Schneier on Security

NOVEMBER 22, 2022

Accountability 203

Accountability 203

Troy Hunt

NOVEMBER 22, 2022

If you find your name and home address posted online, how do you know where it came from? Let's assume there's no further context given, it's just your legitimate personal data and it also includes your phone number, email address. and over 400 other fields of data.

Data breaches 220

Data breaches Data privacy InfoSec Marketing 220

Lohrman on Security

NOVEMBER 20, 2022

What are the latest online security tips as we head into another holiday season? What’s the best cyber advice, and what shopping trends should you watch out for

191

191

The Last Watchdog

NOVEMBER 22, 2022

Endpoints are where all are the connectivity action is. Related: Ransomware bombardments. And securing endpoints has once more become mission critical. This was the focal point of presentations at Tanium’s Converge 2022 conference which I had the privilege to attend last week at the Fairmont Austin in the Texas capital. I had the chance to visit with Peter Constantine, Tanium’s Senior Vice President Product Management.

Internet 128

Internet Internet Ransomware Technology 128

Speaker: William Hord, Vice President of ERM Services

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

Risk

Javvad Malik

NOVEMBER 24, 2022

Mercedes is one of the latest car companies to think, “hey, what do we do in a global downturn when new sales are low… I know, let’s limit some features on our car, then when people buy them, charge them extra to unlock it via a subscription model. If it’s worked for SaaS, it can work for us!” ” According to their site , a mere $1200 a month can give you a “noticeable improvement in acceleration of 0.8

Manufacturing 106

Manufacturing 106

Schneier on Security

NOVEMBER 18, 2022

Time-triggered Ethernet (TTE) is used in spacecraft, basically to use the same hardware to process traffic with different timing and criticality. Researchers have defeated it : On Tuesday, researchers published findings that, for the first time, break TTE’s isolation guarantees.

Hacking 208

Hacking 208

Troy Hunt

NOVEMBER 23, 2022

We've had great feedback from people who have gotten Pwned. Loads of people had told us how much they've enjoyed it and would like to get their friends Pwned too. Personally, I think everyone should get Pwned!

182

182

Security Affairs

NOVEMBER 21, 2022

A researcher published details and proof-of-concept (PoC) code for High-Severity macOS Sandbox escape vulnerability tracked as CVE-2022-26696. Researcher Wojciech Regu?a

Information Security 112

Information Security Hacking 112

Tech Republic Security

NOVEMBER 23, 2022

Industrial IoT is gaining adoption, but this comes with some security risks. Check out the dangers and how you can avoid them. The post Top 6 security risks associated with industrial IoT appeared first on TechRepublic.

IoT 149

IoT Risk Internet Internet 149

Schneier on Security

NOVEMBER 23, 2022

Nothing beats a dog’s nose for detecting explosives. Unfortunately, there aren’t enough dogs : Last month, the US Government Accountability Office (GAO) released a nearly 100-page report about working dogs and the need for federal agencies to better safeguard their health and wellness.

Government 180

Government Accountability 180

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

Cybersecurity

The Last Watchdog

NOVEMBER 20, 2022

Consider what might transpire if malicious hackers began to intensively leverage Artificial Intelligence (AI) to discover and exploit software vulnerabilities systematically? Related: Cyber spying on the rise. Cyber-attacks would become much more dangerous and much harder to detect. Currently, human hackers often discover security holes by chance; AI could make their hacking tools faster and the success of their tactics and techniques much more systematic.

Artificial Intelligence 113

Artificial Intelligence Manufacturing Software Hacking 113

Troy Hunt

NOVEMBER 19, 2022

It's very strange to have gone 1,051 days without spending more than a few hours apart, but here we are.

Government 179

Government 179

Security Affairs

NOVEMBER 23, 2022

Researchers discovered that analytics data associated with iPhone include Directory Services Identifier (DSID) that could allow identifying users.

Data collection 105

Data collection Accountability Software Cybersecurity 105

CyberSecurity Insiders

NOVEMBER 18, 2022

Kaspersky, a security firm having roots in Russia, has released a prediction filled report stating email servers and satellites becoming key cyber attack targets in the year 2023.

Cyber Attacks 114

Cyber Attacks Cybersecurity Hacking Internet 114

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Ransomware

Schneier on Security

NOVEMBER 21, 2022

Encryption 191

Encryption Ransomware Advertising Cybersecurity 191

Security Boulevard

NOVEMBER 23, 2022

Multifactor authentication (MFA) push notification fatigue attacks are increasing and are proving more effective, according to Expel’s quarterly threat report, based on data from the company’s customer base.

