Schneier on Security
SEPTEMBER 2, 2020
Greg Priore, the person in charge of the rare book room at the Carnegie Library, stole from it for almost two decades before getting caught. It's a perennial problem: trusted insiders have to be trusted.
Tech Republic Security
SEPTEMBER 2, 2020
Instead of trying to remember a long and complex password, try switching to passphrases. Learn why they're important and how they work.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
SEPTEMBER 2, 2020
Hackers actively exploiting a critical remote code execution vulnerability in the File Manager plugin, over 300,000 WordPress sites potentially exposed. Hackers are actively exploiting a critical remote code execution vulnerability in the File Manager WordPress plugin that could be exploited by unauthenticated attackers to upload scripts and execute arbitrary code on WordPress sites running vulnerable versions of the plugin.
Tech Republic Security
SEPTEMBER 2, 2020
A new study found that email phishing attacks have become more successful during the COVID-19 pandemic.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Security Affairs
SEPTEMBER 2, 2020
Experts warn of the KryptoCibule Windows malware that has been active since late 2018 and has targeted users in the Czech Republic and Slovakia. Security researchers from ESET have shared technical detailts of a new piece of Windows malware tracked as KryptoCibule. The malware has been active since at least December 2018, it targets cryptocurrency users as a triple threat.
Tech Republic Security
SEPTEMBER 2, 2020
The findings of a new report validate the correlation between poor network hygiene and the prevalence of wider security issues in the digital supply chain.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Tech Republic Security
SEPTEMBER 2, 2020
Learn how you can enable the new Nextcloud end-to-end encryption.
Dark Reading
SEPTEMBER 2, 2020
From COVID-19 treatment to academic studies, keeping research secure is more important than ever. The ResearchSOC at Indiana University intends to help.
Tech Republic Security
SEPTEMBER 2, 2020
Insider threats can be difficult to combat and manage due to budgetary limits, lack of staff, and insufficient tools, says Bitglass.
Dark Reading
SEPTEMBER 2, 2020
School systems don't seem like attractive targets, but they house lots of sensitive data, such as contact information, grades, health records, and more.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
SecureWorld News
SEPTEMBER 2, 2020
There is an interesting legal twist coming to us now in a lawsuit filed following a 2020 ransomware attack. An attack where hackers exfiltrated data from the company and then the cybercriminals threatened to publish it. The class action lawsuit is going after Blackbaud, which provides marketing and fundraising software in the cloud, used by thousands of charities, universities and healthcare organizations in North America and Europe.
Dark Reading
SEPTEMBER 2, 2020
By following best practices and prioritizing critical issues, you can reduce the chances of a security breach and constrain the blast radius of an attempted attack. Here's how.
Security Affairs
SEPTEMBER 2, 2020
Researchers observed a new tactic adopted by Magecart groups, the hackers used Telegram to exfiltrate stolen payment details from compromised websites. Researchers from Malwarebytes reported that Magecart groups are using the encrypted messaging service Telegram to exfiltrate stolen payment details from compromised websites. Attackers encrypt payment data to make identification more difficult before transferring it via Telegram’s API into a chat channel. “For threat actors, this data exfil
CTOVision Cybersecurity
SEPTEMBER 2, 2020
Cybersecurity has shot to the top of business agendas in recent months, as the sudden shift of workforces from the office to the home highlighted a host of new threats […].
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Trend Micro
SEPTEMBER 2, 2020
Many phishing pages are hosted on websites with spoofed domains or pages created through website builders. But recently, creating phishing pages has become easier through the use of forms — tools that can be configured within only a few minutes.
Threatpost
SEPTEMBER 2, 2020
Multiple flaws in system software that causes errors in packet handling could allow an attacker to consume memory and crash devices.
Trend Micro
SEPTEMBER 2, 2020
Email is the number one threat vector. A great email security solution can block the majority of threats, but no product can catch a hundred percent of email scams. This means that humans are our last line of defense.
Threatpost
SEPTEMBER 2, 2020
The RAT has been distributed in various campaigns over the past six months, targeting both European officials and Tibetan dissidents.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Dark Reading
SEPTEMBER 2, 2020
The largest online companies, such as Apple and PayPal, and banks are being targeted by cybersquatters, who are also taking advantage of the pandemic, a study finds.
Threatpost
SEPTEMBER 2, 2020
U.S. agencies must implement vulnerability-disclosure policies by March 2021, according to a new CISA mandate.
Dark Reading
SEPTEMBER 2, 2020
The US Department of Homeland Security teams up with Akamai and the Center for Internet Security to provide state and local governments with cybersecurity through DNS for free.
Threatpost
SEPTEMBER 2, 2020
The six malicious apps have been removed from Google Play, but could still threaten 200,000 installs.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Dark Reading
SEPTEMBER 2, 2020
One person's exit can set off a chain of costly events.
Threatpost
SEPTEMBER 2, 2020
Next week, Senior Analyst Dave Gruber of ESG will join cybersecurity company Cynet for a webinar to help companies better understand the promise and realities of emerging XDR technologies.
Dark Reading
SEPTEMBER 2, 2020
The Russia-backed Internet Research Agency has returned with new strategies to sway voters ahead of the 2020 presidential election.
Security Affairs
SEPTEMBER 2, 2020
Researchers discovered multiple vulnerabilities in the MAGMI Magento plugin that could lead to remote code execution on a vulnerable Magento site. Tenable published a research advisory for two vulnerabilities impacting the Magento Mass Import (MAGMI) plugin. The flaws were discovered by Enguerran Gillier of the Tenable Web Application Security Team.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Dark Reading
SEPTEMBER 2, 2020
Manufacturers need to invest more effort into protecting root-level access to connected devices, security researcher says.
Threatpost
SEPTEMBER 2, 2020
That number represents a big uptick over Q1.
Security Affairs
SEPTEMBER 2, 2020
Cisco addressed a critical remote code execution vulnerability affecting multiple versions of its Cisco Jabber for Windows operating system. Cisco has addressed a critical severity remote code execution flaw, tracked as CVE-2020-3495 , that affects multiple versions of Cisco Jabber for Windows. Cisco Jabber for Windows is a desktop collaboration client that integrates users with presence, audion, video and web conferencing, instant messaging (IM), cloud messaging, and desktop sharing.
Dark Reading
SEPTEMBER 2, 2020
One person's exit can set off a chain of costly events.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
331 
Let's personalize your content