Joseph Steinberg

JUNE 9, 2022

The Tenafly, New Jersey, Public School District has canceled final exams for its high school students after a ransomware cyberattack crippled the district’s computer infrastructure. In addition to having cancelled finals, the district, which ranks in many surveys as being among the top 50 school districts in the country, has been forced to revert for its final days of instruction for the 201-2022 academic year to using paper, pencils, and pre-computer-era overhead projectors instead of its usual

Ransomware 363

Ransomware Artificial Intelligence Education Cybercrime 363

Schneier on Security

JUNE 9, 2022

Twitter was fined $150 million for using phone numbers and email addresses collected for two-factor authentication for ad targeting.

Authentication 304

Authentication 304

The Last Watchdog

JUNE 9, 2022

What is it about the elderly that makes them such attractive targets for cybercriminals? A variety of factors play a role. Related: The coming of bio-digital twins. Unlike many younger users online, they may have accumulated savings over their lives — and those nest eggs are a major target for hackers. Now add psychological variables to the mix of assets worth stealing.

Identity Theft 274

Identity Theft Scams Insurance Internet 274

Tech Republic Security

JUNE 9, 2022

A large-scale phishing attack was uncovered by PIXM, as well as the person who had been carrying out the attacks. The post A cybercriminal stole 1 million Facebook account credentials over 4 months appeared first on TechRepublic.

Accountability 202

Accountability Phishing 202

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

Schneier on Security

JUNE 9, 2022

Interesting article about civilians using smartphones to assist their militaries in wartime, and how that blurs the important legal distinction between combatants and non-combatants: The principle of distinction between the two roles is a critical cornerstone of international humanitarian law­—the law of armed conflict, codified by decades of customs and laws such as the Geneva Conventions.

Risk 182

Risk 182

Security Affairs

JUNE 9, 2022

Researchers uncovered a high stealth Linux malware, dubbed Symbiote, that could be used to backdoor infected systems. Joint research conducted by security firms Intezer and BlackBerry uncovered a new Linux threat dubbed Symbiote. The name comes from the concept of symbiote which is an organism that lives in symbiosis with another organism, exactly like this implant does with the infected systems.

Malware 145

Malware DNS Antivirus Passwords 145

Malwarebytes

JUNE 9, 2022

The recent Apple Worldwide Developers Conference (WWDC) revealed another teasing of what has been referred to as “the end of passwords forever” Passkeys are a “new biometric sign-in standard” Biometrics in security circles are used for things like identity cards, building access, and so on. This typically involves scans of your fingerprints, or face.

Passwords 132

Passwords Phishing Authentication Accountability 132

CyberSecurity Insiders

JUNE 9, 2022

Cybersecurity researchers from Blackberry and Intezer labs have discovered a new Linux malware that is hard to detect. They have dubbed the malware Symbiote and are said to be mostly targeting backdoor infected systems. Blackberry says that the malware is hard to detect and can inflict serious damage to infected machines as it provides a rootkit functionality to a threat actor to harvest credentials, remote access capabilities, and a chance to use the machine as a botnet.

Malware 130

Malware Encryption Ransomware Cybersecurity 130

Malwarebytes

JUNE 9, 2022

Just about anywhere you look, organizations are using the cloud in some form—and they’re not all large enterprises. Small and medium businesses (SMBs) are also reaping the many benefits that the cloud offers over on-premise software, especially the lowered IT costs, increased scalability, and large storage capacity that come along with it. No doubt, with a cloud provider like AWS or Azure taking the wheel of some (or all) of your infrastructure, you have less to worry about.

Data breaches 123

Data breaches Passwords Malware Education 123

Bleeping Computer

JUNE 9, 2022

A previously unknown Chinese-speaking threat actor has been uncovered by threat analysts SentinelLabs who were able to link it to malicious activity going as far back as 2013. [.].

Hacking 119

Hacking 119

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Malwarebytes

JUNE 9, 2022

BlackBasta, an alleged subdivision of the ransomware group Conti , just began supporting the encryption of VMware’s ESXi virtual machines (VM) installed on enterprise Linux servers. Because more and more organizations have begun using VMs for cost-effectiveness and easier management of devices, this change in tactic makes sense. An ESXi VM is a bare-metal hypervisor software.

Ransomware 121

Ransomware Encryption Firewall Software 121

Security Boulevard

JUNE 9, 2022

Ethical hacking is the concept of gaining unauthorised access to systems but with the explicit permission of the system owner. Learn more about working and techniques used in ethical hacking in this article. The post What is Ethical Hacking? Working, Techniques and Jobs appeared first on Cyphere | Securing Your Cyber Sphere. The post What is Ethical Hacking?

