SC Magazine

FEBRUARY 4, 2021

While technically part of the c-suite, CISOs historically received less attention within a company than your average CEO or chief financial officer. CISOs] are in more conversations, they’re asked for input,” said Leo Taddeo, chief security officer for Cyxtera. Our profile is certainly getting higher. Failure to communicate.

CISO 115

CISO Digital transformation Insurance Risk 115

SC Magazine

APRIL 21, 2021

The hack of Words with Friends in 2019 was high-profile, but today’s columnist, Yuval Elddad of CYE, says CISOs at all gaming companies have to take a closer look at the growing threats to online gaming platforms. In 2019, Zynga’s popular online game, Words with Friends , was hacked, resulting in the breach of 218 million user accounts.

CISO 94

CISO Marketing Accountability Passwords 94

SC Magazine

MARCH 24, 2021

My guess is they’re probably not,” said Helen Patton, advisory CISO with Cisco’s Duo Security. “I Most CISOs, most organizations, were [focused on], ‘we’ve got to get people remote,'” said Turner. I suspect that security people, as is historically the case, will be stuck in react mode.” .

CISO 121

CISO Technology Wireless Cybercrime 121

Jane Frankland

OCTOBER 31, 2023

In this blog, I’ll be exploring some of the main cracks in current cybersecurity defence approaches specifically around Secure Operation Centres (SOCs) and the value that CISOs and ITDMs are currently getting from their internal teams and third-party providers. This is unsurprising considering today’s challenging business landscape.

CISO 147

CISO Threat Detection Cyber threats Cybercrime 147

The Last Watchdog

JANUARY 31, 2024

The rapidly growing number of non-human identities – such as service accounts, secrets, API keys, tokens and certificates – deployed in organizations’ hybrid and multi cloud environments poses a dual security and operational challenge. Media contact: Cameron Morrissey, cmorrissey@thisisoutcast.com , +44 7773 005644

CISO 100

CISO Accountability Cybersecurity Risk 100

SC Magazine

MARCH 11, 2021

In response, the non-profit has offered a glimpse into its work-in-progress “Accountability Framework,” designed to help relevant health care stakeholders take responsibility for keeping cyberspace secure by enforcing behavioral norms and also by understanding and rooting out the underlying causes when attacks do happen. “Too

Accountability 59

Accountability Healthcare Government CISO 59

Security Boulevard

JANUARY 18, 2024

This demand leads to the development of cybersecurity predictions which must take into account underlying drivers of the attackers, defenders, and technology where the battles will play out. The highly controversial regulation took effect at the end of 2023 and publicly owned businesses in 2024 are now held accountable for compliance.

Risk 115

Risk Cybersecurity CISO Technology 115

CyberSecurity Insiders

MAY 8, 2023

CISOs should expand the scope of vulnerability management programs so they are better able to decide in real-time if a CVE is indeed one of the 6 percent that demands immediate attention. The media picked up on the sense of urgency, and reports of the expected severity traveled worldwide at record speed. It never ends.

CISO 128

CISO Media Risk Software 128

The Last Watchdog

SEPTEMBER 1, 2020

Clark was arrested in late July and charged with masterminding the hijacking of the Twitter accounts of A-list celebrities, and then Tweeting from those accounts to pull off a Bitcoin scam. However, the Twitter Bitcoin hack highlights the capacity for social media to be abused for malicious purposes.

Hacking 138

Hacking Media Accountability CISO 138

Krebs on Security

OCTOBER 5, 2022

The fabricated LinkedIn identities — which pair AI-generated profile photos with text lifted from legitimate accounts — are creating major headaches for corporate HR departments and for those managing invite-only LinkedIn groups. Another “swarm” of LinkedIn bot accounts flagged by Taylor’s group.

Accountability 280

Accountability Scams Artificial Intelligence Cryptocurrency 280

SC Magazine

MARCH 19, 2021

CopperStealer is going after big service provider logins like social media and search engine accounts to spread additional malware or other attacks. Morgan said these threat actors have previously used compromised social media accounts to spread misinformation and influence operations on PRC events of strategic importance.

Malware 113

Malware Media Passwords Accountability 113

SecureWorld News

OCTOBER 15, 2020

It was the summer cyberattack that had social media buzzing. A group of teenagers used social engineering to breach Twitter's network and take over the accounts of a whole bunch of A-listers. New York should increase cybersecurity regulations as a result, especially for social media companies.

