Accountability, CSO and Hacking - Cyber Security Informer

CSO's ultimate guide to security and privacy laws, regulations, and compliance

CSO Magazine

JANUARY 28, 2021

CSO's ultimate guide to security and privacy laws, regulations, and compliance Security and privacy laws, regulations, and compliance: The complete guide This directory includes laws, regulations and industry guidelines with significant security and privacy impact and requirements. Health Insurance Portability and Accountability Act (HIPAA).

CSO

CSO Financial Services Consumer Protection Data privacy

The Microsoft Exchange Server hack: A timeline

CSO Magazine

MAY 6, 2021

Over the next few days, over 30,000 organizations in the US were attacked as hackers used several Exchange vulnerabilities to gain access to email accounts and install web shell malware , giving the cybercriminals ongoing administrative access to the victims' servers.

Hacking

Hacking CSO Accountability Malware

Okta revealed that its private GitHub repositories were hacked this month

Security Affairs

DECEMBER 21, 2022

American identity and access management giant Okta revealed that that its private GitHub repositories were hacked this month. Okta revealed that its private GitHub repositories were hacked this month, the news was first reported by BleepingComputer which had access to ‘confidential’ email notification sent by Okta.

Hacking

Hacking CSO Data breaches Engineering

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Podcast Episode 113: SAP CSO Justin Somaini and Election Hacks – No Voting Machines Required!

The Security Ledger

SEPTEMBER 25, 2018

Everybody worries about hacked voting machines. In this week’s podcast (#113): Everybody worries about hacked voting machines. A shadowy hacking group calling itself the “Broken Eagle Task Force” (or BETF) is protesting the ‘global order,’ and looking to disrupt voting within the city’s environs. SAP CSO Justin Somaini.

CSO

CSO Hacking Security Awareness Password Management

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Shah provides her expertise in hacking, software development, and kernel development and advocates for open source initiatives. — Dave Kennedy (@HackingDave) July 15, 2020. .

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Atomic Wallet hack leads to at least $35M in stolen crypto assets

CSO Magazine

JUNE 5, 2023

A cyberattack on crypto wallet Atomic Wallet has resulted in at least $35 million worth of crypto assets being stolen since June 2, according to ZachXBT, an independent on-chain investigator known for tracing stolen crypto funds and assisting with hacked projects. The five most significant losses account for $17 million.

Hacking

Hacking Accountability

Hacking 2FA: 5 basic attack methods explained

CSO Magazine

JUNE 3, 2021

As Roger Grimes wrote in this article about two-factor hacks three years ago, when MFA is done well it can be effective, but when IT managers take shortcuts it can be a disaster. of compromised accounts did not use MFA at all and only 11% of enterprise accounts are protected by some MFA method.

Hacking

Hacking Accountability Authentication

SolarWinds attacker Nobelium targets over 150 companies in new mass email campaign

CSO Magazine

MAY 28, 2021

The Russian hacking group behind the supply chain attack that poisoned software updates for the SolarWinds Orion platform has been perfecting its email-based attacks over the past few months to plant backdoors inside organizations. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ].

CSO

CSO Government Marketing Hacking

Cash App customer investment data hacked

CSO Magazine

APRIL 5, 2022

million past and present customers of its investment services, as names, brokerage portfolio values and account numbers were compromised in a data breach. In an SEC filing made on Monday, Cash App parent company Block, Inc., said that it was working to contact roughly 8.2

Hacking

Hacking Data breaches Passwords Accountability

Uber Breach Guilty Verdict, Mandatory Password Expiration, Fake Executive Profiles on LinkedIn

Security Boulevard

OCTOBER 16, 2022

Former Uber CSO Joe Sullivan was found guilty of obstructing a federal investigation in connection with the attempted cover-up of a 2016 hack at Uber, NIST and Microsoft say that mandatory password expiration is no longer needed but many organizations are still doing it, and how fake executive profiles are becoming a huge problem for […].

Passwords

Passwords CSO Hacking Accountability

Rash of hacktivism incidents accompany Russia’s invasion of Ukraine

CSO Magazine

MARCH 1, 2022

Late last week, a Twitter account purporting to represent Anonymous wrote that “The #Anonymous collective has taken down the website of the #Russian propaganda station RT News.” Cyber Partisans of Belarus claim train hacks. Presumed hacktivists hacked Russian EV charging stations. AgainstTheWest targeted Russian interests.

DDOS

DDOS Media Hacking CSO

Cisco admits hack on IT network, links attacker to LAPSUS$ threat group

CSO Magazine

AUGUST 11, 2022

On August 10, the firm stated that an employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized. Bad actors published a list of files from this security incident to the dark web, Cisco added.

