eSecurity Planet

NOVEMBER 6, 2023

The past week has been a busy one for cybersecurity vulnerabilities, with 34 vulnerable Windows drivers and four Microsoft Exchange flaws heading a long list of security concerns. CVE-2023-5043 (Annotation Injection, CVSS score 7.6): Ingress-nginx annotation injection allows the execution of arbitrary commands.

Software 91

Software Education Ransomware Firmware 91

BH Consulting

AUGUST 16, 2023

Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. The agency’s ninth Internet Organised Crime Assessment (IOCTA) 2023 report gives a law enforcement perspective on current cybercrime techniques. November is shaping up to be a busy month for Dr. Lyons.

Social Engineering 52

Social Engineering Cybercrime Data privacy Engineering 52

Security Affairs

AUGUST 11, 2023

APIs for commerce and beyond Salesforce, eBay, and Amazon were the three companies that launched early versions of APIs that leveraged the internet and allowed developer access. Mobile applications and software solutions leverage APIs to access data and make it available to their end users.

B2B 87

B2B Internet Internet Marketing 87

Cisco Security

JANUARY 10, 2023

This gives me an invaluable macroview not only of how the last 12 months have affected organizations and what CISOs are thinking about, but also how the upcoming year is shaping up. Using this information, last year I wrote a blog summing up the nine top of mind issues I believed will most impact CISOs as we headed into 2022.

CISO 138

CISO Insurance Cyber Insurance Phishing 138

SiteLock

AUGUST 27, 2021

While most business owners and website administrators are aware of the problem, too few have the information or resources they need to combat it. Cyber threat intelligence (IQ) is having knowledge and awareness of what threatens your data integrity. While content management systems (CMS) like WordPress and Joomla!

Cyber threats 98

Cyber threats Mobile B2B Threat Detection 98

BH Consulting

JUNE 13, 2023

Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Target the human, swipe the cash: Verizon DBIR 2023 highlights crime trends Manage the human risk and mind your money: those are two key takeaways from Verizon’s 2023 Data Breach Investigations Report.

Social Engineering 52

Social Engineering Data breaches Scams DDOS 52

Centraleyes

NOVEMBER 8, 2023

The SEC’s proposed cybersecurity disclosure rule , known as the Proposed Rule for Public Companies (PRPC), has ushered in a wave of concerns and challenges, particularly for CISOs. The rule mandates that companies report material cybersecurity incidents within four days.

CISO 52

CISO Cyber Risk Risk Cybersecurity 52

Centraleyes

APRIL 8, 2024

They use this data to steal identities and access corporate accounts. consumers say they will cease spending with a company for several months following a security breach, and more than one-fifth (21%) say they will never return to a company after the breach. The consequences of data breaches go beyond financial impact. 66% of U.S.

Data privacy 52

Data privacy Unstructured Data Data breaches Government 52

Kali Linux

FEBRUARY 27, 2024

Last month we replied to a long-forgotten email from Kenneth Finnegan from the FCIX Software Mirror. As it turns out, Kenneth operates a network of mirrors, which was officially announced back in May 2023 on his blog: Building the Micro Mirror Free Software CDN. Here’s the story. So what is the Micro Mirror CDN exactly?

Software 145

Software Firmware VPN Internet 145

Security Affairs

APRIL 21, 2023

Phishing-borne threats IBM’s 2022 Data Breach report highlighted how effective phishing-based attacks have become, being the second leading cause of cybersecurity incidents globally, by using a sample instance that affected hundreds of international entities. A companion Readme file provides dependency, installation, and usage instructions.

Phishing 79

Phishing Social Engineering Security Awareness Passwords 79

BH Consulting

JULY 13, 2023

Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Cyber Ireland, the industry body, forecasts that cybersecurity jobs will increase to 17,000 by 2030. The full report is available to view or download. Courses will start in September.

Cyber Risk 52

Cyber Risk Artificial Intelligence Risk Cyber Attacks 52

LRQA Nettitude Labs

NOVEMBER 3, 2023

In SQL injections, attackers introduce malicious code into data input fields to gain unauthorized access or extract data. Through such manipulations, an attacker could potentially mislead users, spread misinformation, or even exfiltrate sensitive data if the AI has access to such information. Image source: Greshake et al.

Artificial Intelligence 65

Artificial Intelligence Architecture Cybersecurity Technology 65

DoublePulsar

DECEMBER 28, 2023

Some of these are still fully offline over a month later, and the wiped victims are a mix of private companies and Israeli state government entities. I am tracking 59 orgs where they have released data dumps, and a further 40 or so who got hit in a mass MSP (Managed Service Provider) wipe. What do they do when they gain access?

Backups 72

Backups DDOS Accountability Hacking 72