Blog - Cyber Security Informer

Weekly Update 270

Troy Hunt

NOVEMBER 19, 2021

The one thing I'll change in the future (and I don't know when I'll next do this outdoors, TBH) is to plug the RØDE lapel mic into the wireless unit. The one thing I'll change in the future (and I don't know when I'll next do this outdoors, TBH) is to plug the RØDE lapel mic into the wireless unit.

Wireless

Wireless Mobile

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

The Last Watchdog

FEBRUARY 11, 2024

Every industry is dealing with a myriad of cyber threats in 2024. It seems every day we hear of another breach, another scam, another attack on anything from a small business to a critical aspect of our nation’s infrastructure. It’s a tale as old as the first computer. When a technical issue arises, hand it over to IT. The list goes on.

Cyber Risk

Cyber Risk Risk Financial Services Cyber threats

BlackCat Eats into Its Nine Lives, Threatens More Attacks on Hospitals

SecureWorld News

FEBRUARY 29, 2024

Change Healthcare, a major provider of IT services to hospitals, continues to battle the BlackCat ransomware syndicate. BlackCat has made the healthcare industry a prime target over the past year, victimizing providers, insurers, and now healthcare IT suppliers like Change Healthcare, a unit of Optum. authorities. Insert sarcasm here).

Healthcare

Healthcare Ransomware Cyber threats Encryption

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. In part 2 , I covered IP addresses and the importance of a decent network to run all this stuff on, followed by Zigbee and the role of low power, low bandwidth devices. Let's dive into it.

IoT

IoT Firmware Risk Manufacturing

Building a Cyber Resilient Business: The Protection Layer

Webroot

SEPTEMBER 7, 2023

This is all happening while companies are spending trillions digitizing their business operations and trying to obtain secure cyber insurance while keeping up with regulatory changes in GDPR, HIPAA, and Sarbanes-Oxley. The best way to weather these challenges is to become a cyber resilient business. Cybercrime is on the rise.

Encryption

Encryption Cyber Insurance Cybercrime Phishing

CISA JCDC Will Focus on Energy Sector

Security Affairs

APRIL 5, 2023

The CISA ‘s Joint Cyber Defense Collective (JCDC) initiative is going to build operation plans for protecting and responding to cyber threats. What comes to mind when you think of cyber criminals? Depending on who you ask, you’ll get a variety of answers. To address this gap, the JCDC is planning proactive measures for future cyber risks.

Energy and Utilities

Energy and Utilities Cyber threats Risk Cyber Risk

Snowden Ten Years Later

Schneier on Security

JUNE 6, 2023

In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. But I had a more personal involvement as well. I wrote the essay below in September 2013. The New Yorker agreed to publish it, but the Guardian asked me not to.

Surveillance

Surveillance Computers and Electronics Encryption Government

What to watch for as we head into election season

Thales Cloud Protection & Licensing

SEPTEMBER 4, 2018

Rather than trying to change individual votes, what if a cyber adversary erased or changed voter registration documents in a particular location on Election Day? We all know how easy it is to disrupt voter attendance; prohibitive lines and bad weather are a recipe for low turnout. And there are so many factors to consider.

Software

Software Hacking Encryption Internet

CryptoAgility to take advantage of Quantum Computing

Thales Cloud Protection & Licensing

MAY 4, 2021

With every change, comes disruption to the current set of ecosystems and practices, providing an opportunity to do things differently and in a better way. The key lies in being able to sense the change on the horizon and getting ready to embrace that change. What is quantum computing and what changes will it bring?

Computers and Electronics

Computers and Electronics Banking IoT Risk

Achieving DORA Compliance in Your Organization

Centraleyes

DECEMBER 11, 2023

DORA is a groundbreaking EU regulation designed to enhance the operational resilience of the financial sector. It aims to tackle the challenges posed by increasing digitalization and connectivity. The central goal of DORA is to set uniform requirements for the security of networks and information systems within the financial sector.

Risk

Risk Insurance Architecture Banking

WordCamp Sacramento 2018 in Review

SiteLock

AUGUST 27, 2021

This year’s WordCamp Sacramento was full of great speakers, interesting topics and lots of enthusiastic attendees. Again held right downtown at the Sacramento Convention Center, it was 2 days of three tracks, including a dedicated Beginner’s track. Hey look, it’s me and Michael at WC Sacramento! Local SEO The Old Fashioned Way.

Media

What Types of Apps Track Your Location?

McAfee

APRIL 12, 2021

Your mobile phone can do so many things, thanks to the wonders of technology. One of those things is having very accurate information about your location. In fact, some apps have to know your location to work. . Of course, you can’t expect Google Maps to function as it should without tracking your location. Click on “Location Services.”