Hacking

Hacking Accountability Cybersecurity

An attacker was able to siphon audio feeds from multiple Clubhouse rooms

Security Affairs

FEBRUARY 22, 2021

In response to the malicious activity, the company permanently banned the account used by the attacker and deployed new “safeguards” to prevent similar attacks in the future, but ClubHouse was not able to ensure that it will not happen again. Lets talk about the Clubhouse 'hack' which wasn't. ” reported Bloomberg.

CSO

CSO Internet Internet Surveillance

Wells Notice Against SolarWinds CISO Could Be First of Its Kind

SecureWorld News

JUNE 26, 2023

While these Wells Notices are official investigations, they are a sign of a potential intent to investigate the CISO and CFO. Barton Kalsu and CISO Tim Brown have both been with Austin, Texas-based SolarWinds since before the breach that impacted at least nine federal agencies and approximately 100 organizations.

CISO

CISO CSO Data privacy Cyber Risk

Beyond Awareness: How to Cultivate the Human Side of Security

CyberSecurity Insiders

MAY 16, 2022

By Amanda Fennell, CSO and CIO, Relativity. Security programs must shoulder accountability for setting employees in different roles up for success. Effective learning management systems are available that take into account the human attention span. In certain circumstances, anyone, even a security professional, can be hacked.

CSO

CSO Passwords Password Management Accountability

Best practices for deploying multi-factor authentication on Microsoft networks

CSO Magazine

JUNE 8, 2022

As Microsoft points out, “When we look at hacked accounts, more than 99.9% Microsoft will soon change the mandate to multi-factor authentication (MFA) with changes to Microsoft 365 defaults. don’t have MFA, making them vulnerable to password spray, phishing and password reuse.

Authentication

Authentication Passwords Phishing Accountability

Camera tricks: Privacy concerns raised after massive surveillance cam breach

SC Magazine

MARCH 10, 2021

A hacking collective compromised roughly 150,000 internet-connected surveillance cameras from Verkada, Inc., Such revelations create intrigue as to whether a more insidious actor could perform a similar hack in order to conduct industrial espionage by spying on development and production activity.

Surveillance

Surveillance IoT Accountability Passwords

Okta admits 366 customers may have been impacted by LAPSUS$ breach

Malwarebytes

MARCH 23, 2022

Both are saying that the criminal hacking group acquired access to a user account with access to some customer data. In an article on Okta’s website , CSO David Bradbury provided a timeline of the incidents which took place in January. Okta provided a more detailed update later in the day, which we have summarised below.

CSO

CSO Engineering Passwords VPN

Podcast Episode 134: The Deep Fake Threat to Authentication and analyzing the PEAR Compromise

The Security Ledger

FEBRUARY 19, 2019

And, in our second segment, Sam Bisbee the CSO of the firm ThreatStack joins us to talk about last month's hack of the PEAR open source package manager and why data deserialization attacks are a growing threat to projects that use open source components. Vijay Balasubramaniyan of Pindrop joins us to talk about it.

Authentication

Authentication CSO Artificial Intelligence Social Engineering

BrandPost: How Configuration Assessments Help Improve Cyber Defenses

CSO Magazine

APRIL 6, 2021

The 2020 Verizon Data Breach Investigations Report (DBIR) notes that vulnerabilities accounted for nearly 20% of hacking breaches. Hackers are constantly on the lookout for poorly configured or unsecured systems. After all, when one system is left unsecured, it often means that others have been left unsecured as well.

Data breaches

Data breaches Cyber threats Accountability Technology

Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan

CSO Magazine

OCTOBER 6, 2022

These include a new Dark Web Insights tool that provides a breakdown of compromised passwords, a standalone authenticator app for enabling account multi-factor authentication (MFA), and a low-cost starter plan for small businesses. Password manager vendor Dashlane has announced updates to its suite of enterprise offerings.

Authentication

Authentication Small Business Password Management Passwords

Legendary Entertainment Relies on MVISION CNAPP Across Its Multicloud Environment

McAfee

NOVEMBER 10, 2021

Under the guidance of Dan Meacham, VP of Global Security and Corporate Operations and CSO/CISO, the multi-billion dollar organization transitioned from on-premises data centers to the cloud in 2012. MVISION CNAPP helps me keep my system administrators and developers accountable for what they are doing. Unacceptable levels of risk.

Data breaches

Data breaches Risk CSO Media

How CEOs think

Errata Security

JULY 19, 2020

Recently, Twitter was hacked. CEO : "I read about that Twitter hack. The CEO can't hire an excellent CSO unless they have enough competency to judge the qualifications of the CSO, and enough competency to hold the CSO accountable for the job they are doing. In this post, I describe how CEOs actually think.

