Tech Republic Security
MARCH 15, 2022
NCC Group’s study outlines the use cases for BCIs as well as the security risks associated with using them. The post Brain Computer Interfaces may be the future, but will they be secure? appeared first on TechRepublic.
Bleeping Computer
MARCH 15, 2022
Russia faces a critical IT storage crisis after Western cloud providers pulled out of the country, leaving Russia with only two more months before they run out of data storage. [.].
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
MARCH 15, 2022
Don’t let mobile malware ruin your day or your device. Be aware of how this threat happens and take good precautions to avoid it. The post Mobile malware is on the rise: Know how to protect yourself from a virus or stolen data appeared first on TechRepublic.
Bleeping Computer
MARCH 15, 2022
A recently discovered botnet under active development targets Linux systems, attempting to ensnare them into an army of bots ready to steal sensitive info, installing rootkits, creating reverse shells, and acting as web traffic proxies. [.].
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Tech Republic Security
MARCH 15, 2022
Cisco Talos has uncovered an information stealing malware affecting those attempting to aid Ukraine in their online fight against Russia. The post Cybercriminals are targeting Ukrainian sympathizers, what can you do to remain safe? appeared first on TechRepublic.
Bleeping Computer
MARCH 15, 2022
BSI, the federal cybersecurity authority in Germany, has issued a public statement to warn critical entities in the country against using Kaspersky antivirus software products. [.].
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Bleeping Computer
MARCH 15, 2022
The FBI says Russian state-backed hackers gained access to a non-governmental organization (NGO) cloud after enrolling their own device in the organization's Duo MFA following the exploitation of misconfigured default multifactor authentication (MFA) protocols. [.].
Tech Republic Security
MARCH 15, 2022
Symantec Endpoint Protection and Webroot Internet Security Plus 2022 are compelling security products intended to protect business systems. Learn the pros and cons of each security solution to make the best possible choice. The post Webroot vs. Symantec: Endpoint security software comparison appeared first on TechRepublic.
Graham Cluley
MARCH 15, 2022
Last month, the LAPSUS$ hacking group stole up to one terabyte of internal data, including hashed passwords, from graphics card maker NVIDIA. Of course, you would hope that any sensible NVIDIA employee would have chosen a sensible hard-to-crack password, and ensured that they weren’t using the same password anywhere else on the internet.
Security Boulevard
MARCH 15, 2022
A dozen years ago, when organizations were still in the early stages of adopting cloud computing, the biggest obstacle was security. SMBs especially didn’t seem to understand what the cloud was, and were particularly stymied by the challenge of keeping information transmitted and stored in the cloud safe from data leakage. Of course, that was. The post Orgs Still Struggling With Cloud Security appeared first on Security Boulevard.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Malwarebytes
MARCH 15, 2022
Apple has released patches for macOS Monterey 12.3 , iOS 15.4 and iPadOS 15.4. In these security updates, released on March 14, 2022, Apple tackles 39 vulnerabilities, several of which could allow an attacker to execute arbitrary code on an affected device. One of the vulnerabilities can be exploited by having the victim open a crafted PDF file, and a few just require the victim to visit an specially crafted website.
Security Boulevard
MARCH 15, 2022
Putin’s Kremlin has followed through on its threat to ban Meta’s Instagram app in Russia. But the reason given seems … suspicious. The post Russia Bans Instagram—Influencers Cry While Ukrainians Die appeared first on Security Boulevard.
Security Affairs
MARCH 15, 2022
OpenSSL addressed a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778, related to certificate parsing. OpenSSL released updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778 , that affects the BN_mod_sqrt() function used when certificate parsing. The flaw was discovered by the popular Google Project Zero researchers Tavis Ormandy.
Security Boulevard
MARCH 15, 2022
Sonatype's focus on developers brings more insights into software dependencies, clearer policy exceptions, and support for PHP users. This Nexus platform update will help developers more easily remediate vulnerable open source usage across their projects. The post New Developer Tools for Open Source Dependency Management appeared first on Security Boulevard.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
CSO Magazine
MARCH 15, 2022
Security endpoint protection vendor Webroot has filed a patent infringement complaint against competitor Trend Micro accusing it of implementing patented technology in its security software and systems without authorization. According to an official document from the Unites States District Court, Western District of Texas Waco Division, Webroot is seeking damages for lost sales, profits, and market share.
Security Boulevard
MARCH 15, 2022
As we enter the third week of the Russia-Ukraine war, the resilience of the Ukrainian people and President Zelensky is worthy of the world’s admiration. Unfortunately, Russia still has overwhelming combat power. Many have speculated that Putin’s health may be severely compromised, in turn accelerating “his mission to restore what he considers lost Russian land.”.