Insurance

Insurance Mobile Media Marketing

Ensuring Business Resilience: Integrating Incident Response and Disaster Recovery Plans

Centraleyes

MARCH 19, 2024

Let’s explore how businesses can weather these storms and thrive in their wake, turning challenges into opportunities for growth. It positions businesses to survive and prepare for anything, emphasizing continuous adaptability in the face of change. On the other hand, business resilience goes beyond continuity.

Risk

Risk Backups Technology Cyber threats

Quantum computing brings new security risks: How to protect yourself

CyberSecurity Insiders

FEBRUARY 1, 2022

This blog was written by an independent guest blogger. Although commercial quantum computing may still be decades away, government agencies and industry experts agree that now is the time to prepare your cybersecurity landscape for the future. Even now, our cybersecurity climate is getting hotter. What is quantum computing?

Risk

Risk Social Engineering Threat Detection Encryption

Trends in connected homes in 2021 – Improved security and connectivity

CyberSecurity Insiders

OCTOBER 20, 2021

This blog was written by an independent guest blogger. It’s becoming more popular in 2021 to have a smart home with connected devices capable of communicating with each other. It’s expected that smart home spending will reach more than $141 billion by 2023 , and the number of smart homes will surpass 300 million by 2023.

Energy and Utilities

Energy and Utilities Wireless Technology Artificial Intelligence

API Security 101 for Developers: How to Easily Secure Your APIs

ForAllSecure

MARCH 29, 2023

In the following sections, we will discuss: API Basics Common API Security Vulnerabilities Best Practices for API Security How to do API Security Automatically By the end of this blog post, you will have a good understanding of API security and the steps you can take to easily secure your APIs. How do APIs work?

Authentication

Authentication Passwords Encryption Software

The OWASP Top 10: Sensitive Data Exposure

SiteLock

AUGUST 27, 2021

While big-name businesses can usually weather a data breach, smaller websites and businesses often can’t afford the fallout. More frequently known as a data breach, sensitive data exposure ranks as one of the top 10 most dangerous cyberthreats by OWASP (Open Web Application Security Project) because of the damage it can do to its victims.

Data breaches

Data breaches Backups Firewall eCommerce

It’s a Holiday Security Breach Blowout

SiteLock

AUGUST 27, 2021

It was the week before Christmas, the time when the Christmas feeling really kicks in, the weather cooled on cue, and presents began to populate the area beneath our Charlie Brown fake Christmas tree. We’ll also discuss how major data breaches occur, and what you can do to protect yourself in the Age of the Large Data Breach.

Data breaches

Data breaches Identity Theft Passwords Firewall

Employee Spotlight: The Human Faces Behind Artificial Intelligence

Webroot

JANUARY 20, 2021

In 2018, I was looking for a career change away from insurance. Webroot BrightCloud® Threat Intelligence relies on the collective power of millions of devices working together. But what sometimes gets lost is the actual humans behind bringing this technology to market. What brought you to Webroot? The rest is history! Lesson learned from me.

Artificial Intelligence

Artificial Intelligence Marketing Identity Theft Cyber threats

6 Best Threat Intelligence Feeds to Use in 2023

eSecurity Planet

AUGUST 10, 2023

Threat intelligence feeds are continually updated streams of data that inform users of different cybersecurity threats, their sources, and any infrastructure impacted or at risk of being impacted by those threats. As a bonus, many of these tools are free to access and have specialized feeds that focus on different industries and sectors.

Internet

Internet Internet Cybersecurity Malware

13 Steps to Take if You’ve Been Laid Off in Cybersecurity (which everyone should read)

Jane Frankland

FEBRUARY 1, 2023

As I thought about it and last week’s blog , I thought I’d put together an Action Pack, similar to what I did when the Covid-19 pandemic struck, and I witnessed many of my entrepreneurial friends struggle to find clients and keep afloat. Just look at the tech layoff counter this week ! It’s a sad affair.

Cybersecurity

Cybersecurity Accountability Media Marketing

IT Cyber Hygiene: Why It’s Important, and Duo’s Role in Securing Everyday Access

Duo's Security Blog

DECEMBER 9, 2022

The pervasive nature of these events has become almost commonplace, like talking about the weather. The pervasive nature of these events has become almost commonplace, like talking about the weather. Instant access to experts Change happens. But it doesn’t have to be, or they can at least be minimized. What is cyber hygiene?

Cybersecurity

Cybersecurity Data breaches Cyber threats Risk

Security Roundup February 2024

BH Consulting

FEBRUARY 15, 2024

Cyber attacks featured in the top five risks for the year ahead, along with factors like extreme weather and the cost of living crisis. Cyber attacks featured in the top five risks for the year ahead, along with factors like extreme weather and the cost of living crisis. VentureBeat also has a good writeup of the key findings.

