Sun.May 02, 2021

article thumbnail

Email Security, Working from Home and World Password Day

Lohrman on Security

What is the future of passwords? More urgently, how are you doing with using (or reusing) passwords now? Here are some helpful tips ahead of World Password Day on May 6.

Passwords 224
article thumbnail

Shlayer Strikes Again Through Zero-Day in MacOS 11.3

Security Boulevard

Apple this week revealed that its new macOS 11.3 update comes with a fix for a critical vulnerability – one that hackers actively exploited with Shlayer malware that can sidestep Apple defenses. The zero-day flaw, first discovered in March but likely in use by hackers since Jan. 9, allows unapproved software to run on Mac. The post Shlayer Strikes Again Through Zero-Day in MacOS 11.3 appeared first on Security Boulevard.

Malware 144
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cloud hosting provider Swiss Cloud suffered a ransomware attack

Security Affairs

Swiss cloud hosting provider Swiss Cloud has suffered a ransomware attack that seriously impacted its server infrastructure. On April 27 the Swiss cloud hosting provider was hit by a ransomware attack that brought down the company’s server infrastructure. The company is currently working to restore operations from its backups with the help of experts from HPE and Microsoft. “After the cyber attack on April 27, work is proceeding to clean up the systems and restore normal operations at swis

article thumbnail

Closer look at the new Windows 10 features tested in preview builds

Bleeping Computer

The next feature update "Windows 10 May 2021 Update" is going to be a minor service pack style-like release with quality improvements and bug fixes. While the next update is all about improvements, preview builds and reports have suggested that Windows 10 version 21H2 is going to be a big release with something new for everyone. [.].

Software 120
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Hacking a Tesla Model X with a DJI Mavic 2 drone equipped with a WIFI dongle

Security Affairs

A security duo has demonstrated how to hack a Tesla Model X’s and open the doors using a DJI Mavic 2 drone equipped with a WIFI dongle. The scenario is disconcerting, hackers could use a drone to fly on your Tesla Model X and open the doors, a couple of researchers demonstrated. The researchers Kunnamon, Inc.’s Ralf-Philipp Weinmann and Comsecuris GmbH’s Benedikt Schmotzle have discovered remote zero-click flaws in the vehicle and exploited them using a DJI Mavic 2 drone equipped with a WIFI don

Hacking 114
article thumbnail

Babuk Ransomware attack on NBA Houston Rockets

CyberSecurity Insiders

The National Basketball Association affiliated Houston Rockets were relatively hit by a ransomware variant that is suspected to be Babuk Ransomware and highly placed sources say that the American Professional Basketball team was hit by a file encrypting malware gang that is demanding $50 million to free up the data from encryption. Tracey Hughes, the spokesperson of the NBA Houston Rockets issued a press statement announcing a partial impact on the digital operations of the team.

More Trending

article thumbnail

How to stop Windows 10 Defender from uploading files to Microsoft

Bleeping Computer

Like other antivirus programs, Microsoft Defender will upload suspicious files to Microsoft to determine if they are malicious. However, some consider this a privacy risk and would rather have their files stay on their computer than being uploaded to a third party. [.].

Antivirus 107
article thumbnail

Six things you have to know about ITAR compliance

Security Boulevard

International Traffic in Arms Regulations (ITAR) is a set of regulations administered by the State Department to control the export of defense and military related technologies. The goal of the legislation is to control access to specific types of technology and their associated data by our country’s enemies. Any U.S. company, research lab […]. The post Six things you have to know about ITAR compliance appeared first on PreVeil.

article thumbnail

Security Affairs newsletter Round 312

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. 10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely Hackers are targeting Soliton FileZen file-sharing servers A supply chain attack compromised the update mechanism of Passwordstate Password Manager Boffins found a bug in Apple AirDrop that could leak users personal info Bye Bye Emotet, law enforcement pushed the uninstall c

DNS 57
article thumbnail

XKCD ‘After The Pandemic’

Security Boulevard

via the comic delivery system monikered Randall Munroe at XKCD ! Permalink. The post XKCD ‘After The Pandemic’ appeared first on Security Boulevard.