CSO Magazine
MARCH 15, 2022
Even in today’s age of digital evolution, malicious hackers continue to use attack vectors dating back decades. Research shows notable periods of resurgence relating to certain methods deemed old-fashioned. What this indicates is that while attack specifics can change with time, points of infection, distribution and proliferation can remain and even lead to the most significant of breaches.
Security Boulevard
MARCH 15, 2022
From the leading cloud providers to new Gartner categories - here’s what’s trending in cloud security and what it means for security and IT teams. The post 7 Cloud Security Trends That May Impact Your Cloud Security Planning appeared first on Ermetic. The post 7 Cloud Security Trends That May Impact Your Cloud Security Planning appeared first on Security Boulevard.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
CSO Magazine
MARCH 15, 2022
In 1994, Steve Katz became the world’s first chief information security officer (CISO) after Citicorp endured a string of cyberbreaches at the hands of Russian hackers. Katz is an undisputed legend in the CISO profession that he’s credited with launching. His origin story remains relevant today for CISOs adapting to new reporting structures and relationships with their C-suite colleagues.
Security Boulevard
MARCH 15, 2022
Lapsus$: The New Name in Ransomware Gangs. brooke.crothers. Tue, 03/15/2022 - 17:20. 7 views. Lapsus$ arrives. According to The Record , the largest media conglomerate in Portugal, Impresa, was a target of the Lapsus$ ransomware over the New Year holiday break. Impresa owns the country's largest TV channel and newspaper, SIC and Expresso. It was the Expresso Twitter account that the hackers used to bait the organization to demonstrate their control over the company's IT infrastructure.
Heimadal Security
MARCH 15, 2022
The process of detecting cyber vulnerabilities (software or hardware that might be exploited) and cyber dangers is known as cyber security risk assessment. Why Should You Do a Cybersecurity Risk Assessment? The only way to guarantee that the cybersecurity measures you choose are suitable for the threats your business faces is to perform a risk […].
Bleeping Computer
MARCH 15, 2022
Today, Chris Evans, the CISO of bug bounty platform HackerOne, apologized to Ukrainian hackers after erroneously blocking their bug bounty payouts following sanctions imposed on Russia and Belarus after Ukraine's invasion. [.].
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Security Boulevard
MARCH 15, 2022
International Women’s Day Spotlight: Laura Cabrera. maaya.alagappan. Tue, 03/15/2022 - 18:43. This month, we are proud to celebrate International Women’s Day and shine a light on women at Onapsis who are part of a shifting generation. For our second spotlight, we’re sharing Laura Cabrera’s journey from ABAP developer to SAP Security Specialist at Onapsis.
Bleeping Computer
MARCH 15, 2022
Large-scale phishing activity using hundreds of domains to steal credentials for Naver, a Google-like online platform in South Korea, shows infrastructure overlaps linked to the TrickBot botnet. [.].
Security Boulevard
MARCH 15, 2022
The global business data security landscape has become dramatically more challenging over the last few years. One of the main reasons for this is insider threats, as reported in the 2022 Cost of Insider Threats Global Report, independently conducted by The Ponemon Institute. Several factors have contributed to growth in this threat vector. The move […].
Bleeping Computer
MARCH 15, 2022
Security researchers tracking the mobile app ecosystem have noticed a recent spike in trojan infiltration on the Google Play Store, with one of the apps having over 500,000 installs. [.].
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Security Boulevard
MARCH 15, 2022
The post Russia Creates Its Own Certificate Authority (CA) to Issue TLS Certificates appeared first on Keyfactor. The post Russia Creates Its Own Certificate Authority (CA) to Issue TLS Certificates appeared first on Security Boulevard.
Malwarebytes
MARCH 15, 2022
Aberebot, a known Android banking Trojan, has changed its name and returned loaded with new features. First spotted by @MalwareHunterTeam in early March, this mobile variant was renamed “Escobar”—a homage to the Colombian drug baron—and disguised itself as a McAfee app. It went by the package name of com.escobar.pablo and the application name of “McAfee” Possible interesting, very low detected "McAfee9412.apk": a9d1561ed0d23a5473d68069337e2f8e7862f7b72b74251eb63
CSO Magazine
MARCH 15, 2022
Russia is offering its own Transport Layer Security (TLS) certificates to bypass sanctions imposed by Western companies and governments that are limiting citizens’ access to websites amid the nation’s invasion of Ukraine. Restrictions on foreign payments are leaving many Russian websites unable to renew certificates with international signing authorities causing browsers to block access to sites.
Security Boulevard
MARCH 15, 2022
via the comic artistry and dry wit of Randall Munroe , resident at XKCD ! Permalink. The post XKCD ‘Deviled Eggs’ appeared first on Security Boulevard.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
217 
Let's personalize your content