Social Engineering 95

Social Engineering Media Scams Financial Services 95

SecureWorld News

OCTOBER 28, 2022

LinkedIn has announced a new set of security features that will help verify user identity, remove fraudulent accounts, and boost authenticity, according to an official blog post from the company. It says this model will help remove fake accounts before they have a chance to connect with legitimate users.

CISO 78

CISO Accountability Scams Media 78

Security Affairs

NOVEMBER 6, 2020

According to local media, Brazilian president Jair Bolsonaro announced that the authorities have identified the threat actors behind the attack. Brazilian media outlet CISO Advisor claims it has viewed an internal report on the security breach incident that suggests the threat actor was a cybercrime organization financially motivated.

Ransomware 103

Ransomware CISO Encryption Cyber Attacks 103

The Last Watchdog

FEBRUARY 15, 2021

Companies must take this into account and consider extending employee training to also promote security and privacy habits among all family members, especially children. For client-facing efforts, drive foot traffic or media attention with family-focused educational events in your community. Want to show thought leadership?

Education 203

Education CISO Security Awareness Cybersecurity 203

SC Magazine

JULY 9, 2021

Cyber thought leaders were quick to acknowledge the importance of continued cooperation across federal, state and local jurisdictions, though several CISOs suggested that there wasn’t too much new ground covered and recommended ways the federal and state governments and private industry could do even more to assist overwhelmed municipalities.

CISO 80

CISO Government Cryptocurrency Ransomware 80

CyberSecurity Insiders

JULY 21, 2021

By: Matt Lindley, COO and CISO at NINJIO. Ensure that account credentials are secure. This is because credentials can be used to access a vast pool of sensitive data, from bank account numbers to healthcare records, which is why they’re involved in 61 percent of breaches. Let’s take a closer look at a few of those habits.

Social Engineering 145

Social Engineering Password Management Passwords Phishing 145

eSecurity Planet

DECEMBER 19, 2023

Government actions will increase: Expect more government regulations, state-sponsored cyberattacks, and increased documentation required to protect CISOs. Social media will become even more of a cesspool of AI and human-created garbage.” This will include synthetic written, spoken, and potentially even image or video content.

Cybersecurity 140

Cybersecurity CISO Government Technology 140

Jane Frankland

DECEMBER 7, 2023

It’s where attackers work search engine rankings or paid social media content by employing deceptive techniques such as keyword stuffing, hidden text, link farms, or other unethical practices to drive traffic to their websites and gain undeserved visibility in search engine results.

Cybersecurity 130

Cybersecurity Cyber threats Insurance Artificial Intelligence 130

The Last Watchdog

MARCH 6, 2020

Related: How ‘credential stuffing’ enables online fraud As a result, some CEOs admit they’ve stopped Tweeting and deleted their LinkedIn and other social media accounts – anything to help reduce their organization’s exposure to cyber criminals. That’s the ‘cheat code’ for CISO success. I’ll keep watch.

CISO 185

CISO VPN Digital transformation Internet 185

SecureWorld News

MARCH 9, 2023

In this fireside chat , O'Neill speaks with Abnormal Security CISO Mike Britton about today's security threats and how to protect your corporate data. O'Neill was part of the Special Surveillance Group as an FBI investigator and spent his life undercover 24-7. And earn 1 CPE credit in the process.

Surveillance 72

Surveillance Scams Data privacy CISO 72

SC Magazine

MARCH 2, 2021

They violated our password policies and they posted that password… on their own private GitHub account. Identify and access management is the dirty work performed down in the trenches of our cybersecurity programs,” said Rick Holland, CISO and vice president of strategy at Digital Shadows. That means not making an intern a scapegoat.

Passwords 129

Passwords Password Management CISO InfoSec 129

SC Magazine

JULY 13, 2021

The company’s investigation determined that social security numbers, driver’s license numbers, passport numbers and/or financial account numbers may have been accessed or acquired. The post Fashion brand Guess hacked, DarkSide ransomware group the likely culprit appeared first on SC Media.

Retail 102

Retail Ransomware Hacking Digital transformation 102

The Last Watchdog

AUGUST 19, 2021

Compromising that could make other unrelated accounts vulnerable. Account takeovers can be used to steal money at its very root; and fraudsters can also use this to access loyalty accounts for airlines, hotels, etc., as well as insurance and merchant accounts, to commit insurance fraud and wire fraud.

Mobile 306

Mobile Data breaches Authentication Accountability 306

Troy Hunt

SEPTEMBER 17, 2019

But it's not necessarily that bad, and here's why: Password Limits on Banks Don't Matter That very first tweet touched on the first reason why it doesn't matter: banks aggressively lock out accounts being brute forced. However, after 3 attempts of entering an Access Code your account will be blocked. Any thoughts?

