Tue.Nov 22, 2022

article thumbnail

Apple’s Device Analytics Can Identify iCloud Users

Schneier on Security

Researchers claim that supposedly anonymous device analytics information can identify users: On Twitter , security researchers Tommy Mysk and Talal Haj Bakry have found that Apple’s device analytics data includes an iCloud account and can be linked directly to a specific user, including their name, date of birth, email, and associated information stored on iCloud.

article thumbnail

FIRESIDE CHAT: Anchoring security on granular visibility, proactive management of all endpoints

The Last Watchdog

Endpoints are where all are the connectivity action is. Related: Ransomware bombardments. And securing endpoints has once more become mission critical. This was the focal point of presentations at Tanium’s Converge 2022 conference which I had the privilege to attend last week at the Fairmont Austin in the Texas capital. I had the chance to visit with Peter Constantine, Tanium’s Senior Vice President Product Management.

Internet 198
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

What’s NEXT with Michael Ebel at Atmosfy

Cisco Security

Throughout my career, I have noticed the way we “futurize” technology. Often, we are thinking of technology in five-to-ten-year increments. But the fact of the matter is – technology is moving faster than we can keep up. The minute we think we understand it, it’s already onto something new. That’s why here at Cisco, we’re focused on what’s NEXT. We all know technology will continue to grow at a rapid pace, our goal is to remain at the forefront of these changes.

article thumbnail

Know thy enemy: thinking like a hacker can boost cybersecurity strategy

CSO Magazine

As group leader for Cyber Adversary Engagement at MITRE Corp., Maretta Morovitz sees value in getting to know the enemy – she can use knowledge about cyber adversaries to distract, trick, and deflect them and develop strategies to help keep threat actors from getting whatever they’re after. That could mean placing decoys and lures that exploit their expectations for what an attacker will find when they first hack into an environment, she says.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Are Retailers Shopping for a Cybersecurity Breach?

Thales Cloud Protection & Licensing

Are Retailers Shopping for a Cybersecurity Breach? divya. Wed, 11/23/2022 - 07:07. Have you ever walked into your favorite store or restaurant, and when you tried to finalize your purchase, you were told that they could not process any credit cards? Have you ever thought that this might be the result of a successful breach and not because of a point-of sale (POS) malfunctioning?

Retail 126
article thumbnail

Adapt and overcome: What the story of the Tardigrade can teach us about resilience

Cisco Security

When you think about the most resilient creatures in the animal kingdom, what comes to mind? Perhaps the camel, which can survive for 6 months with no food or water. Or maybe it’s the honey badger, which tends to drink snake venom like cranberry juice. Or how about the immortal jellyfish? This is one of the most fascinating (and oldest) creatures on Planet Earth.

Risk 128

More Trending

article thumbnail

5 API Vulnerabilities That Get Exploited by Criminals

Security Affairs

Let’s give a look at API vulnerabilities by reading the API Security Top 10 published by the Open Web Application Security Project (OWASP). It’s no secret that cyber security has become a leading priority for most organizations — especially those in industries that handle sensitive customer information. And as these businesses work towards building robust security strategies, it’s vital that they account for various threat vectors and vulnerabilities.

article thumbnail

Cybersecurity Pros Put Mastodon Flaws Under the Microscope

Dark Reading

As the open source social media network blows up due to Twitter's troubles, researchers caution about vulnerabilities within the application.

article thumbnail

Ransomware gang repents for spreading ransomware to AirAsia

CyberSecurity Insiders

Daixin, the Ransomware spreading group that hacked into the servers of AirAsia now seems to repent for its deeds, as it released a press statement that confirms that the victimized firm’s IT infrastructure, staff, and security are so poorly aligned that the said group of cyber criminals do not want to strike the same victim twice. What the press update means that the Malaysia’s largest air carrier is so frustrated with the way AirAsia was responding to its negotiation filled talks that it doesn’

article thumbnail

Microsoft Azure launches DDoS IP protection for SMBs

CSO Magazine

Microsoft is extending the Azure DDoS Protection family with a new product focusing on small and medium-size businesses (SMBs). The product, DDoS IP Protection for SMBs, was announced at Microsoft's Ignite conference and is now in public preview. DDoS IP Protection for SMBs is designed to provide enterprise-grade DDoS (distributed denial of service) protection at a price that's attractive to SMBs, Microsoft said.

DDOS 110
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Russian Killnet targets UK Royal Family websites

CyberSecurity Insiders

Killnet, the hacking group that works for Russian interests, is targeting UK’s Royal Family websites from the past few days. The attacks are of ‘Distributed Denial of Service (DDoS)’ variant and supposedly seem to take revenge digitally. It is already known to the entire world that the UK is supplying weapons, essentials and finances to Ukraine to sustain the 2-3 years long of intense war with Kremlin.

DDOS 110
article thumbnail

Security fatigue is real: Here’s how to overcome it

We Live Security

Do your own organization’s employees take more risks with valuable data because they’ve become desensitized to security guidance? Spot the symptoms before it’s too late. The post Security fatigue is real: Here’s how to overcome it appeared first on WeLiveSecurity.

Risk 105
article thumbnail

UK populace should be extra cautious about Cyber Frauds in this Christmas season

CyberSecurity Insiders

UK Populace has reportedly lost £1000 last year on an average and the figure is said to double up this year, as Christmas shopping period has arrived a week before. So, security experts are urging online shoppers to be extra cautious while buying products online and not fall for cyber frauds or Ponzi schemes. National Cyber Security Centre (NCSC) has issued a playbook on how the shoppers should browse on websites and what to do and what not, while buying gifts for their near and dear ones.

