Krebs on Security

SEPTEMBER 24, 2022

A 36-year-old Russian man recently identified by KrebsOnSecurity as the likely proprietor of the massive RSOCKS botnet has been arrested in Bulgaria at the request of U.S. authorities. At a court hearing in Bulgaria this month, the accused hacker requested and was granted extradition to the United States, reportedly telling the judge, “America is looking for me because I have enormous information and they need it.” A copy of the passport for Denis Kloster, as posted to his Vkontakte

Cybercrime 262

Cybercrime Data breaches Malware Ransomware 262

Troy Hunt

SEPTEMBER 24, 2022

Wow, what a week! Of course there's lots of cyber / tech stuff in this week's update, but it was really only the embedded tweet below on my mind so I'm going to leave you with this then come to you from somewhere much more exotic than usual (and I reckon that's a pretty high bar for me!) next week 😎 Absolutely over the moon to formally make @Charlotte_Hunt_ a part of our family ❤️ 💍 pic.twitter.com/XfahXElboC — Troy Hunt (@troyhunt) Septem

Software 259

Software 259

Tech Republic Security

SEPTEMBER 24, 2022

Dubbed Coreid, the group has adopted a new version of its data exfiltration tool and is offering more advanced capabilities to profitable affiliates, says Symantec. The post Colonial Pipeline ransomware group using new tactics to become more dangerous appeared first on TechRepublic.

Ransomware 174

Ransomware Malware 174

eSecurity Planet

SEPTEMBER 24, 2022

Between a plunging stock market, rising interest rates and a slumping economy, raising venture capital has not been easy this year. This has even been the case for high-priority categories like cybersecurity. According to data from PitchBook, venture capital investments have reached about $13.66 billion so far this year, down significantly from $26.52 billion in 2021.

Cybersecurity 140

Cybersecurity Marketing Password Management Risk 140

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

Tech Republic Security

SEPTEMBER 24, 2022

The biggest threat to cybersecurity departments could be the lack of qualified employees, leaving companies vulnerable. The post Training the next generation of cybersecurity experts to close the crisis gap appeared first on TechRepublic.

Cybersecurity 158

Cybersecurity 158

Dark Reading

SEPTEMBER 24, 2022

The ongoing ad fraud campaign can be traced back to 2019, but recently expanded into the iOS ecosystem, researchers say.

109

109

The Hacker News

SEPTEMBER 24, 2022

Security software company Sophos has released a patch update for its firewall product after it was discovered that attackers were exploiting a new critical zero-day vulnerability to attack its customers' network. The issue, tracked as CVE-2022-3236 (CVSS score: 9.8), impacts Sophos Firewall v19.0 MR1 (19.0.

Firewall 99

Firewall Software 99

Security Affairs

SEPTEMBER 24, 2022

The cyber department of Ukraine ‘s Security Service (SSU) dismantled a gang that stole accounts of about 30 million individuals. The cyber department of Ukraine ‘s Security Service (SSU) has taken down a group of hackers that is behind the theft of about 30 million individuals. The gang was offering the stole accounts for sale on the dark web, according to the SSU they earned almost UAH 14 million from the sale.

Accountability 98

Accountability Computers and Electronics Hacking Mobile 98

The Hacker News

SEPTEMBER 24, 2022

The City of London Police on Friday revealed that it has arrested a 17-year-old teenager from Oxfordshire on suspicion of hacking. "On the evening of Thursday 22 September 2022, the City of London Police arrested a 17-year-old in Oxfordshire on suspicion of hacking," the agency said, adding "he remains in police custody.

Hacking 98

Hacking 98

SecureBlitz

SEPTEMBER 24, 2022

All businesses rely on some form of IT in the modern era. The majority use complete networks throughout the office so that employees can communicate with each other and customers daily. If there is ever an IT issue, this can inhibit productivity and, in some severe circumstances, put the company’s reputation and operations at risk. […]. The post What Are the Benefits of Outsourcing to an IT Support Company?

Risk 98

Risk Cybersecurity 98

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Approachable Cyber Threats

SEPTEMBER 24, 2022

Category News, Social Engineering. Risk Level. Several large companies were hacked in the first half of September. The common theme? All of the attacks were carried out with relatively simple phishing and social engineering techniques. So far in September, IHG , Uber , and Rockstar Games have all been victims of major independent cyber attacks. Though the attacks had different results for each company, the techniques and underlying vulnerabilities that were exploited shared a common theme.

Social Engineering 97

Social Engineering Authentication Engineering Phishing 97

Bleeping Computer

SEPTEMBER 24, 2022

The City of London police announced on Twitter today the arrest of a British 17-year-old teen suspected of being involved in recent cyberattacks. [.].

Hacking 86

Hacking 86

Dark Reading

SEPTEMBER 24, 2022

Slack, Docker, Kubernetes, and other applications that allow developers to collaborate have become the latest vector for software supply chain attacks.

Software 59

Software 59

Schneier on Security

SEPTEMBER 24, 2022

This one has chewed-up tentacles. (Note that this is a different squid than the one that recently washed up on a South African beach.). As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

252

252

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Identity IQ

SEPTEMBER 24, 2022

Can My Identity be Stolen from My Birth Certificate? IdentityIQ. For most U.S. citizens, an official birth certificate may be the most critical document to have in their possession. Birth certificates back up your identity using your name, date of birth, place of birth, your sex/gender as recorded at birth and the identity of your parents. They’re commonly referred to as “breeder documents” because they can be used to facilitate the acquisition of other official identity documents, including dri

Identity Theft 103

Identity Theft Accountability Media Banking 103