Krebs on Security
AUGUST 8, 2023
Microsoft Corp. today issued software updates to plug more than 70 security holes in its Windows operating systems and related products, including multiple zero-day vulnerabilities currently being exploited in the wild. Six of the flaws fixed today earned Microsoft’s “critical” rating, meaning malware or miscreants could use them to install software on a vulnerable Windows system without any help from users.
Schneier on Security
AUGUST 8, 2023
I just read an article complaining that NIST is taking too long in finalizing its post-quantum-computing cryptography standards. This process has been going on since 2016, and since that time there has been a huge increase in quantum technology and an equally large increase in quantum understanding and interest. Yet seven years later, we have only four algorithms , although last week NIST announced that a number of other candidates are under consideration, a process that is expected to take R
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
AUGUST 8, 2023
Palo Alto, Calif., Aug. 8, 2023 – SandboxAQ today announced Sandwich, an open source framework and meta-library of cryptographic algorithms that simplifies modern cryptography management. With an intuitive, unified API, Sandwich empowers developers to embed the cryptographic algorithms of their choice directly into their applications and to change them as technologies and threats evolve – without rewriting code.
Tech Republic Security
AUGUST 8, 2023
The ACCC has given the green light for cross-banking collaboration to address scams. Here’s how IT pros in Australia can and should address the current regulatory environment.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
The Last Watchdog
AUGUST 8, 2023
LAS VEGAS — Shadow IT and BYOD security exposures have long bedeviled businesses – ever since the iPhone and Dropbox first came on the scene. Covid 19 only intensified the problem of how to securely manage the personally owned devices and unvetted apps employees gravitate to. At Black Hat USA 2023 , taking place here this week, suppliers of unified endpoint management ( UEM ) solutions collectively will lay out a roadmap for resolving Shadow IT and BYOD once and for all.
Tech Republic Security
AUGUST 8, 2023
Microsoft is also working on creating guidelines for red teams working on making sure generative AI is both secure and responsible.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Tech Republic Security
AUGUST 8, 2023
The EU General Data Protection Regulation is a comprehensive set of rules designed to keep the personal data of all EU citizens collected by any organization, enterprise or business safe from unauthorized access or use. The GDPR went into effect on May 25, 2018, and the provisions in the law greatly affected the manner in.
The Last Watchdog
AUGUST 8, 2023
San Francisco, Calif., Aug. 8, 2023 – Picus Security , the pioneer of Breach and Attack Simulation (BAS) technology, has released The Blue Report 2023. Based on an analysis of more than 14 million cyber attacks simulated by The Picus Platform*, the report highlights four “impossible trade-offs” limiting modern security teams’ ability to manage their organization’s threat exposure.
Malwarebytes
AUGUST 8, 2023
Detroit law enforcement wrongly arrested a 32 year old woman for a robbery and carjacking she did not commit. She was detained for 11 hours and had her phone taken as evidence before finally being allowed to leave. The reason for the false arrest is down to a facial recognition error, the kind that privacy and civil liberty organisations have been warning about for some time now.
The Last Watchdog
AUGUST 8, 2023
Lehi, Utah, Aug. 8, 2023 – DigiCert today announced the expansion of its certificate management platform, DigiCert Trust Lifecycle Manager, to provide full lifecycle support for multiple CAs including Microsoft CA and AWS Private CA, as well as integration with ServiceNow to support existing IT service workflows. DigiCert Trust Lifecycle Manager additionally supports enrollment to a broad range of Microsoft and AWS technologies, providing organizations a unified approach to managing public
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Security Affairs
AUGUST 8, 2023
The LockBit ransomware group threatens to leak medical data of cancer patients stolen from Varian Medical Systems. The LockBit ransomware group claims to have hacked the healthcare company Varian Medical Systems and threatens to leak the medical data of cancer patients. Varian Medical Systems, Inc. designs, manufactures, sells, and services medical devices and software products for treating cancer and other medical conditions worldwide.
The Hacker News
AUGUST 8, 2023
Introduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning and enforcing security policies for all network endpoints. With it, users can access various resources across networks.
Security Affairs
AUGUST 8, 2023
Microsoft Patch Tuesday security updates for August 2023 addressed 74 vulnerabilities, including two actively exploited flaws. Microsoft Patch Tuesday security updates for August 2023 addressed 74 new vulnerabilities in multiple products including Windows and Windows Components; Edge (Chromium-Based); Exchange Server; Office and Office Components; NET and Visual Studio; ASP.NET; Azure DevOps and HDInsights; Teams; and Windows Defender.
The Hacker News
AUGUST 8, 2023
Microsoft has patched a total of 74 flaws in its software as part of the company's Patch Tuesday updates for August 2023, down from the voluminous 132 vulnerabilities the company fixed last month. This comprises six Critical and 67 Important security vulnerabilities.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Bleeping Computer
AUGUST 8, 2023
Today is Microsoft's August 2023 Patch Tuesday, with security updates for 87 flaws, including two actively exploited and twenty-three remote code execution vulnerabilities. [.