Passwords 107
article thumbnail

ICS cyberthreats in 2023 – what to expect

SecureList

Cybersecurity incidents were plentiful in 2022, causing many problems for industrial infrastructure owners and operators. However, luckily, we did not see any sudden or catastrophic changes in the overall threat landscape – none that were difficult to handle, despite many colorful headlines in the media. As we see it, the coming year looks to be much more complicated.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

For two years security experts kept secret that they were helping Zeppelin ransomware victims decrypt their files

Graham Cluley

Researchers at cybersecurity firm Unit 221B have revealed that they have been secretly helping victims of the Zeppelin ransomware decrypt their computer systems since 2020.

article thumbnail

What is the Virginia Consumer Data Protection Act?

Digital Guardian

Learn why organizations will need to implement security practices to protect sensitive data under the Virginia Consumer Data Protection Act (VCDPA), set to go into effect in 2013.

98
article thumbnail

Sensitive Data From Nuclear Facilities Leaked on Dark Web

Heimadal Security

Cybercrime activities targeting the nuclear industry worldwide have risen during the past eight months, according to Cyble, a global cyber intelligence start-up that monitors the dark web. Cyble claims that threat actors are taking advantage of the war in Ukraine to broaden their attack services. Since February this year, leaks were reported to have happened […].

article thumbnail

Qualys QSC Wrap-Up: Risk and Simplicity

Security Boulevard

For many organizations, the complexity of security and compliance is still beyond their reach. Also, striking a balance between security and people, process and technology versus the risk/reward was something that both security leaders and business leaders need to confront and deal with every day. Earlier this month in Las Vegas, Qualys held its annual.

Risk 98
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

What Is DNS Scavenging?

Heimadal Security

DNS scavenging is the process of removing stale DNS records, usually used together with DNS aging in order to free up space and improve system performance. In cybersecurity, in particular, DNS scavenging can help prevent DNS cache poisoning attacks and even reduce the chances of DNS servers being used in DDoS attacks. In this article […]. The post What Is DNS Scavenging?

DNS 96
article thumbnail

Surge of Fake FIFA World Cup Streaming Sites Targets Virtual Fans

Security Boulevard

Zscaler ThreatLabz is always on the lookout for threat actors trying to take advantage of major world news and events. The FIFA World Cup 2022 has brought with it a spike in cyber attacks targeting football fans through fake streaming sites and lottery scams, leveraging the rush and excitement around these uncommon events to infect users with malware.

Scams 98
article thumbnail

How to hack an unpatched Exchange server with rogue PowerShell code

Naked Security

Review your servers, your patches and your authentication policies - there's a proof-of-concept out.

Hacking 131
article thumbnail

Nighthawk Likely to Become Hackers' New Post-Exploitation Tool After Cobalt Strike

The Hacker News

A nascent and legitimate penetration testing framework known as Nighthawk is likely to gain threat actors' attention for its Cobalt Strike-like capabilities. Enterprise security firm Proofpoint said it detected the use of the software in mid-September 2022 with a number of test emails sent using generic subject lines such as "Just checking in" and "Hope this works2.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

Android file manager apps infect thousands with Sharkbot malware

Bleeping Computer

A new collection of malicious Android apps posing as harmless file managers had infiltrated the official Google Play app store, infecting users with the Sharkbot banking trojan. [.].

Banking 98
article thumbnail

PII Breach Discovered on Bahmni Hospital Management System

Heimadal Security

On September 19th, 2022, a breach affecting Bahmni company was discovered. The Bahmni Hospital Management System was breached exposing the PII (Personal Identifiable Information) and EMR (Electronic Medical Record) of 197,497 users. Bahmni offers a comprehensive healthcare solution by combining several open-source products used by more than 500 websites in over 50 countries.

article thumbnail

Emotet is back and delivers payloads like IcedID and Bumblebee

Security Affairs

The Emotet malware is back and experts warn of a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. Proofpoint researchers warn of the return of the Emotet malware, in early November the experts observed a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542.

Malware 96
article thumbnail

Policy trends: where are we today on regulation in cyberspace?

SecureList

This is the first edition of our policy analysis and observations of trends in the regulation of cyberspace, and cybersecurity, within the Kaspersky Security Bulletin. This year so far has been very challenging: increased tensions in international relations have had a huge impact on both cyberspace and cybersecurity. Further to this, we share below our key observations regarding the trends we believe have been the highlights of this year and have the potential to shape the future of cyberspace i

article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem

Security Affairs

Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022. Aurora was offered as Malware-as-a-Service (MaaS) by a threat actor known as Cheshire. It is a multi-purpose botnet with data stealing and remote access capabilities.

article thumbnail

Enterprises Pay $1,200 Per Employee Annually to Fight Cyberattacks Against Cloud Collab Apps

Dark Reading

Orgs are in the middle of a rapid increase in the use of new collaboration tools to serve the needs of an increasingly dispersed workforce — and they're paying a very real security price.

92
article thumbnail

Researcher warns that Cisco Secure Email Gateways can easily be circumvented

Security Affairs

A researcher revealed how to bypass some of the filters in Cisco Secure Email Gateway appliance and deliver malware using specially crafted emails. An anonymous researcher publicly disclosed a series of techniques to bypass some of the filters in Cisco Secure Email Gateway appliance and deliver malware using specially crafted emails. The researcher pointed out that the attack complexity is low, it also added that working exploits have already been published by a third party.

article thumbnail

Crimeware and financial cyberthreats in 2023

SecureList

A look back on the year 2022 and what to expect in 2023. Every year, as part of the Kaspersky Security Bulletin, we predict which major trends will be followed in the coming year by attackers, who target financial organizations. The predictions, based on our extensive experience, help individuals and businesses improve their cybersecurity and prevent the vast range of possible risks.

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.