Krebs on Security
AUGUST 16, 2021
Communications giant T-Mobile said today it is investigating the extent of a breach that hackers claim has exposed sensitive personal data on 100 million T-Mobile USA customers, in many cases including the name, Social Security number, address, date of birth, phone number, security PINs and details that uniquely identify each customer’s mobile device.
Tech Republic Security
AUGUST 16, 2021
Most organizations are still lacking talent, according to a new report, but experts think expanding the definition of a cybersecurity professional can help.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Hacker News
AUGUST 16, 2021
A new wave of attacks involving a notorious macOS adware family has evolved to leverage around 150 unique samples in the wild in 2021 alone, some of which have slipped past Apple's on-device malware scanner and even signed by its own notarization service, highlighting the malicious software ongoing attempts to adapt and evade detection.
Tech Republic Security
AUGUST 16, 2021
In recent months, a string of high-profile cyberattacks have targeted critical U.S. infrastructure. As students return to the classroom, could criminals look to focus their efforts on schools?
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Bleeping Computer
AUGUST 16, 2021
Colonial Pipeline, the largest fuel pipeline in the United States, is sending notification letters to individuals affected by the data breach resulting from the DarkSide ransomware attack that hit its network in May. [.].
Tech Republic Security
AUGUST 16, 2021
Microsoft Defender Application Guard protects your networks and data from malicious applications running in your web browser. Learn how to install and activate this Windows 10 security feature.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Boulevard
AUGUST 16, 2021
How application security affects you. Philosopher Henry David Thoreau famously said, “There are a thousand hacking at the branches of evil to one who is striking at the root”. While this quote is not about the current state of cybersecurity, it certainly applies. Organizations worldwide spent approximately $123 billion (USD) on IT security in 2020. Yet 2021 has been dominated by headlines heralding successful cyber attacks against Colonial Pipeline, JBS Meat packing, Microsoft, and others.
CyberSecurity Insiders
AUGUST 16, 2021
Keeping up with the latest cybersecurity industry news and information can be a challenge all on its own. Listening to podcasts is a great way to stay up to date while you’re on the go, or even while you’re working. The (ISC)² team has gathered a collection of top cybersecurity podcasts that support our vision of inspiring a safe and secure cyber world.
CSO Magazine
AUGUST 16, 2021
Security's all-too-frequent appearance as a front-page headline making topic has put CISOs in the hot seat as CEOs and boards worry that it could be their names next in news stories trying to explain how a breach occurred. Yet the CISO message to the C-suite might not be all that reassuring. Some 64% of CISOs fear their companies are at risk of a major cybersecurity attack in the upcoming year and 66% feel their organization is unprepared to handle it, according to the 2021 Voice of the CISO Rep
Heimadal Security
AUGUST 16, 2021
Researchers have disclosed a Ford vulnerability in the company’s systems, more specifically the client interaction system known as Pega Infinity had within a not properly configured instance that exposed the network to threat. Pega Infinity is used on the Ford Servers. Through this bug, access to sensitive data was allowed. How Did the Ford Vulnerability […].
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Trend Micro
AUGUST 16, 2021
While investigating the Confucius threat actor, we found a recent spear phishing campaign that utilizes Pegasus spyware-related lures to entice victims into opening a malicious document downloading a file stealer.
TrustArc
AUGUST 16, 2021
On 11 August, the data protection regulator in the United Kingdom, the Information Commissioner’s Office (ICO) opened a consultation on international data transfer post-Brexit. Like the EU GDPR, the UK GDPR allows for data transfers based on so-called appropriate safeguards, which include the use of approved model clauses. In the EU, the European Commission recently […].
Graham Cluley
AUGUST 16, 2021
A hacker is offering for sale what they claim to be the personal data of over 100 million people, stolen from the servers of T-Mobile USA.
Bleeping Computer
AUGUST 16, 2021
A secret terrorist watchlist with 1.9 million records, including "no-fly" records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it. [.].
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
SecurityTrails
AUGUST 16, 2021
Random Robbie joins us in the new instalment of Blast Radius to discuss misconfigured Kubernetes, how to find them and what are the different severity impacts they can have on companies.
Threatpost
AUGUST 16, 2021
Lost productivity & mopping up after the costly attacks that follow phishing – BEC & ransomware in particular – eat up most costs, not payouts to crooks.