Passwords

Passwords Surveillance Risk Data breaches

Mapping Secure Network Analytics (and Cognitive) to NIST CSF Categories and Sub-Categories

Cisco Security

JUNE 30, 2021

With this feature, we can easily create, change, and audit security policy definitions. It helps in identifying data leak weather it is ‘At Rest’, ‘In Transit’ or ‘In Use’. Secure Network Analytics uses flow telemetry such as NetFlow, jFlow, sFlow, IPFIX, and packet-level data and helps in reducing the risk to an organisation.

Threat Detection

Threat Detection Risk Data collection Internet

GUEST ESSAY: Lessons learned in 2021 as cloud services, mobility and cybersecurity collided

The Last Watchdog

DECEMBER 9, 2021

In 2021 we witnessed the continuation of the seismic shift in how people work, a change that started at the beginning of the global pandemic. The acceleration of cloud, mobility, and security initiatives proved to be critical for organizations looking to weather the new threats and disruptions. Securing Iot, MEC.

Mobile

Mobile IoT Cybersecurity Digital transformation

The Hacker Mind Podcast: Reverse Engineering Smart Meters

ForAllSecure

MAY 13, 2022

After hearing a talk, a Dallas-based hacker set out to find out what was going on inside the smart meter attached to his home, and what he found was surprising. Since then Hash started a reverse engineering wiki site called Recessim and created dozens of YouTube videos in a channel of that same name to chronicle his adventures.

Engineering

Engineering Energy and Utilities Computers and Electronics Firmware

Unleashing The Mayhem CRS

ForAllSecure

FEBRUARY 9, 2016

In June, ForAllSecure participated in DARPA's Cyber Grand Challenge (CGC) Qualification Event (CQE) 1. During the event our automated system tweeted its progress, and to continue the trend of openness, we decided to publish a writeup of some more details about our system. CGC Background. These tests are not available to competitors.

Engineering

Engineering Internet Internet Architecture

UNLEASHING THE MAYHEM CRS

ForAllSecure

FEBRUARY 9, 2016

In June, ForAllSecure participated in DARPA's Cyber Grand Challenge (CGC) Qualification Event (CQE) 1. During the event our automated system tweeted its progress, and to continue the trend of openness, we decided to publish a writeup of some more details about our system. CGC BACKGROUND. These tests are not available to competitors.

Engineering

Engineering Internet Internet Architecture

Unleashing The Mayhem CRS

ForAllSecure

FEBRUARY 9, 2016

In June, ForAllSecure participated in DARPA's Cyber Grand Challenge (CGC) Qualification Event (CQE) 1. During the event our automated system tweeted its progress, and to continue the trend of openness, we decided to publish a writeup of some more details about our system. CGC Background. These tests are not available to competitors.

Engineering

Engineering Internet Internet Architecture

Working From Anywhere With Purpose and Openness

Duo's Security Blog

NOVEMBER 9, 2022

With Cisco’s support, Kho recently relocated to Austin, TX where she’s delighting in warmer weather. Esther Kho is no stranger to taking leaps. Joining Duo in 2017 as a customer success manager, Kho now leads the Managed Service Provider (MSP) team. We’re not trying to create a problem just so we can sell our product to solve for it.

Healthcare

Healthcare Mobile Marketing Accountability

Cyber Security Informer

Weekly Update 270

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

Webinars

Trending Sources

BlackCat Eats into Its Nine Lives, Threatens More Attacks on Hospitals

Webinars

IoT Unravelled Part 3: Security

Building a Cyber Resilient Business: The Protection Layer

CISA JCDC Will Focus on Energy Sector

Snowden Ten Years Later

What to watch for as we head into election season

CryptoAgility to take advantage of Quantum Computing

Achieving DORA Compliance in Your Organization

WordCamp Sacramento 2018 in Review

What Types of Apps Track Your Location?

Ensuring Business Resilience: Integrating Incident Response and Disaster Recovery Plans

Quantum computing brings new security risks: How to protect yourself

Trends in connected homes in 2021 – Improved security and connectivity

API Security 101 for Developers: How to Easily Secure Your APIs

The OWASP Top 10: Sensitive Data Exposure

It’s a Holiday Security Breach Blowout

Employee Spotlight: The Human Faces Behind Artificial Intelligence

6 Best Threat Intelligence Feeds to Use in 2023

13 Steps to Take if You’ve Been Laid Off in Cybersecurity (which everyone should read)

IT Cyber Hygiene: Why It’s Important, and Duo’s Role in Securing Everyday Access

Security Roundup February 2024

Mapping Secure Network Analytics (and Cognitive) to NIST CSF Categories and Sub-Categories

GUEST ESSAY: Lessons learned in 2021 as cloud services, mobility and cybersecurity collided

The Hacker Mind Podcast: Reverse Engineering Smart Meters

Unleashing The Mayhem CRS

UNLEASHING THE MAYHEM CRS

Unleashing The Mayhem CRS

Working From Anywhere With Purpose and Openness

Stay Connected