64
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

UK Boris Johnson mobile number out for public since 15 years raises mobile security concerns

CyberSecurity Insiders

Sometimes political leaders do something different to capture the attention of their voters and that’s what UK Prime Minister Boris Johnson seems to have done a few years ago. And those gestures are apparently haunting him now as per the claims made by a Britain’s Media resource Downing Street. Going forward with the details, in the year 2006 posted the personal mobile number of Mr.

Mobile 57
article thumbnail

6 Steps To Improve Your Data Security and Data Compliance

Security Boulevard

Data privacy has been a hot topic in the tech world for years now. With every new technology come new regulations that require companies to completely re-examine the way they handle private data. Most companies already have a basic data privacy policy they constructed alongside lawyers and tech experts to avoid facing serious fines and […]… Read More.

article thumbnail

Threat Report Portugal: Q1 2021

Security Affairs

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from January to March, Q1, of 2021. Threat Report Portugal Q1 2021: Phishing and malware by numbers. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

article thumbnail

Pulse Connect Secure Patch Availability – SA44784

Security Boulevard

Today, the Pulse Secure team released a security update to address the issue outlined in Security Advisory SA44784 (CVE-2021-22893) impacting Pulse Connect Secure appliance. We recommend that customers move quickly to apply the update to ensure they are protected. . The post Pulse Connect Secure Patch Availability – SA44784 appeared first on Pulse Secure Blog.

52
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

3 Best Practices for Customizing Your Compliance Program

Security Boulevard

Most large-scale entities need to prove compliance with multiple regulatory standards. In their efforts to meet their compliance mandates, organizations could suffer a major drain on their time and resources. This possibility holds true regardless of whether they’re finance companies, retailers, manufacturers or hospitality firms. Organizations face an additional obstacle when they have an internally […]… Read More.

Retail 52
article thumbnail

Remembering Dan Kaminsky, Apple AirDrop Vulnerability

Security Boulevard

Remembering Dan Kaminsky who was one of the greatest security researchers of our time plus details on a new Apple Airdrop vulnerability. ** Links mentioned on the show ** Remembering Dan Kaminsky [link] Apple AirDrop Bug Could Leak Your Personal Info to Anyone Nearby [link] [link] ** Watch this episode on YouTube ** [link] ** […]. The post Remembering Dan Kaminsky, Apple AirDrop Vulnerability appeared first on The Shared Security Show.

DNS 52
article thumbnail

CPDP 2021 – Moderator: John Davisson ‘Student Privacy At Risk Under Covid-19: Online Test Proctoring Brings AI And Surveillance Into Students’ Homes’

Security Boulevard

Speakers: Lydia X. Z. Brown, Meg Foulkes, Sofie Van Londen, Maha Bali. Our sincere thanks to CPDP 2021 - Computers, Privacy & Data Protection Conference for publishing their well-crafted videos on the organization's YouTube channel. Enjoy! Permalink. The post CPDP 2021 – Moderator: John Davisson ‘Student Privacy At Risk Under Covid-19: Online Test Proctoring Brings AI And Surveillance Into Students’ Homes’ appeared first on Security Boulevard.

article thumbnail

CPDP 2021 – Moderator: Brent R. Homan ‘When Regulatory Worlds Collide – The Intersection Of Privacy, Competition And Consumer Protection’

Security Boulevard

Speakers: Anna Colaps, Erika M. Douglas, Ian Cohen, Alan Campos Elias Thomaz. Our sincere thanks to CPDP 2021 - Computers, Privacy & Data Protection Conference for publishing their well-crafted videos on the organization's YouTube channel. Enjoy! Permalink. The post CPDP 2021 – Moderator: Brent R. Homan ‘When Regulatory Worlds Collide – The Intersection Of Privacy, Competition And Consumer Protection’ appeared first on Security Boulevard.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.