The Last Watchdog

AUGUST 8, 2023

Palo Alto, Calif., Aug. 8, 2023 – SandboxAQ today announced Sandwich, an open source framework and meta-library of cryptographic algorithms that simplifies modern cryptography management. With an intuitive, unified API, Sandwich empowers developers to embed the cryptographic algorithms of their choice directly into their applications and to change them as technologies and threats evolve – without rewriting code.

Encryption 188

Encryption Telecommunications Government Technology 188

Anton on Security

AUGUST 8, 2023

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our seventh Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blogs for #2 , #3 , #4 , #5 and #6 ). My favorite quotes from the report follow below: Src: Google Cloud Threat Horizons #7 “Credential issues continue to be a consistent challenge, accounting for over 60% of compromise factors” [A.C. — again, file und

Cybersecurity 130

Cybersecurity Accountability Mobile Ransomware 130

The Last Watchdog

AUGUST 8, 2023

LAS VEGAS — Shadow IT and BYOD security exposures have long bedeviled businesses – ever since the iPhone and Dropbox first came on the scene. Covid 19 only intensified the problem of how to securely manage the personally owned devices and unvetted apps employees gravitate to. At Black Hat USA 2023 , taking place here this week, suppliers of unified endpoint management ( UEM ) solutions collectively will lay out a roadmap for resolving Shadow IT and BYOD once and for all.

Mobile 186

Mobile Internet Internet Technology 186

Tech Republic Security

AUGUST 8, 2023

The ACCC has given the green light for cross-banking collaboration to address scams. Here’s how IT pros in Australia can and should address the current regulatory environment.

Banking 139

Banking Scams Big data Government 139

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

The Last Watchdog

AUGUST 8, 2023

San Francisco, Calif., Aug. 8, 2023 – Picus Security , the pioneer of Breach and Attack Simulation (BAS) technology, has released The Blue Report 2023. Based on an analysis of more than 14 million cyber attacks simulated by The Picus Platform*, the report highlights four “impossible trade-offs” limiting modern security teams’ ability to manage their organization’s threat exposure.

Malware 100

Malware Healthcare Firewall Risk 100

Tech Republic Security

AUGUST 8, 2023

Microsoft is also working on creating guidelines for red teams working on making sure generative AI is both secure and responsible.

Artificial Intelligence 133

Artificial Intelligence Software Network Security 133

Tech Republic Security

AUGUST 8, 2023

The EU General Data Protection Regulation is a comprehensive set of rules designed to keep the personal data of all EU citizens collected by any organization, enterprise or business safe from unauthorized access or use. The GDPR went into effect on May 25, 2018, and the provisions in the law greatly affected the manner in.

97

97

Bleeping Computer

AUGUST 8, 2023

Today is Microsoft's August 2023 Patch Tuesday, with security updates for 87 flaws, including two actively exploited and twenty-three remote code execution vulnerabilities. [.

98

98

Malwarebytes

AUGUST 8, 2023

Detroit law enforcement wrongly arrested a 32 year old woman for a robbery and carjacking she did not commit. She was detained for 11 hours and had her phone taken as evidence before finally being allowed to leave. The reason for the false arrest is down to a facial recognition error, the kind that privacy and civil liberty organisations have been warning about for some time now.

Surveillance 98

Surveillance Technology Risk Cybersecurity 98

Bleeping Computer

AUGUST 8, 2023

Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks. [.

98

98

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

The Hacker News

AUGUST 8, 2023

Introduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning and enforcing security policies for all network endpoints. With it, users can access various resources across networks.

98

98

Security Boulevard

AUGUST 8, 2023

via the respected Software Engineering expertise of Mikkel Noe-Nygaard as well as the lauded Software Engineering and Enterprise Agile Coaching talent of Luxshan Ratnara v at Comic Agilé ! Permalink The post Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnarav – #254 – The Psychological Safety Self-Assessment appeared first on Security Boulevard.

Engineering 98

Engineering Software 98

The Hacker News

AUGUST 8, 2023

Microsoft has patched a total of 74 flaws in its software as part of the company's Patch Tuesday updates for August 2023, down from the voluminous 132 vulnerabilities the company fixed last month. This comprises six Critical and 67 Important security vulnerabilities.

Software 98

Software 98

Security Boulevard

AUGUST 8, 2023

Today is a big day at Seceon. We announced we acquired Helixera, an innovative real-time pattern scanning engine. We also hired its founder Waldek Mikolajczyk as VP of Cybersecurity Solutions Architecture. The post Big News! Seceon Acquires Helixera, Hires Founder as VP of Cybersecurity Solutions Architecture appeared first on Seceon. The post Big News!

Architecture 98

Architecture Cybersecurity Engineering Ransomware 98

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Appknox

AUGUST 8, 2023

In a world where software tools are spawning businesses each day, and cyberattacks and threats are increasing rapidly, ensuring the clarity and security of these tools has become a top priority.

Software 97

Software 97

Security Boulevard

AUGUST 8, 2023

There’s a reason the automotive industry only tests vehicles once they are functionally complete — because it's the only way they can truly trust their product is going to perform as intended. Sure, the teams behind the individual parts that make up a functioning car test the individual components. But before any cars arrive on a dealer's lot, the entire vehicle is crash-tested.

