Anton on Security

AUGUST 30, 2023

So, if you are too busy to read our amazing (duh!) You can do this, using ̶p̶o̶w̶e̶r̶f̶u̶l̶ ̶A̶I̶ ̶v̶o̶o̶d̶o̶o̶ ̶m̶a̶g̶i̶c̶ many of the approaches and practices ( our blog again has the details ) that you should have started doing years ago, but most never did. Don’t just read this blog about the blog, just read the blog.

Firewall 130

Firewall Software Threat Detection Cybersecurity 130

Krebs on Security

APRIL 3, 2024

In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about their work, claiming the group had turned over a new leaf and gone legitimate. Since that story ran, KrebsOnSecurity has heard from this Saim Raza identity on two occasions. “Why you post us? . “Why you post us?

Phishing 215

Phishing Cybercrime Malware Advertising 215

The Last Watchdog

SEPTEMBER 14, 2023

Leveraging WebAssembly’s sandboxing capabilities allows us to isolate potential risks, while Rust provides the memory safety essential for our modern internet applications. Our major platforms, tools integral to modern life, are now used as vehicles for misinformation and chaos.

Internet 291

Internet Internet Technology Risk 291

Troy Hunt

OCTOBER 20, 2021

The full tale of what I first did (and how disastrous it ultimately became), is up front early in the book so I won't relay it here, but it's quite the story. I'm even in the story of how it became the internet's favourite taunt , again, somehow. The book title - Pwned - also seemed like a natural fit. Somehow. "Somehow"

Data breaches 318

Data breaches Internet Internet 318

Jane Frankland

MARCH 12, 2024

Could these two seemingly synonymous words actually spell out different narratives in the screenplay of our lives? It buys us smiles, polite nods, and superficial harmony. It’s the glossy finish on the surface of our day-to-day exchanges. But is there more to it? ” “Nice to meet you!”—the Why Draw a Line?

Cyber Attacks 162

Cyber Attacks Authentication 162

Anton on Security

JANUARY 10, 2024

So, we ( Tim and Anton , the crew behind the podcast ) wanted to post another reflections blog based on our Cloud Security Podcast by Google being almost 3 (we will be 3 years old on Feb 11, 2024, to be precise), kind of similar to this one. But we realized we don’t have enough new profound reflections…. We do have a few fun new things!

Cloud Migration 130

Cloud Migration Government Network Security Risk 130

Malwarebytes

FEBRUARY 6, 2024

When I was asked to write about the topic, I misunderstood the question and heard: “can you cover save the internet” and we all agreed that it might be too late for that. While we laughed about it, it made me think. The internet has been around for quite some time now, and most of us wouldn’t know what to do without it.

Internet 85

Internet Internet Media Artificial Intelligence 85

Krebs on Security

AUGUST 19, 2021

Reached via LinkedIn, Sociogram founder Oluwaseun Medayedupin asked to have his startup’s name removed from the story, although he did not respond to questions about whether there were an inaccuracies in Hassold’s report. Open our letter at your email. Image: Abnormal Security. billion in 2020. Image: FBI.

Ransomware 357

Ransomware Social Engineering Cybercrime Scams 357

Krebs on Security

OCTOBER 5, 2022

“It’s hit like hell since about January of this year. Virtually all of these profiles were removed from LinkedIn after KrebsOnSecurity tweeted about them last week. “I wrote our LinkedIn rep and said we were considering closing the group down the bots were so bad,” Miller said.

Accountability 265

Accountability Scams Artificial Intelligence Cryptocurrency 265

Adam Shostack

DECEMBER 16, 2020

As we look at what’s happened with the Russian attack on the US government and others via Solarwinds, I want to shine a spotlight on a lesson we can apply to threat modeling. An example of asset-driven thinking leads the article Hack may have exposed deep US secrets; damage yet unknown. But you know what? They have their own.

Government 182

Government Hacking 182

Schneier on Security

MAY 16, 2019

As we mentioned before, ASUS was not the only company used by the attackers. Studying this case, our experts found other samples that used similar algorithms. And this reminds us of an attack that we reported on a year ago: the CCleaner incident. Me on supply chain security.

Malware 241

Malware 241

Security Boulevard

JUNE 25, 2023

Paul Asadoorian, OG security podcaster and host of the popular Paul’s Security Weekly podcast, joins us in this episode to talk about his career as one of the original security podcasters. The post Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian appeared first on Security Boulevard.

