Sun.Dec 05, 2021

article thumbnail

Cybersecurity Team Lessons from Football Game Defeats

Lohrman on Security

Underestimating, or not properly preparing for, adversaries can lead to big trouble — in both football and cybersecurity. So what can cyber teams learn from “The Game”?

article thumbnail

CyberSecurity and Artificial Intelligence: Q&A with Joseph Steinberg

Joseph Steinberg

Innovating Canada recently published a short interview with cybersecurity expert Joseph Steinberg about emerging cybersecurity issues that are not yet getting sufficient mainstream attention. In the discussion, Steinberg focused primarily on artificial intelligence (AI), and noted that whatever attention the intersection of cybersecurity and artificial intelligence is receiving in the media is woefully insufficient relative to the magnitude of the issues that the combination raises.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Convincing Microsoft phishing uses fake Office 365 spam alerts

Bleeping Computer

A persuasive and ongoing series of phishing attacks are using fake Office 365 notifications asking the recipients to review blocked spam messages, with the end goal of stealing their Microsoft credentials. [.].

Phishing 145
article thumbnail

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Security Affairs

Researchers discovered a total of 226 potential security vulnerabilities in nine Wi-Fi popular routers from known manufacturers. Security researchers and editors with the German IT magazine CHIP have discovered 226 potential security defects in nine Wi-Fi routers from known manufacturers (Asus, AVM, D-Link, Netgear, Edimax, TP-Link, Synology, and Linksys).

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Google AI research resisting lady sets up new AI Institute

CyberSecurity Insiders

Timnit Gebru, a former AI researcher of Google, has announced that she has set up a new research institute that will counter misuse influence and control of multinational tech companies in research, development and implementation of Artificial Intelligence technology. Ms. Gebru who was fired by the Alphabet Inc’s business subsidiary for emailing concern against Google’s commitment in AI related R&D has named her institute as the Distributed Artificial Intelligence Research Institute (DAIR) a

article thumbnail

Malicious Excel XLL add-ins push RedLine password-stealing malware

Bleeping Computer

Cybercriminals are spamming website contact forms and discussion forums to distribute Excel XLL files that download and install the RedLine password and information-stealing malware. [.].

Passwords 145

More Trending

article thumbnail

German BSI agency warns of ransomware attacks over Christmas holidays

Security Affairs

German BSI warns of ransomware attacks over the Christmas and end-of-year holidays, fearing Emotet return and attacks on Microsoft Exchange servers. The German cybersecurity authority BSI warns of ransomware attacks over the Christmas holidays, fearing the return of the Emotet botnet return. During this period offices are often closed and employees are at home, for this reason, their organizations are more exposed to ransomware attacks.

article thumbnail

Definitive Guide to Modern Brand Protection

Security Boulevard

AI, computer vision, and natural language processing are revolutionizing modern brand protection. The post Definitive Guide to Modern Brand Protection appeared first on Security Boulevard.

Phishing 110
article thumbnail

Cybersecurity Requirements Under PDPIR, PDPL and ECC in Saudi Arabia in 2022

ImmuniWeb

The new Personal Data Protection Law (PDPL) expands cybersecurity duties imposed under the Personal Data Protection Interim Regulations (PDPIR) and the Essential Cybersecurity Controls (ECC).

article thumbnail

The New “Attack Surface” – Securing the Business Beyond Conventional Boundaries

Security Boulevard

In 2020, just under half the UK workforce worked from home at least some of the time, according to the Office of National Statistics. In the United States, a survey by Upwork found that over a quarter of professionals expect to work fully remotely within the next five years. Working from home has been propelled […]… Read More. The post The New “Attack Surface” – Securing the Business Beyond Conventional Boundaries appeared first on The State of Security.

CISO 105
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Magnat malvertising campaigns spreads malicious Chrome extensions, backdoors and info stealers

Security Affairs

Experts spotted a series of malvertising campaigns using fake installers of popular apps and games to deliver a backdoor and a malicious Chrome extension. Talos researchers spotted a series of malvertising campaigns using fake installers of popular apps and games as a lure to trick users into downloading a new backdoor and an undocumented malicious Google Chrome extension.

article thumbnail

New Twitter phishing campaign targets verified accounts

Bleeping Computer

A new phishing campaign has been targeting verified Twitter accounts, as seen by BleepingComputer. The phishing campaign follows Twitter's recent removal of the checkmark from a number of verified accounts, citing that these were ineligible for the legendary status, and verified in error. [.].

Phishing 108
article thumbnail

BSidesKC 2021 – Hudson Bush’s ‘The Big Picture: Building A Security Program From The Ground Up In 365 Days’

Security Boulevard

Our thanks to BSidesKC for publishing their outstanding BSidesKC 2021 videos on the Conferences’ YouTube channel. Permalink. The post BSidesKC 2021 – Hudson Bush’s ‘The Big Picture: Building A Security Program From The Ground Up In 365 Days’ appeared first on Security Boulevard.

article thumbnail

As Twitter removes blue badges for many, phishing targets verified accounts

Bleeping Computer

A new phishing campaign has been targeting verified Twitter accounts, as seen by BleepingComputer. The phishing campaign follows Twitter's recent removal of the checkmark from a number of verified accounts, citing that these were ineligible for the legendary status, and verified in error. [.].

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Easy Hacks on Telephone Entry Systems

Security Boulevard

Blast from the past. Here’s my Channel 2600 recording from the Next HOPE (2010): Telephone entry systems are practically everywhere in the city. An investigation after a series of break-ins uncovered several shockingly simple bypass techniques currently used by criminals. This presentation explains how the common keypad box will grant full access to a building … Continue reading Easy Hacks on Telephone Entry Systems ?.

Hacking 58
article thumbnail

Security Affairs newsletter Round 343

Security Affairs

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users German BSI agency warns of ransomware attacks over Christmas holidays Cuba ransomware gang hacked 49 US critical infrastructure organizations CISA warns of vulnerabilities

Spyware 87
article thumbnail

XKCD ‘Webb’

Security Boulevard

via the comic artistry and dry wit of Randall Munroe , resident at XKCD ! Permalink. The post XKCD ‘Webb’ appeared first on Security Boulevard.

58
article thumbnail

BSidesKC 2021 – David Evenden’s ‘Emulating The Adversary While Training The Defenders: Purple Teaming With MITRE ATT&CK’

Security Boulevard

Our thanks to BSidesKC for publishing their outstanding BSidesKC 2021 videos on the Conferences’ YouTube channel. Permalink. The post BSidesKC 2021 – David Evenden’s ‘Emulating The Adversary While Training The Defenders: Purple Teaming With MITRE ATT&CK’ appeared first on Security Boulevard.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Is TikTok Listening to You, Apple Warns Activists, UK Government Website Shows Porn

Security Boulevard

Is the TikTok app listening to you and playing videos based on your conversations? Apple takes the unique step of warning certain activists that their phones may be targeted by attackers, and details on how a UK government website was serving porn to its visitors. ** Links mentioned on the show ** Is TikTok listening […]. The post Is TikTok Listening to You, Apple Warns Activists, UK Government Website Shows Porn appeared first on The Shared Security Show.