NopSec

FEBRUARY 13, 2024

Isolation and testing remained in effect, the offices were closed, and we all worked out of our living rooms. Breaking Security Silos NopSec grew up as an offensive security company before launching our SaaS product, so our lenses and thought process are quite different from many traditional security software companies.

Marketing 52

Marketing Risk Digital transformation Software 52

McAfee

AUGUST 23, 2021

Now that we’ve officially kicked off our journey as McAfee Enterprise , a pure-play enterprise cybersecurity company under the new ownership of Symphony Technology Group (STG), we’re celebrating a lot of new firsts and changes. But one thing remains the same: our passion and commitment to make the world a safer, more secure place.

CISO 78

CISO Identity Theft Technology Information Security 78

DoublePulsar

DECEMBER 3, 2023

Ongoing Operations’ two Netscaler devices remain offline. The security patch for this issue became available almost two months ago. It also provided evidence of CitrixBleed being used against Allen & Overy and many others. You can read about some of the fallout here. First, let’s do a bit of background. I’m concerned.

Ransomware 100

Ransomware Cybersecurity Healthcare Government 100

Security Boulevard

MAY 5, 2023

Security business is booming! It is very clear from observing the large booths of many vendors (including some that are doing well unexpectedly ) that “there is lots of money in cyberland.” One noticeable thing that stood out to us as we wandered the RSA show floor was the relative shortage of XDR. Is XDR finally over?

Artificial Intelligence 78

Artificial Intelligence Threat Detection Marketing Cybersecurity 78

Cisco Security

NOVEMBER 16, 2022

As a word, tolerance can mean different things to different people and cultures. I wrote extensively about this in a blog last year on why diversity matters so much to create stronger cybersecurity organizations. I pointed out that cybersecurity as a technology is multi-faceted and constantly changing.

Education 68

Education Cybersecurity Authentication Technology 68

Cisco Security

AUGUST 11, 2021

Yet this threat carries a much more storied history , with varying functionality from one campaign to the next. We looked at REvil, also known as Sodinokibi or Sodin, earlier in the year in a Threat Trends blog on DNS Security. However, when revisiting these metrics, we noticed that this changed in the beginning of 2021.

Ransomware 139

Ransomware DNS Encryption Backups 139

Notice Bored

APRIL 22, 2021

As with computer applications and many other things, simplicity obviously has a number of benefits, whereas complexity has a number of costs. Paradoxically, it is quite complicated and difficult to keep things simple! increasing their risks of relying on the certificate.

Risk 85

Risk Government Accountability Cyber Risk 85

Thales Cloud Protection & Licensing

MAY 4, 2021

With every change, comes disruption to the current set of ecosystems and practices, providing an opportunity to do things differently and in a better way. The key lies in being able to sense the change on the horizon and getting ready to embrace that change. What is quantum computing and what changes will it bring?

Computers and Electronics 98

Computers and Electronics Banking IoT Risk 98

Cisco Security

MARCH 23, 2021

In our Threat Trends blog series , we attempt to provide insight into the prevalent trends on the threat landscape. Our goal in giving you the latest info on these trends is that you’ll be better prepared to allocate security resources to where they’re needed most. Part 2: Industry trends. This is what we’re going to cover in part two.

DNS 136

DNS Financial Services Manufacturing Healthcare 136

The Last Watchdog

FEBRUARY 3, 2020

Department of Homeland Security issued a bulletin calling out Iran’s “robust cyber program,” and cautioning everyone to be prepared for Iran to “conduct operations in the United States.” There has been plenty of news coverage of certain high-profile Iranian and Russian cyberattacks; not nearly as much on clandestine U.S.

Energy and Utilities 330

Energy and Utilities Malware Hacking Passwords 330

The Last Watchdog

MAY 2, 2019

While the internet and social media have been very positive for businesses, there remains an inherent risk when it comes to how brands manage their Facebook, Twitter, and Instagram accounts. 1 : Cybercrime Businesses should always be very aware of the threat of cybercriminals, and social media also poses very real cyber-security risks.

Media 138

Media Marketing Risk Passwords 138

Jane Frankland

OCTOBER 1, 2021

” His statement couldn’t be truer and as I chaired the European Security Forum 2021 in London this week, I was amazed at how the theme of unlearning what we know glued together (figuratively speaking) all the other speakers’ presentations. But we’ve seen higher in the legal sector when it comes to ransomware attacks.