Firmware 52

Firmware Hacking Internet Internet 52

Jane Frankland

MARCH 8, 2024

International Women’s Day is one of those annual landmarks that shouldn’t just be about the magnolia-laden rhetoric and floral tributes. It’s a day that should starkly remind us of the work left undone, the chasms unbridged, and the opportunities squandered due to the gender divide. Who’s Asking the Right Question?

Banking 130

Banking Government Technology Cybersecurity 130

Schneier on Security

MARCH 18, 2022

When it comes to the measures intended to keep us safe from COVID-19, I don’t even have to look very hard. The fact that these measures are flawed is precisely why they’re going to be so helpful in getting us past the pandemic. But when we’re talking about milder attacks, the balance is less obvious. But I’m not alarmed.

Banking 271

Banking Surveillance Cybersecurity 271

Security Boulevard

APRIL 11, 2024

Moderately relevant AI made image about AI papers :-) steampunk ofc! Recently our team has written several papers and blogs focused on securing AI. experts on this here and they’re not us. The post Our Security of AI Papers and Blogs Explained appeared first on Security Boulevard.

Artificial Intelligence 62

Artificial Intelligence Government Risk Technology 62

Cisco Security

APRIL 26, 2022

For my very first interview for the Security Stories podcast , I met a wonderful person called Mick Jenkins, MBE. Mick is sadly no longer with us, but his story will stay with me forever. Improvise, adapt, overcome” are the words he used. When I’m going through a tough time, I think about how I can change the story.

CISO 111

CISO Data privacy Cybersecurity Technology 111

Malwarebytes

SEPTEMBER 24, 2021

But what really caught our attention was that the fake security alert came from the phone number that the real Uber uses to send us messages. A useful reminder that the padlock tells us our connection to the site is secure, but says nothing whatsoever about how secure or trustworthy a site is.

Scams 115

Scams Accountability Passwords Banking 115

Krebs on Security

FEBRUARY 17, 2020

This will happen due to the fact that we’re about to flood your site with huge amount of direct bot generated web traffic with 100% bounce ratio and thousands of IP’s in rotation — a nightmare for every AdSense publisher.

Scams 325

Scams Advertising Accountability Web Fraud 325

Kali Linux

FEBRUARY 27, 2024

As this is our the first release of the year, it does include new visual elements! Along with this we also have some exciting new mirrors to talk about, and of course some package changes - both new tools and upgrades to existing ones. Here’s the story. Hello 2024! Today we are unveiling Kali Linux 2024.1.

Software 145

Software Firmware VPN Internet 145

Malwarebytes

MARCH 13, 2023

By just a few messages later, "Thomas Smith" had run off, refusing to respond to Holmes' follow-up requests about what body part she fancied, along with her preferred seasoning (paprika). In 2022, the US Federal Trade Commission reported that, in the five years prior, victims of romance scams had reported losing a collective $1.3

Scams 94

Scams Malware Accountability Cybersecurity 94

Anton on Security

DECEMBER 21, 2021

First, for many security operations teams automation in a SOC is about saving time by automating routine tasks. To me, this constitutes current conventional wisdom about automation in your SOC. So people often point out that the value of automation is about saving time. Think about it?—?it’s evolving automation.

Engineering 338

Engineering Phishing Technology Ransomware 338

Cisco Security

JUNE 13, 2022

In cyber security, we are used to two types of stories. The first story is common for reports written by humans. It contains sections such as “impact,” “reproduction,” and “remediation” to help us understand what is at stake and what we need to fix. The second story comes from machine detections. The challenge.

DNS 106

DNS Engineering Authentication Malware 106

The Last Watchdog

APRIL 30, 2023

Rising from the din of 625 vendors, 700 speakers and 26,000 attendees came the clarion call for a new tier of overlapping, interoperable, highly automated security platforms needed to carry us forward. about the role of advanced wearable authentication devices, going forward. stronger together.’ We feel lost without them.

Mobile 238

Mobile Cloud Migration Penetration Testing Authentication 238

Malwarebytes

SEPTEMBER 11, 2023

Children have always inherited some of their identities from their parents—consider that two of the largest indicators for political and religious affiliation in the US are, no surprise, the political and religious affiliations of someone’s parents—but the transfer of online identity poses unique risks. Tune in today.

Internet 96

Internet Internet Passwords Accountability 96

Schneier on Security

APRIL 26, 2021

If you don’t have enough to worry about already, consider a world where AIs are hackers. They look at more types of solutions than us. We learned about this hacking problem as children with the story of King Midas. Genies are very precise about the wording of wishes, and can be maliciously pedantic.