Banking 237

Banking Passwords Accountability Authentication 237

SC Magazine

MARCH 29, 2021

Lance Spitzner, director of SANS Security Awareness, confirmed to SC Media that survey-takers qualified as security awareness pros if they confirmed that they are either dedicated full-time to security awareness or a contributor only helping with awareness.). Brian Johnson, chief security officer at Armorblox, and former CISO at LendingClub.

Security Awareness 104

Security Awareness InfoSec CISO Media 104

Duo's Security Blog

MAY 23, 2023

Compromised or stolen credentials is the second most common type of cybersecurity incident accounting for 27% of reported breaches, according to the Office of the Australian Information Commissioner (OAIC). Today, we cover best practices for an environment that has been compromised. From the OAIC Notifiable Data Breaches Report 2.

Authentication 117

Authentication Passwords Data breaches Phishing 117

eSecurity Planet

JANUARY 5, 2023

The LockBit threat group is the biggest source of ransomware and RaaS attacks, accounting for 44% of successful ransomware attacks in 2022, according to Trustwave SpiderLabs in a new report released today. “All of this means cyber risk continues to escalate and that CISOs need to be just as nimble and methodical as the adversary.”.

Ransomware 145

Ransomware CISO Software Cybercrime 145

SC Magazine

MARCH 12, 2021

The pandemic has challenged CISOs worldwide to adapt their security strategies—often years early—to create a safe work-from-home environment. CISOs need to promptly identify risky behavior and determine whether that threat warrants additional research. Global Resident CISO, Proofpoint, Inc. Technology: Work smarter, not harder.

Technology 86

Technology CISO Risk Government 86

Adam Levin

AUGUST 21, 2019

Bob from accounting goes on vacation with his laptop, and the next thing you know, millions of customers get hacked. Tortoises have no finances and, taken as a genus, they rarely have names and social media accounts. When they do have names and Instagram accounts, there’s a hackable human somewhere nearby.

Phishing 138

Phishing Accountability Cybersecurity Hacking 138

IT Security Guru

APRIL 15, 2021

Despite this, however, younger people also demonstrate relatively advanced cybersecurity hygiene, such as having alias accounts for email and social media. And it falls to the CISO to make this happen. It’s clear low levels of cybersecurity hygiene are down to more than just life stage factors. How do you know?

Cybersecurity 98

Cybersecurity CISO Passwords Cyber Risk 98

McAfee

OCTOBER 31, 2021

We love our social media. Equally, direct messages have been used by groups to take control over influencer accounts to promote messaging of their own. The potential impacts and implications for an executive or company that had their social media channels targeted by threat actors are endless. By Raj Samani. But guess what?

Cybercrime 115

Cybercrime Government Malware Media 115

SC Magazine

JANUARY 29, 2021

If or when more attacks are uncovered, end-user organizations will need to apply the lessons learned from SolarWinds and prepare to take swift and decisive action, infosec experts agreed in a series of interviews with SC Media. SC Media reached out to SonicWall, which continues to decline comment at this time.

InfoSec 97

InfoSec CISO Media Software 97

SC Magazine

MAY 12, 2021

If targets later tried to withdraw funds or close the account, the attackers would block access. Joseph Carson, chief security scientist and Advisory CISO at ThycoticCentrify, said employees continue to fall for these scams because the notices are so authentic looking and it’s difficult to tell the difference from the real app.

Scams 62

Scams Cryptocurrency Social Engineering Banking 62

eSecurity Planet

JUNE 30, 2021

“Using email addresses provided in the records, hackers may attempt to access users’ accounts using various combinations of common password characters.” ” The company added, “This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review.”

Hacking 112

Hacking Social Engineering Identity Theft Data breaches 112

CyberSecurity Insiders

MARCH 13, 2022

Sensitive information, such as personally identifiable information (PII), protected health information (PHI), controlled unclassified information (CUI), federal contract information (FCI), and personal account numbers (PANs), should be protected by ensuring they are never sent by end-user messaging technologies (e.g.,

Encryption 134

Encryption Firewall Computers and Electronics Wireless 134

SC Magazine

MARCH 26, 2021

In essence, the attacker can take any action the System account can take. Joseph Carson, chief security scientist and Advisory CISO at Thycotic, said the latest findings are not surprising, especially after the recent highly-visible serious security incident experienced by SolarWinds.

Authentication 122

Authentication CISO Media Engineering 122