Security Affairs
AUGUST 8, 2023
The UK Electoral Commission suffered a data breach that exposed voters’ personal information between 2014 and 2022. The UK Electoral Commission disclosed a data breach that exposed the personal information of voters in the United Kingdom between 2014 and 2022. The Commission notified the Information Commissioner’s Office. “Today we announced that we have been the subject of a complex cyber-attack, and our systems were accessed by hostile actors.” reads the announcement publishe
Heimadal Security
AUGUST 8, 2023
A large healthcare network operating across multiple states recently experienced widespread network disruptions due to a cyberattack, confirmed by the FBI to be a ransomware incident. Prospect Medical Holdings, which oversees 16 hospitals spanning California, Connecticut, Pennsylvania, and Rhode Island, alongside a network encompassing 166 outpatient clinics and centers, has encountered widespread issues across its […] The post The FBI Is Investigating a Ransomware Attack that Disrupted Ho
The Hacker News
AUGUST 8, 2023
Cybersecurity researchers have discovered a set of 11 living-off-the-land binaries-and-scripts (LOLBAS) that could be maliciously abused by threat actors to conduct post-exploitation activities. "LOLBAS is an attack method that uses binaries and scripts that are already part of the system for malicious purposes," Pentera security researcher Nir Chako said.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Heimadal Security
AUGUST 8, 2023
Heimdal® returns with yet another update from the patching and vulnerability management front. So far, Microsoft has slated for release 12 security and non-security improvements, touching upon the Edge browser. Without further ado, here’s what Patch Tuesday August has in stock for us. Enjoy and don’t forget to hit the newsletter subscribe button for goodies. […] The post Patch Tuesday August 2023 – Microsoft Releases 12 Security Patches for Chromium-based Edge Browser appeared first on Hei
SecureWorld News
AUGUST 8, 2023
Vulnerabilities within computer processors can send ripples of concern through the tech industry and beyond. The recent discovery of the "Downfall" vulnerability, which affects a range of Intel central processing units (CPUs), has once again raised questions about the delicate balance between performance enhancements and data security. This vulnerability, discovered by Google research scientist Daniel Moghimi , threatens to expose encryption keys, passwords, private messages, and more from billi
Heimadal Security
AUGUST 8, 2023
A team of researchers has introduced an innovative approach referred to as a “deep learning-based acoustic side-channel attack,” designed to accurately classify laptop keystrokes recorded using a nearby smartphone, achieving an impressive 95% accuracy rate. In a recent study published last week, the team comprising Joshua Harrison, Ehsan Toreini, and Maryam Mehrnezhad shared that through […] The post New Deep Learning Model Decodes Keyboard Sounds with 95% Accuracy appeared fir
eSecurity Planet
AUGUST 8, 2023
SandboxAQ today introduced an open-source cryptography management framework built for the post-quantum era. The AI and quantum spin-out from Alphabet uses the Sandwich framework for the Cryptoservice module in its SandboxAQ Security Suite, currently used by several U.S. government agencies, global banks, telcos, and tech companies. The framework is designed to simplify cryptography management and give developers greater observability and control. “Modern cryptography management and cryptog
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Security Boulevard
AUGUST 8, 2023
The post Patch Tuesday Update - August 2023 appeared first on Digital Defense. The post Patch Tuesday Update – August 2023 appeared first on Security Boulevard.
Bleeping Computer
AUGUST 8, 2023
Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks. [.
Security Boulevard
AUGUST 8, 2023
via the respected Software Engineering expertise of Mikkel Noe-Nygaard as well as the lauded Software Engineering and Enterprise Agile Coaching talent of Luxshan Ratnara v at Comic Agilé ! Permalink The post Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnarav – #254 – The Psychological Safety Self-Assessment appeared first on Security Boulevard.
The Hacker News
AUGUST 8, 2023
The U.K. Electoral Commission on Tuesday disclosed a "complex" cyber attack on its systems that went undetected for over a year, allowing the threat actors to access years worth of voter data belonging to 40 million people. "The incident was identified in October 2022 after suspicious activity was detected on our systems," the regulator said.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Boulevard
AUGUST 8, 2023
Today is a big day at Seceon. We announced we acquired Helixera, an innovative real-time pattern scanning engine. We also hired its founder Waldek Mikolajczyk as VP of Cybersecurity Solutions Architecture. The post Big News! Seceon Acquires Helixera, Hires Founder as VP of Cybersecurity Solutions Architecture appeared first on Seceon. The post Big News!
The Hacker News
AUGUST 8, 2023
Google has introduced a new security feature in Android 14 that allows IT administrators to disable support for 2G cellular networks in their managed device fleet. The search giant said it's introducing a second user setting to turn off support, at the model level, for null-ciphered cellular connections.
Malwarebytes
AUGUST 8, 2023
Cloudflare Tunnel provides you with a secure way to connect your resources to Cloudflare without a publicly routable IP address. Cybercriminals are increasingly using this service to keep their activities from being detected. Cloudflare Tunnel, also known by its executable name, Cloudflared, reaches out to the Cloudflare Edge Servers by creating an outbound connection over HTTPS(HTTP2/QUIC), where the tunnel’s controller makes services or private networks accessible via Cloudflare console
SecureBlitz
AUGUST 8, 2023
In this post, I will show you how to remove your personal information from the Internet. In today's digital age, safeguarding your personal information online is more important than ever. With the prevalence of cybercrime and data breaches, it's crucial to take steps to remove your personal information from the internet. However, the process can […] The post How To Remove Your Personal Information From The Internet appeared first on SecureBlitz Cybersecurity.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
240 
Let's personalize your content