Cybersecurity 100

Cybersecurity Ransomware Identity Theft Technology 100

Krebs on Security

JUNE 18, 2018

“An attacker can be completely remote as long as they can get the victim to open a link while connected to the same Wi-Fi or wired network as a Google Chromecast or Home device,” Young told KrebsOnSecurity. “The only real limitation is that the link needs to remain open for about a minute before the attacker has a location.

IoT 187

IoT Internet Internet Wireless 187

The Last Watchdog

MAY 11, 2020

Long before COVID-19, some notable behind-the-scenes forces were in motion to elevate cybersecurity to a much higher level. One thing is certain, as this global reset plays out, cyber criminals will seize upon fresh opportunities to breach company and home networks, and to steal, defraud and disrupt, which they’ve already commenced doing.

Computers and Electronics 113

Computers and Electronics Data privacy Encryption Media 113

Thales Cloud Protection & Licensing

NOVEMBER 2, 2017

In just a few short years, Bitcoin, the innovative cryptocurrency underpinned by Blockchain technology, has earned broad legitimacy and won plaudits from many top technologists, investors, and even bankers. The very nature of Bitcoin – its scale, its openness – are fundamental to its professed security properties.

Technology 90

Technology Backups Cryptocurrency Risk 90

Security Boulevard

MAY 25, 2021

Bringing the secure network to the employee represents a better option to solve these requirements instead of forcing the employee onto the secure network. The network offers a secure connection; thus, you no longer backhaul traffic on-prem to run through the corporate web proxy or go through a centralized VPN server.

Technology 52

Technology Encryption VPN Architecture 52

SC Magazine

APRIL 20, 2021

One could say the same for cybersecurity – only the stakes are higher. So it shouldn’t be a surprise that the same psychological stressors that can send an elite ballplayer into a funk can also negatively impact cybersecurity professionals. One that requires patience, perseverance, stamina and resilience. said Murphy. “In

Cybersecurity 120

Cybersecurity Media InfoSec Passwords 120

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “They truly all are reasonably secure.

Cryptocurrency 349

Cryptocurrency Passwords Encryption Accountability 349

McAfee

MAY 29, 2020

This blog was written by Rodman Ramezanian, Pre-Sales Security Engineer at McAfee. I’d like to explore how these terms differ and how those differences will shape security outcomes in the future. Are they much of a muchness ? Definitions. Let’s start with a stone-cold definition. Are we splitting hairs here?

Risk 52

Risk Architecture Firewall Technology 52

CyberSecurity Insiders

JANUARY 12, 2022

At times, the quest to stay on top of web application security can seem futile. In this blog, we’ll look at the root causes of concern for today's CISO and share some practical strategies to deter cybercriminals. Web apps, the big attack opportunity for cybercriminals. Protecting your web apps in the real-world.

CISO 126

CISO Cybercrime Risk Healthcare 126

Security Boulevard

APRIL 15, 2022

Sin ce that time, it has made significant pushes towards fully encrypting all its platforms , on the basis that “implementing end-to-end encryption for all private communications is the right thing to do.”. It’s a difficult struggle, with points for both sides. However, Meta’s actions this month have sent an unmistakable reply.

Encryption 52

Encryption Government Accountability Technology 52

Troy Hunt

DECEMBER 19, 2017

It's the absolute best bang for your buck by a massive margin and it pays off over and over again across many years and many projects. In part 2 of the series, I want to talk about data ownership and minimisation and this is all about reducing the impact on individuals and organisations alike when things do go wrong.

Data breaches 134

Data breaches Data collection B2B Mobile 134

Jane Frankland

JUNE 7, 2023

” In this blog, I’m examining subtle micro-aggressions as well as outright aggressive remarks that we see so often in tech. Assuming that everyone has access to the same resources and opportunities. However, things started to change when a new manager was hired.

Education 130

Education Accountability Cybersecurity Internet 130

Jane Frankland

JUNE 20, 2023

But although burnout is a prevalent issue, many people still feel uncomfortable discussing it openly. This lack of discussion worsens the problem, as the signs of burnout go unrecognised and the steps to prevent it remain unknown. And these changes increase the risk of developing anxiety, depression, and other mental health issues.

Cybersecurity 130

Cybersecurity Risk InfoSec CISO 130

Thales Cloud Protection & Licensing

JUNE 25, 2019

Scarcity in talent means there is a critical deficit in developer security training. million employees today, according to the latest estimates from (ISC)², the world’s leading cybersecurity and IT security professional organisation. If you all think the same way, then you all miss the same things.