Software 97

Software 97

eSecurity Planet

AUGUST 8, 2023

SandboxAQ today introduced an open-source cryptography management framework built for the post-quantum era. The AI and quantum spin-out from Alphabet uses the Sandwich framework for the Cryptoservice module in its SandboxAQ Security Suite, currently used by several U.S. government agencies, global banks, telcos, and tech companies. The framework is designed to simplify cryptography management and give developers greater observability and control. “Modern cryptography management and cryptog

Encryption 98

Encryption Cybersecurity Security Defenses Banking 98

Security Boulevard

AUGUST 8, 2023

The post Patch Tuesday Update - August 2023 appeared first on Digital Defense. The post Patch Tuesday Update – August 2023 appeared first on Security Boulevard.

98

98

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Affairs

AUGUST 8, 2023

The LockBit ransomware group threatens to leak medical data of cancer patients stolen from Varian Medical Systems. The LockBit ransomware group claims to have hacked the healthcare company Varian Medical Systems and threatens to leak the medical data of cancer patients. Varian Medical Systems, Inc. designs, manufactures, sells, and services medical devices and software products for treating cancer and other medical conditions worldwide.

Ransomware 93

Ransomware Healthcare Manufacturing IoT 93

Security Boulevard

AUGUST 8, 2023

Prioritizing cyber insurance in a comprehensive information security program is a relatively new concept and navigating the process can be confusing. Even insurance companies sometimes have a hard time keeping up with the changing landscape. But this confusion offers MSPs an opportunity to step in as allies, not only setting their clients up for success but also providing continuous monitoring to meet the ever-changing requirements of insurance carriers.

Cyber Insurance 94

Cyber Insurance Insurance Information Security Cybersecurity 94

The Hacker News

AUGUST 8, 2023

Cybersecurity researchers have discovered a set of 11 living-off-the-land binaries-and-scripts (LOLBAS) that could be maliciously abused by threat actors to conduct post-exploitation activities. "LOLBAS is an attack method that uses binaries and scripts that are already part of the system for malicious purposes," Pentera security researcher Nir Chako said.

Cybersecurity 92

Cybersecurity 92

Security Affairs

AUGUST 8, 2023

Microsoft Patch Tuesday security updates for August 2023 addressed 74 vulnerabilities, including two actively exploited flaws. Microsoft Patch Tuesday security updates for August 2023 addressed 74 new vulnerabilities in multiple products including Windows and Windows Components; Edge (Chromium-Based); Exchange Server; Office and Office Components; NET and Visual Studio; ASP.NET; Azure DevOps and HDInsights; Teams; and Windows Defender.

Phishing 92

Phishing Cybercrime Hacking Government 92

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Security Boulevard

AUGUST 8, 2023

It’s well-established : Triple-DES is a feeble encryption algorithm. The post OWASP’s CycloneDX SBOM | Contrast Security appeared first on Security Boulevard.

Encryption 95

Encryption 95

Bleeping Computer

AUGUST 8, 2023

Microsoft's Visual Studio Code (VS Code) code editor and development environment contains a flaw that allows malicious extensions to retrieve authentication tokens stored in Windows, Linux, and macOS credential managers. [.

Passwords 89

Passwords Authentication 89

The Hacker News

AUGUST 8, 2023

The U.K. Electoral Commission on Tuesday disclosed a "complex" cyber attack on its systems that went undetected for over a year, allowing the threat actors to access years worth of voter data belonging to 40 million people. "The incident was identified in October 2022 after suspicious activity was detected on our systems," the regulator said.

Cyber Attacks 87

Cyber Attacks 87

Malwarebytes

AUGUST 8, 2023

A mobile app designed to let people spy on others will shortly be going out of business after a server breach and mass deletion incident. The app, LetMeSpy, sits silently and invisibly on a phone and collects call logs, location data, and even text messages. This kind of program is commonly referred to as stalkerware. As the name suggests, people aren’t doing anything good with this kind of software.

Mobile 85

Mobile Spyware Antivirus Passwords 85

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

The Hacker News

AUGUST 8, 2023

Google has introduced a new security feature in Android 14 that allows IT administrators to disable support for 2G cellular networks in their managed device fleet. The search giant said it's introducing a second user setting to turn off support, at the model level, for null-ciphered cellular connections.

86

86

Heimadal Security

AUGUST 8, 2023

A large healthcare network operating across multiple states recently experienced widespread network disruptions due to a cyberattack, confirmed by the FBI to be a ransomware incident. Prospect Medical Holdings, which oversees 16 hospitals spanning California, Connecticut, Pennsylvania, and Rhode Island, alongside a network encompassing 166 outpatient clinics and centers, has encountered widespread issues across its […] The post The FBI Is Investigating a Ransomware Attack that Disrupted Ho

Ransomware 84

Ransomware Healthcare Cybersecurity 84

The Hacker News

AUGUST 8, 2023

An unknown threat actor is using a variant of the Yashma ransomware to target various entities in English-speaking countries, Bulgaria, China, and Vietnam at least since June 4, 2023. Cisco Talos, in a new write-up, attributed the operation with moderate confidence to an adversary of likely Vietnamese origin.

Ransomware 84

Ransomware 84

Bleeping Computer

AUGUST 8, 2023

Google has announced new cellular security features for its upcoming Android 14, expected later this month, that aim to protect business data and communications. [.

Mobile 86

Mobile 86

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.