Apple’s notarization process, but could download and execute something less trustworthy. Topics are cryptocurrency investment opportunities.

Cryptocurrency 99

Cryptocurrency Malware Authentication Banking 99

Security Affairs

JANUARY 14, 2021

The phishing emails have similar topics and pretend to come from some of the same entities – for example, the Office of the Attorney General (Fiscalia General de la Nacion) or the National Directorate of Taxes and Customs (DIAN). The same IP address range was used for emails sent in the earlier campaign. ” continues the report.

Malware 116

Malware Surveillance Phishing Government 116

CyberSecurity Insiders

JULY 21, 2022

In what’s known to our Cybersecurity Insiders, most of the patches are related to memory safety flaws that could expose users to threat actors launching remote code execution attacks. Just click on Settings >General> Software and just hit on the update software tab.

Healthcare 122

Healthcare Media Software Cybersecurity 122

Cisco Security

JANUARY 10, 2023

Here are the topics that I think will be top of mind in 2023, and what CISOs can do to prepare. CISOs will also likely be pushing more tabletop exercises with the executive leadership team to ask and answer questions around what is showed, to whom, and by whom. CISO in the firing line. Increasing demands from insurers.

CISO 125

CISO Insurance Cyber Insurance Phishing 125

The Last Watchdog

NOVEMBER 15, 2021

I recently completed a new study on this very topic for Business Horizons , published by Elsevier. Executives and leaders should be trained to recognize cyber threats when they see one. These actions undermine a nation’s security and make them vulnerable to geopolitical risks.

Cyber Risk 235

Cyber Risk Risk Artificial Intelligence Cyber threats 235

Security Affairs

JUNE 13, 2022

The malspam messages use the topic “LIST of links to interactive maps,” according to the CERT-UA, more malicious emails reached more than 500 recipients. ” Upon opening the document it will load the HTML-file and execute JavaScript code, which, in turn, will download and execute the EXE-file “2.txt”,

Media 97

Media Government Hacking Cybersecurity 97

Security Boulevard

DECEMBER 15, 2021

Cybersecurity is a topic that keeps many business executives, managers, and IT directors up at night, and with good reason. The average cost of a breach in 2021 is estimated at $4.24 As information technology grows in sophistication, so do cyber threats. This week, for example, the Apache Log4j vulnerability has sent security teams….

Cyber threats 52

Cyber threats Technology Cybersecurity Malware 52

Security Affairs

AUGUST 2, 2020

A critical flaw in the wpDiscuz WordPress plugin could be exploited by remote attackers to execute arbitrary code and take over the hosting account. The vulnerability could be exploited by attackers to execute arbitrary code remotely after uploading arbitrary files on servers hosting the vulnerable WordPress sites.

Accountability 140

Accountability Advertising Account Security Hacking 140

SecureWorld News

NOVEMBER 16, 2023

RELATED: White House Unveils Groundbreaking AI Executive Order ] In a November 15 LinkedIn post , Victoria Beckman, Associate General Counsel, Security & Privacy, at Shopify, had this to say about the CISA AI Roadmap: "The roadmap seeks to ensure internal coherence and alignment with the U.S.

Artificial Intelligence 87

Artificial Intelligence Cybersecurity Education Software 87

SecureWorld News

DECEMBER 27, 2022

Cyber is the risk to watch, according to a Financial Times article in which insurer Zurich's top executive is quoted. Watch for more information on the cyber insurance topic at SecureWorld's slate of in-person and virtual events in 2023. 26 article.

Insurance 69

Insurance Cyber Attacks Cyber Insurance Marketing 69

The Last Watchdog

SEPTEMBER 26, 2022

As enterprises continue to fall victim to increasingly complex attacks, there’s one topic that cybersecurity professionals and vendors can agree on: the importance of Zero Trust. While this continuous pivot can be tough to track, it does not diminish the need for a real, executable strategy for tackling its core tenants.

Ransomware 179

Ransomware Passwords Data breaches Accountability 179

Security Affairs

AUGUST 9, 2022

For this first one, I’ll briefly introduce some crucial topics to ease the understanding of the analysis process. From a security point of view files of the types DOC, DOCX, XLS, XLSX, and XLSM, have a common issue, they can contain macros which are embedded scripts that are executed inside the file. Example: peframe file_name.