Bleeping Computer
AUGUST 16, 2021
Chase Bank has admitted to the presence of a technical bug on its online banking website and app that allowed accidental leakage of customer banking information to other customers. [.].
Security Boulevard
AUGUST 16, 2021
Cyberattackers and cyberdefenders appear to be utilizing AI (artificial intelligence) and ML (machine learning) to a rapidly increasing degree, if you are to believe the press, vendors’ claims and blogs. So, it makes sense for cybersecurity professionals and researchers to get a better understanding of the biases that affect the AI/ML pipeline. A recent article, […].
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Tech Republic Security
AUGUST 16, 2021
Getting to the point where you're proactive is "utopia," says Jadee Hanson, CIO at Code42.
Security Boulevard
AUGUST 16, 2021
T-Mobile US has lost control of its account database, hackers say—the sixth such breach in as many years. The post T-Mobile Leaks PII of ‘Every User’ in HUGE 100M+ Breach appeared first on Security Boulevard.
CSO Magazine
AUGUST 16, 2021
The COVID-19 pandemic has caused many organizations to accelerate digital transformation efforts in response to an exploding need for remote connectivity. But this trend also has opened the door to a greater threat from hackers and cybercriminals. In particular, distributed denial-of-service (DDoS) attack s have risen dramatically. The latest NETSCOUT Threat Intelligence Report revealed record-breaking DDoS activity in 2020, as attackers launched more than 10 million DDoS worldwide.
Bleeping Computer
AUGUST 16, 2021
Declan Harrington, a Massachusetts man charged two years ago for his alleged involvement in a series of SIM swapping attacks, pleaded guilty to stealing cryptocurrency from multiple victims and hijacking the Instagram account of others. [.].
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Security Affairs
AUGUST 16, 2021
T-Mobile confirms a breach after threat actors claimed to have obtained records of 100 million of its customers and offered them for sale. T-Mobile has confirmed a data breach that exposed personal information from over 100 million of its US customers. Yesterday the company announced it launched an investigation into a possible data breach after a threat actor published a post on a forum claiming to be selling the personal data of its customers.
CyberSecurity Insiders
AUGUST 16, 2021
Well, this is indeed an interesting news piece to all those who are interested in Information Security. A leaked internal document of Google that was accessed & disclosed by Vice.com, a tech subsidiary of Motherboard Tech, states that the internet juggernaut fired 36 employees in 2020 for fraudulently accessing Google user or employee data. Insider Threat has not only forced Google to terminate 26 people in 2019 and 18 in 2018, but it also made the web search giant belief less on manpower an
Bleeping Computer
AUGUST 16, 2021
A malware developer unleashed their creation on their system to try out new features and the data ended up on a cybercrime intelligence platform, exposing a glimpse of the cybercriminal endeavor. [.].
StaySafeOnline
AUGUST 16, 2021
The post From math-hater to DEFCON-lover: An unlikely path to Cybersecurity appeared first on Stay Safe Online.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Security Boulevard
AUGUST 16, 2021
Did you know that out of the 8.9 million enterprise malware reports that Microsoft had in the last 30 days that over 60% came from education ? The next closest industry is business and professional services, at only 10%. The post Back-to-school Device Protection | Avast appeared first on Security Boulevard.
Bleeping Computer
AUGUST 16, 2021
Destructive attacks that targeted Iran's transport ministry and national train system were coordinated by a threat actor dubbed Indra who previously deployed wiper malware on the networks of multiple Syrian organizations. [.].
The Hacker News
AUGUST 16, 2021
Taiwanese chip designer Realtek is warning of four security vulnerabilities in three software development kits (SDKs) accompanying its WiFi modules, which are used in almost 200 IoT devices made by at least 65 vendors. The flaws, which affect Realtek SDK v2.x, Realtek "Jungle" SDK v3.0/v3.1/v3.2/v3.4.x/v3.4T/v3.4T-CT, and Realtek "Luna" SDK up to version 1.3.
Malwarebytes
AUGUST 16, 2021
Nearly one year after the exclusive app Clubhouse launched on the iOS store, its popularity skyrocketed. The app, which is now out of beta, lets users drop into spontaneous audio conversations that, once they are over, are over. With COVID lockdown procedures separating many people around the world last year, Clubhouse offered its users immediate, unplanned, conversational magic that maybe they lost in shifting to a work from home environment.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
306 
Let's personalize your content