2011, Information Security and Risk - Cyber Security Informer

Hackers threaten to leak a copy of the World-Check database used to assess potential risks associated with entities

Security Affairs

APRIL 22, 2024

World-Check is a global database utilized by various organizations, including financial institutions, regulatory bodies, and law enforcement agencies, for assessing potential risks associated with individuals and entities. World-Check had different owners across the years, it was originally founded as an independent company.

Risk

Risk Spyware Hacking Accountability

Twitter Fined $150 Million for Misuse of 2FA User Data

SecureWorld News

MAY 26, 2022

But instead of using this information for the sole purpose of improving security, Twitter profited by allowing advertisers to use this data to target individuals. This action violated a 2011 FTC order that prohibited the social media site from misrepresenting its privacy and security practices. FTC Chair Lina M.

Advertising

Advertising Media Accountability Account Security

CISA adds 12 new flaws to its Known Exploited Vulnerabilities Catalog

Security Affairs

SEPTEMBER 9, 2022

Cybersecurity and Infrastructure Security Agency (CISA) added 12 new vulnerabilities to its Known Exploited Vulnerabilities Catalog , including four vulnerabilities in D-Link routers, two Chrome zero-day issues, and a recently disclosed flaw in the QNAP Photo Station.

Passwords

Passwords Hacking Ransomware Risk

Russia-linked threat actors targets critical infrastructure, US authorities warn

Security Affairs

JANUARY 12, 2022

“This overview is intended to help the cybersecurity community reduce the risk presented by these threats.” “This overview is intended to help the cybersecurity community reduce the risk presented by these threats.” Russian state-sponsored APT actors’ global Energy Sector intrusion campaign, 2011 to 2018.

Malware

Malware Cyber threats Cybersecurity Government

NUVOLA: the new Cloud Security tool

Security Affairs

SEPTEMBER 28, 2022

Beyond the technological aspects, another compendium of Cloud Security Alliance (The State of Cloud Security Risk, Compliance, and Misconfigurations, 2022) states that the lack of knowledge and expertise are well-known issues within the information security industry. Pierluigi Paganini.

Engineering

Engineering Technology Architecture Accountability

Key aerospace player Safran Group leaks sensitive data

Security Affairs

MARCH 15, 2023

The vulnerability left the company at risk from cyberattacks over an extended period of time. Cybernews researchers advise the company to take swift action to mitigate risks and prevent future breaches by changing leaked credentials. According to its own estimates, Safran Group ’s revenue for 2022 was above €19 billion.

Manufacturing

Manufacturing Media Accountability Risk

Ready to move to the cloud? Here’s what you need to do when vetting service providers

SC Magazine

MAY 19, 2021

Visitors crowd a cloud computing presentation at the CeBIT technology trade fair on March 2, 2011 in Hanover, Germany. Security pros have a lot on their plate dealing with all the breaches and vulnerabilities thrown at them every day. Randy Vickers, chief information security officer for the U.S.

Firewall

Firewall Cloud Migration Architecture Information Security

Hundreds of millions of Facebook users’ phone numbers exposed online

Security Affairs

SEPTEMBER 5, 2019

This security breach put millions of Facebook users at risk of fraudulent activities, including SIM-swapping attacks and spam calls. Facebook admitted the incident, but provided different information about the extent of the exposure, confirming that that number of impacted accounts was around half of the reported one.

Advertising

Advertising Accountability Mobile Passwords

Checkra1n, a working iPhone Jailbreak, was released

Security Affairs

NOVEMBER 16, 2019

In September, the security expert Axi0mX released a new jailbreak, dubbed Checkm8 , that works on all iOS devices running on A5 to A11 chipsets. The jailbreak works with all Apple products released between 2011 and 2017, including iPhone models from 4S to 8 and X.

Surveillance

Surveillance Advertising Risk Media

The Essential Guide to Radio Frequency Penetration Testing

Pen Test

OCTOBER 12, 2023

Different wireless technologies operate within the RF spectrum, each utilizing specific frequency bands based on their intended applications (Molisch, 2011). Wireless communication is susceptible to diverse security challenges such as eavesdropping, data interception, and unauthorized access (Chen, 2015). IEEE Access, 6, 12725-12738.

Penetration Testing

Penetration Testing Wireless IoT Technology

Introducing our new CISO Advisor, Pam Lindemeon

Cisco Security

AUGUST 3, 2021

Pam joins us with 25 years experience in the IT industry, with her most recent role being Deputy Chief Information Security Officer at Anthem, Inc. I took an active role in understanding what the Security team were trying to achieve, and how my work and my team could help them.

CISO

CISO Technology Information Security Cybersecurity

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Security Affairs

AUGUST 1, 2019

One year later, in June 2010, the expert discovered that Cisco had not addressed the vulnerabilities exposing its customers to the risk of a hack, then he reported his findings to the FBI. The payment settles litigation that had originally been brought in 2011.” million, which includes payment of approximately $1.6

Surveillance

Surveillance Technology Government Software

Iran-linked Phosphorus group hit a 2020 presidential campaign

Security Affairs

OCTOBER 6, 2019

Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011. . The experts revealed that the recent campaign carried out by the APT group took place between August and September. ” reads the analysis published by Microsoft.