Malware 103

Malware Education Hacking Internet 103

Security Affairs

MARCH 19, 2024

Analysis of the backdoors uploaded on VirusTotal revealed that threat actors utilized geopolitical topics as bait. Earth Krahang was observed retrieving hundreds of email addresses from their targets during the reconnaissance phase. “Earth Krahang abuses the trust between governments to conduct their attacks.

Government 87

Government Phishing Accountability VPN 87

The Last Watchdog

APRIL 8, 2024

I recently attended an IoActive-sponsored event in Seattle at which Pegueros gave a presentation titled: “Merging Cybersecurity, the Board & Executive Team” Pegueros shed light on the land mines that enshroud cybersecurity presentations made at the board level. Compliance brings visibility to a topic.

CISO 166

CISO Risk Cybersecurity Insurance 166

SecureWorld News

DECEMBER 20, 2022

The ability to ask any question on just about any topic and have a very intelligent answer given has cybersecurity experts wondering if the infosec community is using it and, if so, for what; and, if so, how is it working for writing scripts and code or imitating phishing emails, for instance. Useful for basic malware analysis.

InfoSec 130

InfoSec Phishing Social Engineering Media 130

NetSpi Technical

NOVEMBER 16, 2023

These keys could then be used to overwrite the existing Function App Functions and gain code execution in the container. There are a number of ways that an attacker could get command execution in the container, which we’ve highlighted a few options in the talk that originated this line of research.

Encryption 136

Encryption Accountability Penetration Testing Authentication 136

Cisco Security

FEBRUARY 6, 2023

These factors zero in on relationships with company leadership (as measured by establishing executive support) and relationships with people across the organization (as measured by cultivating a culture of security). This has repercussions on the executive level and throughout the business. It’s the latter that caught my eye.

CISO 119

CISO Architecture Mobile Cybersecurity 119

Security Affairs

SEPTEMBER 22, 2022

however, in most cases an attacker exploit this issue to gain code execution from the file write. “As we have demonstrated above, this vulnerability is incredibly easy to exploit, requiring little to no knowledge about complicated security topics.” ” concludes the report.

Hacking 100

Hacking Information Security 100

Security Affairs

SEPTEMBER 8, 2023

The cyberspies used to propose a collaboration with a security researcher on topics of mutual interest. The tool was designed to enable the attackers to download and execute arbitrary code. In one of the cases analyzed by TAG, the attackers carried on a months-long conversation with the target.,

Cybersecurity 111

Cybersecurity Media Accountability Software 111

The Last Watchdog

JANUARY 17, 2022

There are reasons why the practice isn’t widespread, including an organizational problem requiring executive support. The topics are often complex and require contextual education for non-security experts to interpret correctly. Effective leading indicators.

CISO 217

CISO Software B2B Risk 217

Troy Hunt

JULY 21, 2021

I recall one in particular where a company was in talks to be acquired and one of their executives had an account. Another company was only interested in the email addresses of executives where the aforementioned reputation damage was riskier. They were worried it could pose a material impact to the sale due to reputation damage.

Accountability 363

Accountability Data breaches Government InfoSec 363

CyberSecurity Insiders

DECEMBER 16, 2021

Now, if that same executive asked you to describe which one is recommended in the General Data Protection Regulation (GDPR), or the California Consumer Privacy Act (CCPA), would you recognize that it is a trick question, as neither of those prescribe a specific type of encryption? To learn more about this topic, read our latest article.

Cybersecurity 118

Cybersecurity Encryption Internet Internet 118

SecureWorld News

OCTOBER 4, 2022

Our speakers discussed a range of hot cyber topics, including business email compromise (BEC) scams, cyber warfare, Zero Trust, burnout, and so much more. Our lunch keynote panel was titled Demystifying Cybersecurity in the Boardroom , a topic many security leaders struggle with. Manager of Third-Party Risk at Raytheon Technologies.

InfoSec 89

InfoSec Cybersecurity Cryptocurrency Technology 89

Veracode Security

JULY 26, 2021

And with the recent cybersecurity executive order from the United States government, it’s more important than ever that organizations pay attention to the security of their code. The Veracode Security Labs Community Edition is a complimentary version with select topics for individual developers who want to start learning on their own. ?

Software 126

Software Engineering Data breaches Cyber Attacks 126

Malwarebytes

APRIL 26, 2023

When you hear about malware, there’s a good chance you think of sketchy executables or files with extensions like.DOCX or.PDF that, once opened, execute malicious code. In this post, we’ll explore topics like how fileless attacks work, why they're effective, and what you can do to find and block fileless threats.

Malware 70

Malware Software Internet Internet 70