Troy Hunt
FEBRUARY 19, 2022
A super quick intro this week as I take a bit of time out before a hectic week. It's hotel room quality audio this week, but that's a temporary state before I'm back home next week. I hope you entry week 283, so much FUD to debunk on website identity verification. References I took issues - lots of issues - with DigiCert's guidance around ho to verify website identity (with the EV cash cow dead, it's desperate times.
Security Affairs
FEBRUARY 19, 2022
The U.S. CISA has created a list of free cybersecurity tools and services that can help organizations increase their resilience. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced this week that it has compiled a list of free cybersecurity tools and services that can help organizations to reduce cybersecurity risk and increase resilience.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Malwarebytes
FEBRUARY 19, 2022
US Senators Richard Blumenthal of Connecticut and Marsha Blackburn of Tennessee have introduced the Kids Online Safety Act (KOSA), legislation that aims to enhance children’s safety online. This follows the The Wall Street Journal (WSJ)’s reporting on the harm Instagram can inflict on teens , which was based on controversial Facebook documents that whistleblower Frances Haugen leaked to the WSJ, and coupled with multiple hearings with social media companies about their failures to pr
The Hacker News
FEBRUARY 19, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday published a repository of free tools and services to enable organizations to mitigate, detect, and respond effectively to malicious attacks and further improve their security posture.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Bleeping Computer
FEBRUARY 19, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a list of free cybersecurity services and tools to help organizations increase their security capabilities and better defend against cyberattacks. [.].
The Hacker News
FEBRUARY 19, 2022
Researchers have detailed what they call the "first successful attempt" at decrypting data infected with Hive ransomware without relying on the private key used to lock access to the content.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Boulevard
FEBRUARY 19, 2022
Many thanks to BSidesAugusta for publishing their outstanding videos from the BSidesAugusta 2021 Conference on the organization’s YouTube channel. Permalink. The post BSidesAugusta 2021 – Matt Graeber’s ‘Confidently Measuring Attack Technique Coverage By Asking Better Questions’ appeared first on Security Boulevard.
The Hacker News
FEBRUARY 19, 2022
The U.S. Department of Justice (DoJ) earlier this week appointed Eun Young Choi to serve as the first Director of the National Cryptocurrency Enforcement Team (NCET) it established last year.
Security Boulevard
FEBRUARY 19, 2022
via the Comic Noggins of Nitrozac and Snaggy at The Joy of Tech® ! Permalink. The post Joy Of Tech® ‘Reasons To Quit Meta’ appeared first on Security Boulevard.
Graham Cluley
FEBRUARY 19, 2022
Graham Cluley Security News is sponsored this week by the folks at Teleport. Thanks to the great team there for their support! You’re woken up at 3 am, only to discover your worst nightmare. The new intern just deleted the production database during routine maintenance by accident. You quickly restore from a backup. During the … Continue reading "“Who dropped the DB?
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Security Affairs
FEBRUARY 19, 2022
WordPress forces the update of the UpdraftPlus plugin patch on 3 million sites to fix a high-severity vulnerability. WordPress has forced the update of the UpdraftPlus plugin around three million sites to address a high-severity vulnerability, tracked as CVE-2022-0633 (CVSS v3.1 score of 8.5) that can allow website subscribers to download the latest database backups, which could potentially contain sensitive data. “The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22
The Hacker News
FEBRUARY 19, 2022
Patches have been issued to contain a "severe" security vulnerability in UpdraftPlus, a WordPress plugin with over three million installations, that can be weaponized to download the site's private data using an account on the vulnerable sites.
Bleeping Computer
FEBRUARY 19, 2022
Microsoft has finally started testing a new version of Task Manager with users in the Windows Insider Program. [.].
Security Boulevard
FEBRUARY 19, 2022
Many thanks to BSidesAugusta for publishing their outstanding videos from the BSidesAugusta 2021 Conference on the organization’s YouTube channel. Permalink. The post BSidesAugusta 2021 – Alberto Rodriguez’ ‘Pwning Zee Cloud: Microsoft Edition’ appeared first on Security Boulevard.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
WIRED Threat Level
FEBRUARY 19, 2022
The mandatory patch addressed a critical vulnerability in a widely used plugin that allowed untrusted visitors to download a website's backups.
Security Boulevard
FEBRUARY 19, 2022
Many thanks to BSidesAugusta for publishing their outstanding videos from the BSidesAugusta 2021 Conference on the organization’s YouTube channel. Permalink. The post BSidesAugusta 2021 – Chris Farris’ ‘The Cloud Is Dark And Full Of Terrors’ appeared first on Security Boulevard.
WIRED Threat Level
FEBRUARY 19, 2022
Plus: A crypto crime crackdown, Roblox ripoffs, and more of the week’s top security news.
Security Affairs
FEBRUARY 19, 2022
The White House has linked the recent DDoS attacks against Ukraine ‘s banks and defense agencies to Russia’s GRU. The White House has linked the recent DDoS attacks that took offline the sites of banks and defense agencies of Ukraine to Russia’s Main Directorate of the General Staff of the Armed Forces (aka GRU). This week, the Ministry of Defense and the Armed Forces of Ukraine and state-owned banks, Privatbank (Ukraine’s largest bank) and Oschadbank were hit by Distributed De
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Tech Republic Security
FEBRUARY 19, 2022
Single-cloud environments are said to be redundant. One expert disagrees and explains why. The post Why multicloud environments can help improve security and redundancy appeared first on TechRepublic.
Expert insights. Personalized for you.
218 
Let's personalize your content