CSO

CSO Cybersecurity Ransomware Hacking

NEW TECH: Data Theorem helps inventory sprawling APIs — as the first step to securing them

The Last Watchdog

MARCH 25, 2019

If I go to a CSO and say, ‘We can secure your APIs,’ he’ll say, ‘Great, can you also find them for me?’ ” observed Dwivedi, Data Theorem’s founder. The problem wasn’t a hack, but a broken API. Instead, what it did was allow anyone with a usps.com account to modify a wildcard search without authentication permissions.

Digital transformation

Digital transformation Software Data breaches Authentication

Are You Prepared for Cybersecurity in the Boardroom?

McAfee

NOVEMBER 12, 2020

Everyone in the company and on the board should be responsible and accountable for good cybersecurity practices. In July 2020, we saw key high-profile Twitter accounts compromised. Everyone is responsible and accountable. It is not only the CISO, CSO or CIO’s responsibility to care and do the right thing.

Cybersecurity

Cybersecurity Government Risk Penetration Testing

The Rise of an Overlooked Crime – Cyberstalking

Security Affairs

AUGUST 29, 2018

These evils include hacking, identity theft, online surveillance, and cyberstalking. We all know the dangers associated with hacking, identity theft, and internet surveillance, thanks to Facebook and other social networking platforms. Similarly, these hackers can hack your devices too.

Identity Theft

Identity Theft Internet Internet Surveillance

Podcast Episode 118: White Hat Eye on the Gaming Guy

The Security Ledger

OCTOBER 29, 2018

» Related Stories Podcast Episode 112: what it takes to be a top bug hunter Podcast Episode 113: SAP CSO Justin Somaini and Election Hacks – No Voting Machines Required! Both those act as insulation against the worst possible hacking scenarios. Read the whole entry. »

Artificial Intelligence

Artificial Intelligence CSO Engineering Risk

Notification no-nos: What to avoid when alerting customers of a breach

SC Magazine

JUNE 11, 2021

After all, there are some mistakes you should absolutely never make – missteps that can cost your business its reputation, and get you into hot water with consumers, the hacking community or legal and regulatory authorities. There are important considerations when taking such an action.

Data breaches

Data breaches Media Identity Theft CSO

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Consequently, when different sophisticated hacking techniques, types of assaults, and malware are learned, your innocent employees become your cyber security partners. What are the benefits of cyber security awareness trainings? You will create cyber awareness among your staff, as well as users, partners, customers.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Cyber Security Informer

CSO's ultimate guide to security and privacy laws, regulations, and compliance

The Microsoft Exchange Server hack: A timeline

Webinars

Trending Sources

Okta revealed that its private GitHub repositories were hacked this month

Webinars

Podcast Episode 113: SAP CSO Justin Somaini and Election Hacks – No Voting Machines Required!

Top Cybersecurity Accounts to Follow on Twitter

Atomic Wallet hack leads to at least $35M in stolen crypto assets

Hacking 2FA: 5 basic attack methods explained

SolarWinds attacker Nobelium targets over 150 companies in new mass email campaign

Cash App customer investment data hacked

Uber Breach Guilty Verdict, Mandatory Password Expiration, Fake Executive Profiles on LinkedIn

Rash of hacktivism incidents accompany Russia’s invasion of Ukraine

Cisco admits hack on IT network, links attacker to LAPSUS$ threat group

An attacker was able to siphon audio feeds from multiple Clubhouse rooms

Wells Notice Against SolarWinds CISO Could Be First of Its Kind

Beyond Awareness: How to Cultivate the Human Side of Security

Best practices for deploying multi-factor authentication on Microsoft networks

Camera tricks: Privacy concerns raised after massive surveillance cam breach

Okta admits 366 customers may have been impacted by LAPSUS$ breach

Podcast Episode 134: The Deep Fake Threat to Authentication and analyzing the PEAR Compromise

BrandPost: How Configuration Assessments Help Improve Cyber Defenses

Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan

Legendary Entertainment Relies on MVISION CNAPP Across Its Multicloud Environment

How CEOs think

NEW TECH: Data Theorem helps inventory sprawling APIs — as the first step to securing them

Are You Prepared for Cybersecurity in the Boardroom?

The Rise of an Overlooked Crime – Cyberstalking

Podcast Episode 118: White Hat Eye on the Gaming Guy

Notification no-nos: What to avoid when alerting customers of a breach

Cyber Security Awareness and Risk Management

Stay Connected