Hacking 359

Hacking Artificial Intelligence Government Engineering 359

Security Through Education

OCTOBER 4, 2023

I came into the social engineering (SE) world hearing stories about speedy getaways at midnight, running from alarms, nearly driving off cliffs. Photo by Alexandr Gerdt on Unsplash Preparation Equals Success The month before we went on this job, we used Open-Source Intelligence (OSINT) to research our target buildings.

Social Engineering 97

Social Engineering Engineering Internet Internet 97

Krebs on Security

MARCH 8, 2021

Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion. When did Microsoft find out about attacks on previously unknown vulnerabilities in Exchange? 6, and officially informed Microsoft about it on Feb. Reston, Va.-based

Hacking 359

Hacking Technology Software 359

CSO Magazine

NOVEMBER 8, 2021

It’s even hit the point where major news outlets are writing about it. And why should a CSO care about it? To get a sense of it, think about the show Alter Ego , a talent competition (à la “The Voice”) that allows people who feel encumbered by their physical appearance to sing “behind” their avatar. The metaverse.

CSO 112

CSO Internet Internet 112

Security Boulevard

DECEMBER 22, 2022

Cloud Security Podcast — Two Years Later or Our Year-End Reflections for 2022! We have been running our Cloud Security Podcast by Google for almost 2 years ( TWO YEARS! ) We seem to have removed the curse of AI  — namely that our first 2 episodes on securing AI ( “EP52 Securing AI with DeepMind CISO” and “EP68 How We Attack AI?

Cloud Migration 135

Cloud Migration CISO Artificial Intelligence Architecture 135

Krebs on Security

NOVEMBER 17, 2022

” Peter, who spoke candidly about the attack on condition of anonymity, said the FBI told him to contact a cybersecurity consulting firm in New Jersey called Unit 221B , and specifically its founder — Lance James. A general Unit 221B rule of thumb around our offices is: Don’t [REDACTED] with the homeless or sick!

Ransomware 306

Ransomware Encryption Backups Healthcare 306

Pen Test Partners

JANUARY 8, 2024

Intelligence, espionage, technological advancements and other learnings from our annual company conference at the historic and underappreciated Latimer House. Loose lips [might] sink ships ” was a phrase used in UK propaganda posters in WWII. It hasn’t had enough recognition and I think that needs shouting about.

Computers and Electronics 112

Computers and Electronics Risk Technology Manufacturing 112

Anton on Security

DECEMBER 8, 2023

In recent weeks, coincidentally, I’ve had several conversations that reminded me about the confusion related to “modern SOC.” It is tempting to point at that approach, as we did in our original ASO paper , as the best model for modern “SOC” (even if you don’t want to call it “a SOC”, because the letter “O” is not truly relevant anymore).

Engineering 130

Engineering Phishing 130

Krebs on Security

MAY 2, 2023

Rather, the terms state that FederalJobsCenter is affiliated with an entity called US Job Services , which says it is based in Lawrenceville, Ga. “US Job Services provides guidance, coaching, and live assistance to postal job candidates to help them perform better in each of the steps,” the website explains.

Marketing 259

Marketing Advertising Scams Telecommunications 259

Krebs on Security

SEPTEMBER 30, 2023

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. “I’ve been using this login since about 2013 on all the forums where I register, and I don’t always set a strong password. .

Ransomware 212

Ransomware Accountability Cybercrime Backups 212

The Last Watchdog

APRIL 28, 2023

Related: Demystifying ‘DSPM’ Rising from the din of 625 vendors, 700 speakers and 26,000 attendees came the clarion call for a new tier of overlapping, interoperable, highly automated security platforms needed to carry us forward. about the role of advanced wearable authentication devices, going forward. stronger together.’

Mobile 212

Mobile Cloud Migration Penetration Testing Authentication 212

Malwarebytes

SEPTEMBER 27, 2023

Let's take a closer look at what real users said about using Malwarebytes MDR. Easiest to Use, Easiest Admin Malwarebytes MDR builds on the award-winning user experience of Malwarebytes Endpoint Detection and Response (EDR), enabling customers to seamlessly communicate with Malwarebytes MDR Analysts for recommendation and guidance.

Marketing 81

Marketing Cyber threats Insurance Ransomware 81

Digital Shadows

AUGUST 23, 2021

We spoke about this pretty recently on our US edition of the ShadowTalk podcast, but there was a story that. The post No Honor Among Thieves: Scamming the Scammers first appeared on Digital Shadows.

Scams 57

Scams Cybercrime Ransomware 57