Accountability

Accountability Passwords Advertising Government

FISMA vs. FedRAMP in Government Cybersecurity

Centraleyes

MAY 2, 2024

Doing business with Uncle Sam involves navigating the complex landscape of government compliance, including FISMA (Federal Information Security Management Act) and FedRAMP (Federal Risk and Authorization Management Program). government approached information security.

Government

Government Cybersecurity Information Security Risk

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

Using older software within your own software always carries risk. Microsoft, for example, stopped patching Windows XP for security vulnerabilities in 2014. If you suspect you've been a problem, or you know what, in some cases, high risk organizations just mandate that people get tested. There are’s a lot to unpack here.

Healthcare

Healthcare Hacking InfoSec Software

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

Using older software within your own software always carries risk. Microsoft, for example, stopped patching Windows XP for security vulnerabilities in 2014. If you suspect you've been a problem, or you know what, in some cases, high risk organizations just mandate that people get tested. There are’s a lot to unpack here.

Healthcare

Healthcare Hacking InfoSec Software

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

MARCH 27, 2023

The majority of the data extracted from the victims will likely reach the underground dark markets soon, but for this latest portion of infected hosts the risk is even higher: the operator will likely try to sell access to these servers and enterprise machines to even more dangerous thirds parties, including well-known ransomware operators.

Malware

Malware Social Engineering Encryption Marketing

Detecting and Preventing Insider Threats in the Cloud

McAfee

SEPTEMBER 19, 2019

For security concerning sensitive business data and sanctioned enterprise cloud applications, Insider Threat, a threat that comes from an individual with authorized access to an organization’s IT systems, is a natural priority. Securing Data with McAfee. Another is to whitelist events generated by low-risk, trusted users.

Threat Detection

Threat Detection Accountability Risk Data breaches

Maritime port cybersecurity

Security Affairs

JANUARY 27, 2021

Let’s talk about cyber risk in the maritime and port setting to better understand Maritime Port cybersecurity. In order to better understand the evolutionary trend of worldwide shipping and port facilities from 2007 to present, it is necessary to talk again about cyber risk in the maritime and port setting.

Cybersecurity

Cybersecurity Cyber Risk Risk Education

Army Cyber Defense Review: 'The Only Constant Is Change'

SecureWorld News

NOVEMBER 17, 2022

Gerstein, a 1980 West Point graduate, who served as the Department of Homeland Security Undersecretary (acting) and Deputy Undersecretary in the Science and Technology Directorate from 2011-2014, in his "Better Anticipating and Managing Today's Growing Cyber Risks" article.

Cyber Risk

Cyber Risk Technology Information Security Accountability

ChatGPT: Cybersecurity friend or foe?

Malwarebytes

MAY 21, 2023

Why ChatGPT security concerns are both overblown and valid Artificial intelligence (AI) was once a science fiction cautionary tale—stories consistently warned against designing machines capable of surpassing human ingenuity. The program can help close the security knowledge gap by assisting in employee training.

Cybersecurity

Cybersecurity Artificial Intelligence Social Engineering Engineering

Why Were the Russians So Set Against This Hacker Being Extradited?

Krebs on Security

NOVEMBER 18, 2019

Burkov calls himself a specialist in information security and denies having committed the crimes for which he’s been charged. A screen shot from the Mazafaka cybercrime forum, circa 2011. DirectConnection, circa 2011. authorities, and that the Russian government is probably concerned that he simply knows too much.

Cybercrime

Cybercrime Government Hacking Banking

Cyber Security Informer

Hackers threaten to leak a copy of the World-Check database used to assess potential risks associated with entities

Twitter Fined $150 Million for Misuse of 2FA User Data

Trending Sources

CISA adds 12 new flaws to its Known Exploited Vulnerabilities Catalog

Russia-linked threat actors targets critical infrastructure, US authorities warn

NUVOLA: the new Cloud Security tool

Key aerospace player Safran Group leaks sensitive data

Ready to move to the cloud? Here’s what you need to do when vetting service providers

Hundreds of millions of Facebook users’ phone numbers exposed online

Checkra1n, a working iPhone Jailbreak, was released

The Essential Guide to Radio Frequency Penetration Testing

Introducing our new CISO Advisor, Pam Lindemeon

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Iran-linked Phosphorus group hit a 2020 presidential campaign

FISMA vs. FedRAMP in Government Cybersecurity

The Hacker Mind Podcast: Hacking Healthcare

The Hacker Mind Podcast: Hacking Healthcare

Updates from the MaaS: new threats delivered through NullMixer

Detecting and Preventing Insider Threats in the Cloud

Maritime port cybersecurity

Army Cyber Defense Review: 'The Only Constant Is Change'

ChatGPT: Cybersecurity friend or foe?

Why Were the Russians So Set Against This Hacker Being Extradited?

Stay Connected