Schneier on Security

JANUARY 21, 2023

Publisher’s Weekly reviewed A Hacker’s Mind —and it’s a starred review! “Hacking is something that the rich and powerful do, something that reinforces existing power structures,” contends security technologist Schneier ( Click Here to Kill Everybody ) in this excellent survey of exploitation. Taking a broad understanding of hacking as an “activity allowed by the system that subverts the… system,” Schneier draws on his background analyzing wea

Hacking 177

Hacking Cybersecurity Marketing 177

Bleeping Computer

JANUARY 21, 2023

Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used to install further malware, steal passwords, or even cryptocurrency wallets. [.

Malware 137

Malware Phishing Cryptocurrency Passwords 137

Security Boulevard

JANUARY 21, 2023

For a third party, knowing what people from company X are asking of ChatGPT (or any other generative AI) could be quite interesting and profitable. The post Leaking company secrets via generative AIs like ChatGPT appeared first on Security Boulevard.

Social Engineering 113

Social Engineering CSO Engineering Hacking 113

Bleeping Computer

JANUARY 21, 2023

Riot Games, the video game developer and publisher behind League of Legends and Valorant, says it will delay game patches after its development environment was compromised. [.

Hacking 104

Hacking 104

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Affairs

JANUARY 21, 2023

Researchers warn of about 19,500 end-of-life Cisco VPN routers on the Internet that are exposed to the recently disclosed RCE exploit chain. Cisco recently warned of a critical vulnerability , tracked as CVE-2023-20025 (CVSS score of 9.0), that impacts small business RV016, RV042, RV042G, and RV082 routers. The IT giant announced that these devices will receive no security updates to address the bug because they have reached end of life (EoL).

Hacking 97

Hacking VPN Authentication Small Business 97

Security Boulevard

JANUARY 21, 2023

FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment for cloud technologies and federal agencies. Commercial cloud service providers wanting to sell their services to US Federal Agencies, their contractors or suppliers that are part of the […] The post Preparing for FedRAMP Certification and Authorization appeared first on Security Boulevard.

Government 78

Government Risk Technology 78

Bleeping Computer

JANUARY 21, 2023

A massive ad fraud operation dubbed 'Vastflux' that spoofed more than 1,700 applications from 120 publishers, mostly for iOS, has been disrupted by security researchers at cybersecurity company HUMAN. [.

Cybersecurity 75

Cybersecurity 75

WIRED Threat Level

JANUARY 21, 2023

Plus: A leaked US “no fly” list, the SCOTUS leaker slips investigators, and PayPal gets stuffed.

Surveillance 85

Surveillance Hacking 85

Security Boulevard

JANUARY 21, 2023

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Security ’22 – Anunay Kulshrestha, Jonathan Mayer – ‘Estimating Incidental Collection In Foreign Intelligence Surveillance: Large-Scale Multiparty Private Set Intersection with Union And Sum’ appeared first on Security Boulevard.

Surveillance 52

Surveillance InfoSec Cybersecurity Education 52

Security Boulevard

JANUARY 21, 2023

Publisher’s Weekly reviewed A Hacker’s Mind —and it’s a starred review! “Hacking is something that the rich and powerful do, something that reinforces existing power structures,” contends security technologist Schneier ( Click Here to Kill Everybody ) in this excellent survey of exploitation. Taking a broad understanding of hacking as an “activity allowed by the system that subverts the… system,” Schneier draws on his background analyzing weaknesses in cybersecurity to examine how those with pow

Hacking 52

Hacking Cybersecurity Marketing 52

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity