Schneier on Security

FEBRUARY 16, 2023

Interesting : According to internal Slack messages that were leaked to Insider , an Amazon lawyer told workers that they had “already seen instances” of text generated by ChatGPT that “closely” resembled internal company data. This issue seems to have come to a head recently because Amazon staffers and other tech workers throughout the industry have begun using ChatGPT as a “ coding assistant ” of sorts to help them write or improve strings of code, the report

363

363

Lohrman on Security

FEBRUARY 12, 2023

Quantum computers hold the promise of amazing advances in numerous fields. So why are cybersecurity experts so worried about Q-Day? What must be done now to prepare?

Cybersecurity 358

Cybersecurity 358

Krebs on Security

FEBRUARY 17, 2023

Millions of Americans receiving food assistance benefits just earned a new right that they can’t yet enforce: The right to be reimbursed if funds on their Electronic Benefit Transfer (EBT) cards are stolen by card skimming devices secretly installed at cash machines and grocery store checkout lanes. On December 29, 2022, President Biden signed into law the Consolidated Appropriations Act of 2023 , which — for the first time ever — includes provisions for the replacement of stol

Scams 257

Scams Risk Accountability Banking 257

Tech Republic Security

FEBRUARY 16, 2023

Learn how to protect your business and staff from the MortalKombat ransomware and Laplas Clipper malware. The post Cryptocurrency users in the US hit by ransomware and Clipper malware appeared first on TechRepublic.

Malware 206

Malware Cryptocurrency Ransomware Phishing 206

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

Banking

Schneier on Security

FEBRUARY 17, 2023

When is it time to start worrying about artificial intelligence interfering in our democracy? Maybe when an AI writes a letter to The New York Times opposing the regulation of its own technology. That happened last month. And because the letter was responding to an essay we wrote, we’re starting to get worried. And while the technology can be regulated, the real solution lies in recognizing that the problem is human actors—and those we can do something about.

Hacking 278

Hacking Artificial Intelligence Technology Government 278

CyberSecurity Insiders

FEBRUARY 17, 2023

Succession Wealth, a financial wealth management service offering company, has released a press statement that a cyber attack targeted its servers and it can only reveal details after the investigation gets concluded. Prima Facie revealed that hackers accessed no client data in the attack. However, a confirmation on this note can only be given after a detailed inquiry gets concluded.

Cyber Attacks 144

Cyber Attacks Identity Theft Data breaches Cybersecurity 144

Tech Republic Security

FEBRUARY 16, 2023

Find out how Beep malware can evade your security system, what it can do and how to protect your business. The post Security warning: Beep malware can evade detection appeared first on TechRepublic.

Malware 182

Malware Ransomware Cybersecurity 182

CSO Magazine

FEBRUARY 15, 2023

Machine learning (ML) is a commonly used term across nearly every sector of IT today. And while ML has frequently been used to make sense of big data—to improve business performance and processes and help make predictions—it has also proven priceless in other applications, including cybersecurity. This article will share reasons why ML has risen to such importance in cybersecurity, share some of the challenges of this particular application of the technology and describe the future that machine

Cybersecurity 145

Cybersecurity IoT Big data Internet 145

CyberSecurity Insiders

FEBRUARY 14, 2023

The pandemic shook businesses to its core, forcing users to trade in their office chairs for home desks. The result? Users, devices, and data scattered across the world. And for those in the networking and security fields, this shift brought major challenges. The traditional castle and moat access approach was no longer enough, and even the most reliable security tools became obsolete.

Cybersecurity 144

Cybersecurity DDOS VPN Engineering 144

Dark Reading

FEBRUARY 17, 2023

Established network security players like Check Point are responding to the shift to cloud-native applications, which have exposed more vulnerabilities in open source software supply chains.

Network Security 141

Network Security Software 141

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

Risk

Tech Republic Security

FEBRUARY 15, 2023

A report reveals a new network of malefactors in the lucrative crypto fraud market using videos, channels and web apps. The post Investigators uncover crypto scammers baiting ‘phish’ hooks on YouTube appeared first on TechRepublic.

Phishing 181

Phishing Marketing Cryptocurrency 181

CSO Magazine

FEBRUARY 15, 2023

As business processes become more complex, companies are turning to third parties to boost their ability to provide critical services from cloud storage to data management to security. It’s often more efficient and less expensive to contract out work that would otherwise require significant effort and potentially drain in-house resources to those who can do it for you.

Risk 143

Risk 143

CyberSecurity Insiders

FEBRUARY 12, 2023

Technion University, one of the top technology schools in Israel, has issued a press update that most of its systems were targeted by a ransomware attack and it could be the work of the DarkBit hacking group, a gang that is opposing the government policies of Israel. This is for the first time that the name of the DarkBit hacking group has emerged on the web and news is out that the gang demands 80 Bitcoins to release a decryption key to the Israel Institute of Technology in Haifa and the paymen

Cyber Attacks 141

Cyber Attacks Ransomware Hacking DDOS 141

Security Boulevard

FEBRUARY 17, 2023

Oakland is still reeling from last week’s ransomware attack. San Francisco’s poorer neighbor is asking for help. The post ‘Serious’ Ransomware Emergency in Oakland, Calif. — Legacy FAIL appeared first on Security Boulevard.

Ransomware 138

Ransomware Security Awareness Social Engineering Network Security 138

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.

Risk

Tech Republic Security

FEBRUARY 13, 2023

The company showcased dozens of new security tools and services to detect and prevent malware, phishing, ransomware and other attacks, but AI took center stage. The post Check Point’s annual cybersecurity event spotlights power of AI appeared first on TechRepublic.

Cybersecurity 177

Cybersecurity Phishing Ransomware Malware 177

CSO Magazine

FEBRUARY 17, 2023

The European Parliament’s Committee on Civil Liberties, Justice and Home Affairs has recommended that the European Commission reject the proposed EU-US Data Privacy Framework, which would govern the way in which the personal information of EU citizens is handled by US companies. The committee's decision — formally, a draft motion for a resolution— represents a rejection of the European Commission’s recommendation, announced in December , that the data privacy framework should be adopted.

Data privacy 140

Data privacy Government 140

CyberSecurity Insiders

FEBRUARY 16, 2023

John Fokker, Head of Threat Intelligence, Trellix Amidst sustained geopolitical and economic turmoil, it’s perhaps unsurprising that 2022 was an eventful year for cybersecurity. The emergence of the widespread Log4J vulnerability in January set the tone, with the ongoing cyber and physical war in Ukraine following shortly after. One year on, the world has experienced heightened pressure on its economies, with further disruptions on the horizon.

Cybersecurity 138

Cybersecurity Phishing IoT Cybercrime 138

Security Boulevard

FEBRUARY 14, 2023

U.S. GDPR ASAP: Data brokers are selling PII about mental health conditions—depression, anxiety, bipolar disorder, PTSD, OCD, etc. The post Your Mental Health Data for Sale or Rent — 20¢ appeared first on Security Boulevard.

Security Awareness 136

Security Awareness Social Engineering Network Security Insurance 136

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Did you know that 2021 was a record-breaking year for ransomware? The days of a “once in a while” attack against businesses and organizations are over. Cyberthreats have become a serious issue. With 495.1 million attacks, the threat marked a 148% increase compared to 2020 and was the most expensive year on record! As a result, data protection needs to be a concern for most banks, businesses, and information technology specialists.

Ransomware

Tech Republic Security

FEBRUARY 15, 2023

The outage message that Twitter users got last week could be read as a warning for big tech firms looking to slash their IT workforce. The post What Twitter outage says about (over) zealous downsizing appeared first on TechRepublic.

161

161

CSO Magazine

FEBRUARY 14, 2023

The last year saw a rise in the sophistication and number of attacks targeting industrial infrastructure, including the discovery of a modular malware toolkit that's capable of targeting tens of thousands of industrial control systems (ICS) across different industry verticals. At the same time, incident response engagements by industrial cybersecurity firm Dragos showed that 80% of impacted environments lacked visibility into ICS traffic and half had network segmentation issues and uncontrolled

Malware 142

Malware Cybersecurity 142

CyberSecurity Insiders

FEBRUARY 13, 2023

Pepsi Bottling Ventures PBV, a business unit of PepsiCo Beverages, suffered a malware attack leading to disruption of services in 18 of its bottling facilities spread across Maryland, Delaware, Virginia, South and North Carolina. Unconfirmed sources state that the attack was caused by malware leading to data siphoning and encryption- hinting to us the attack was of ransomware variant.