Threat Reports 99

Threat Reports Social Engineering Authentication Engineering 99

Dark Reading

NOVEMBER 22, 2022

Google Workspace's team is seeing a spike in phishing and spam hitting Gmail — up 10% in just the last two weeks

Phishing 102

Phishing 102

Security Affairs

NOVEMBER 22, 2022

Let’s give a look at API vulnerabilities by reading the API Security Top 10 published by the Open Web Application Security Project (OWASP).

B2B 106

B2B Authentication Digital transformation Accountability 106

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

Marketing

Naked Security

NOVEMBER 22, 2022

Review your servers, your patches and your authentication policies - there's a proof-of-concept out. Microsoft Uncategorized Vulnerability 0 day :ProxyNotShell CVE-2022-41040 CVE-2022-41082 Zero Day

Authentication 102

Authentication Hacking 102

Schneier on Security

NOVEMBER 18, 2022

Kirkus reviews A Hacker’s Mind : A cybersecurity expert examines how the powerful game whatever system is put before them, leaving it to others to cover the cost. Schneier, a professor at Harvard Kennedy School and author of such books as Data and Goliath and Click Here To Kill Everybody , regularly challenges his students to write down the first 100 digits of pi, a nearly impossible task­—but not if they cheat, concerning which he admonishes, “Don’t get caught.”

Hacking 140

Hacking Technology Cybersecurity 140

The Last Watchdog

NOVEMBER 20, 2022

Consider what might transpire if malicious hackers began to intensively leverage Artificial Intelligence (AI) to discover and exploit software vulnerabilities systematically? Related: Bio digital twin can eradicate heart failure. Cyber-attacks would become much more dangerous and much harder to detect. Currently, human hackers often discover security holes by chance; AI could make their hacking tools faster and the success of their tactics and techniques much more systematic.

Cyber Attacks 107

Cyber Attacks Artificial Intelligence Manufacturing Software 107

Dark Reading

NOVEMBER 22, 2022

As the open source social media network blows up due to Twitter's troubles, researchers caution about vulnerabilities within the application

Media 102

Media Cybersecurity 102

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

Data privacy

Security Affairs

NOVEMBER 23, 2022

The operators behind the Ducktail information stealer continue to improve their malicious code, operators experts warn.

Accountability 97

Accountability Media Marketing Authentication 97

CyberSecurity Insiders

NOVEMBER 20, 2022

Every year, NordPass makes it a point to release a report on the most popular passwords that are being used in the UK and as usual, it released a report even in this year as well.

Passwords 106

Passwords Cybersecurity Accountability Software 106

Security Boulevard

NOVEMBER 23, 2022

Some incredibly personal details are being sent to Facebook, without your consent, using the “Meta Pixel.”. The post ‘This is Appalling’ — Tax-Prep Sites Leak PII to Facebook appeared first on Security Boulevard.

CISO 94

CISO Risk Security Awareness Mobile 94

eSecurity Planet

NOVEMBER 18, 2022

Every IT environment and cybersecurity strategy has vulnerabilities. To avoid damage or loss, organizations need to find and eliminate those vulnerabilities before attackers can exploit them.

Firmware 101

Firmware Firewall Penetration Testing Passwords 101

Dark Reading

NOVEMBER 23, 2022

Chinese threat actors have already used the vulnerable and pervasive Boa server to infiltrate the electrical grid in India, in spate of malicious incidents

IoT 96

IoT 96

Security Affairs

NOVEMBER 19, 2022

Every year during Black Friday and Cyber Monday, crooks take advantage of the bad habits of users with fraudulent schema. Researchers at Bitdefender Antispam Lab have analyzed during the last weeks the fraudulent activities associated with Black Friday and Cyber Monday.

Retail 106

Retail VPN Password Management Phishing 106

CyberSecurity Insiders

NOVEMBER 21, 2022

In December 2021, Google’s Threat Analysis Group (TAG) discovered the intense activities being conducted by Glupteba Botnet on the internet and filed a lawsuit in a district court of New York.

Cybersecurity 103

Cybersecurity Cryptocurrency IoT Internet 103

Tech Republic Security

NOVEMBER 21, 2022

Now that attackers can phish employees on any device and try to extract credentials, endpoint protection has to cover more than just Windows. The post Microsoft Defender protects Mac and Linux from malicious websites appeared first on TechRepublic. Microsoft Security Software security software

Phishing 135

Phishing Software 135

Security Boulevard

NOVEMBER 19, 2022

Our sincere thanks to BSidesKC 2022 for publishing their outstanding conference videos on the organization's YouTube channel. Permalink. The post BSidesKC 2022 – Dale Hollis’ ‘Frustrating The PenTester With Active Directory’ appeared first on Security Boulevard.

Education 98

Education Information Security Cybersecurity Network Security 98

Dark Reading

NOVEMBER 23, 2022

Months after a fix was issued by a vendor, downstream Android device manufacturers still haven't patched, highlighting a troubling trend

Manufacturing 93

Manufacturing 93