Technology 98

Technology Small Business Cybersecurity InfoSec 98

SecureList

FEBRUARY 15, 2021

All of these messages had one thing in common: the user was requested to call a support number stated in the email. The senders of an email that talked about a bomb planted in company’s offices went much further with their threats. The amount demanded by the blackmailers was much larger than in previous messages: $20,000.

Phishing 140

Phishing Malware Scams Accountability 140

ForAllSecure

FEBRUARY 23, 2021

I mean, look at the stars at night--so many mysteries to solve. The infinite universe-- so much yet to learn and discover. Often when I talk to people about pentesting, it’s the same problem. Vamosi: So, in order to secure your network, you have to think like a criminal hacker and then attack it like a criminal hacker.

Penetration Testing 52

Penetration Testing InfoSec Cyber Attacks Education 52

ForAllSecure

FEBRUARY 23, 2021

I mean, look at the stars at night--so many mysteries to solve. The infinite universe-- so much yet to learn and discover. Often when I talk to people about pentesting, it’s the same problem. Vamosi: So, in order to secure your network, you have to think like a criminal hacker and then attack it like a criminal hacker.

Penetration Testing 52

Penetration Testing InfoSec Cyber Attacks Education 52

Troy Hunt

JULY 18, 2022

How many times have you heard the old adage about how nothing in life is free: If you're not paying for the product, you are the product Facebook. But this isn't an internet age thing, the origins go back way further, originally being used to describe TV viewers being served ads. We pay for hosting services.

Data breaches 255

Data breaches Passwords Password Management Software 255

Troy Hunt

MARCH 31, 2021

However, it's now owned by me and it's just sitting there doing pretty much nothing other than serving a little bit of JavaScript. It might only be exploiting them a little bit (how much power can an in-browser JS cryptominer really draw?), And that's where things got a lot more interesting. The website is dead.

Technology 363

Technology Mobile Internet Internet 363

Troy Hunt

JULY 2, 2020

I started writing this blog post alone in a hotel room in Budapest last September. It was at the absolute zenith of stress; a time when I had never been under as much pressure as I was right at that moment. The thing that perhaps surprised me most about those discussions with friends was how much their own stories resonated with mine.

355

355

SecureList

FEBRUARY 16, 2023

The bait included the most awaited and talked-about releases: the new season of Stranger Things, the new Batman movie, and the Oscar nominees. Aid as distributed by various governmental and nongovernmental organizations remained a popular fraud theme in 2022.

Phishing 97

Phishing Scams Accountability Energy and Utilities 97

Anton on Security

JUNE 3, 2022

It also resulted in this half-shallow / half-profound blog that relates detection to cooking and farming! Part 1 Key Questions Here on the blog I touched the subject of detection engineering quite a few times, yet I realize that many organizations prefer to rely on their security tool vendor content for threat detection.

Threat Detection 299

Threat Detection Engineering Advertising Technology 299

Troy Hunt

AUGUST 7, 2020

The single most important objective of that process was to seek a more sustainable future for HIBP and that desire hasn't changed; the project cannot be solely dependent on me. Many of the services that HIBP runs on are provided free by the likes of Cloudflare. The platform this very blog runs on, Ghost, is open source.

Passwords 364

Passwords Architecture Data breaches Internet 364

Digital Shadows

AUGUST 17, 2021

But, never mind the dozens of other reports and white papers about phishing that come out every year from security industry leaders, let’s take a look at the 2021 Verizon DBIR. While Verizon even admits in the 2021 DBIR that they’re not entirely sure why email is still such a big thing, but it does serve its purposes.

Phishing 52

Phishing Accountability Social Engineering Mobile 52

Elie

MAY 30, 2018

This blog post survey the attacks techniques that target AI (artificial intelligence) systems and how to protect against them. He weaponized this knowledge by adding an invisible first multipart that contained many reputable domains in an attempt to evade detection. This attack is a variation of the class of attacks known as.

Accountability 107

Accountability Artificial Intelligence Engineering Retail 107

Anton on Security

OCTOBER 18, 2023

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. On the other hand, the intel team may process so much intelligence data that it can be a real challenge to understand what the detection team is even expecting.

Engineering 130

Engineering Threat Detection Threat Reports Passwords 130