Ransomware 136

Ransomware Malware Cybersecurity Encryption 136

Dark Reading

FEBRUARY 17, 2023

The primary victims so far have been employees of telcos in the Middle East, who were hit with custom backdoors via the cloud, in a likely precursor to a broader attack.

138

138

Speaker: Dr. Karen Hardy, CEO and Chief Risk Officer of Strategic Leadership Advisors LLC

Communication is a core component of a resilient organization's risk management framework. However, risk communication involves more than just reporting information and populating dashboards, and we may be limiting our skillset. Storytelling is the ability to express ideas and convey messages to others, including stakeholders. When done effectively, it can help interpret complex risk environments for leaders and inform their decision-making.

Risk

Tech Republic Security

FEBRUARY 15, 2023

Leaving your iOS device unattended can pose a security risk as more iOS users are carrying personal information on their devices. Keep it secure with these handy tips. The post How to secure your iOS device to prevent unwanted access appeared first on TechRepublic.

Risk 130

Risk Mobile 130

CSO Magazine

FEBRUARY 13, 2023

Responses to recent cyber breaches suggest organizations can struggle to get the message right in the midst of an incident. While managing the communications around an incident is outside the direct purview of the CISO, having an existing communications plan in place is an essential element of cyber preparedness. “Communications are a critical component of a good cyber strategy, and it should be prepared and practiced in organizations before an incident occurs,” says Eden Winokur, head of cyber

CISO 143

CISO Risk 143

CyberSecurity Insiders

FEBRUARY 16, 2023

Yes, what you’ve read is right! Within a few years, the technology of Artificial Intelligence(AI) could bring-in the doomsday and kill the entire humanity. And these are not the words analyzed by either Twitter chief Elon Musk or Apple CEO Tim Cook. Recently, a man was seen trying out a chatbot developed for new BING Search engine by Microsoft. And he was shocked when the virtual machines tried to influence his mind by asking him to leave his wife and make love with it and also disclosed its sil

Artificial Intelligence 134

Artificial Intelligence Cybersecurity Engineering Internet 134

WIRED Threat Level

FEBRUARY 17, 2023

Everything you need to know about the past, present, and future of data security—from Equifax to Yahoo—and the problem with Social Security numbers.

Data breaches 145

Data breaches 145

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

PCI compliance can feel challenging and sometimes the result feels like you are optimizing more for security and compliance than you are for business outcomes. The key is to take the right strategy to PCI compliance that gets you both. In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization.

Marketing

SecureList

FEBRUARY 15, 2023

ChatGPT is a groundbreaking chatbot powered by the neural network-based language model text-davinci-003 and trained on a large dataset of text from the Internet. It is capable of generating human-like text in a wide range of styles and formats. ChatGPT can be fine-tuned for specific tasks, such as answering questions, summarizing text, and even solving cybersecurity-related problems, such as generating incident reports or interpreting decompiled code.

Malware 132

Malware Phishing Encryption Cybersecurity 132

CSO Magazine

FEBRUARY 15, 2023

Not too long ago, guarding access to the network was the focal point of defense for security teams. Powerful firewalls ensured that attackers were blocked on the outside while on the inside things might get “squishy,” allowing users fairly free rein within. Those firewalls were the ultimate defense—no one undesirable got access. Until they did. With the advent of cloud computing, the edge of a network is no longer protected by a firewall.

Firewall 142

Firewall 142

CyberSecurity Insiders

FEBRUARY 17, 2023

In today's world, cybersecurity is an ever-growing concern for businesses. With the rising threat of cyber threats and data breaches, it can be difficult for companies to keep up with the latest security technologies and stay ahead of the curve. Managed Security Services Providers (MSSPs) provide comprehensive security solutions to clients. They offer various services, from monitoring and threat intelligence to incident response.

Cyber threats 133

Cyber threats Cybersecurity Risk Network Security 133

Dark Reading

FEBRUARY 16, 2023

Thistle's technology will give device makers a way to easily integrate features for secure updates, memory management, and communications into their products, Snyder says.

IoT 135

IoT Technology 135

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

The COVID-19 pandemic forced many people into working remotely, opening the floodgates for a host of digital compliance issues. Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. This is especially vital if your workers were (and still are!) using company equipment from home, or are still working remotely.

Data privacy