Hacking 119

Hacking 119

Malwarebytes

JUNE 9, 2022

Earlier this year Malwarebytes released its 2022 Threat Review , a review of the most important threats and cybersecurity trends of 2021, and what they could mean for 2022. Among other things it covers the year’s alarming rebound in malware detections, and a significant shift in the balance of email threats. We are now halfway through 2022 and Malwarebytes’ Security Evangelist Adam Kujawa has been updating attendees at this year’s RSA Conference on what the report contains, and

Threat Detection 119

Threat Detection Malware Adware Accountability 119

The State of Security

JUNE 9, 2022

Working in the Electric Utility sector of critical infrastructure gives a person a very unique perspective on how many of the pieces of the puzzle fit together to provide uninterrupted services to a broad population. My personal experience as a software engineer in the electrical industry introduced me to the nuances that the average person […]… Read More.

Cybersecurity 116

Cybersecurity Engineering Software 116

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

CSO Magazine

JUNE 9, 2022

Top cybersecurity vendors have joined Mandiant's newly launched Cyber Alliance Program, formed to help develop integrated security systems and share threat intelligence. The alliance, announced this week, is open to partners offering a wide variety of applications for endpoint, network, and cloud security, as well as identity, authentication, security information, and event management.

Cybersecurity 114

Cybersecurity Authentication 114

Security Boulevard

JUNE 9, 2022

Feds are gloating over their “seizure” of the notorious SSNDOB marketplace, which traded in stolen personal information. But the action seems too little, too late. The post DoJ, FBI, IRS Make Empty Boast: SSNDOB ‘Seized’ appeared first on Security Boulevard.

Identity Theft 111

Identity Theft Social Engineering Security Awareness Engineering 111

Heimadal Security

JUNE 9, 2022

Cybersecurity specialists discovered a massive phishing campaign that used Facebook Messenger to trick millions of individuals into entering their login details and watching advertisements on phishing pages. These stolen accounts were used by the threat actors to deliver more phishing messages to their friends, resulting in impressive earnings from online advertising commissions.

Phishing 111

Phishing Advertising Accountability Cybersecurity 111

Naked Security

JUNE 9, 2022

Latest episode - listen (or read) now!

110

110

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

CSO Magazine

JUNE 9, 2022

Notable incidents such as SolarWinds and Log4j have placed a focus on software supply chain security. They have also sent security teams in search of tools to ensure the integrity of software from third parties. Software use is ubiquitous, with digital platforms now accounting for 60% of GDP per the World Economic Forum (WEF). While the way we use software has and is changing the world, the methods to ensuring the integrity of software sourced from across the ecosystem is lacking.

Software 109

Software Accountability 109

We Live Security

JUNE 9, 2022

Digital fiddling somehow got mixed up in a real war. The post RSA – Creepy real‑world edition appeared first on WeLiveSecurity.

107

107

Heimadal Security

JUNE 9, 2022

The infamous piece of malware known as Emotet has begun to distribute a new module that is intended to steal credit card information that is saved in the Chrome web browser. The event takes place in the midst of a rise in Emotet activity, which has been seen since the group was revived around the […]. The post New Emotet Variant Scrapes Google Chrome Credit Card Info appeared first on Heimdal Security Blog.

Malware 105

Malware Cybersecurity 105

CSO Magazine

JUNE 9, 2022

Viruses and other malware spreading for sinister or baffling reasons has been a staple of cyberpunk novels and real-life news stories alike for decades. And in truth, there have been computer viruses on the internet since before it was the internet. This article will take a look at some of the most important milestones in the evolution of malware: These entries each represent a novel idea, a lucky break that revealed a gaping security hole, or an attack that turned to be particularly damaging—an

Malware 105

Malware Internet Internet 105

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Dark Reading

JUNE 9, 2022

At a 2022 RSA Conference keynote, technologist Bruce Schneier asserted that artificial intelligence agents will start to hack human systems — and what that will mean for us.

Artificial Intelligence 105

Artificial Intelligence Hacking 105

Cisco Security

JUNE 9, 2022

Security that is hard to deploy and complex to manage needs to become a distant memory if businesses are to be resilient through times of uncertainty. Even something as critical as a firewall, the sentinel in the security stack, can often require a lengthy setup, ongoing maintenance, and disjointed management. Over the long run, these additional costs accrue and can have a negative impact on security programs.

Firewall 104

Firewall Network Security 104

CSO Magazine

JUNE 9, 2022

Researchers have come across a stealthy Linux backdoor that uses sophisticated techniques to hide itself on compromised servers and steal credentials. Dubbed Symbiote because it injects itself into existing processes, the threat has been in development since at least November 2021 and seems to have been used against the financial sector in Latin America.

DNS 104

DNS Malware 104

SecureBlitz

JUNE 9, 2022

Can atomic exchanges achieve critical mass? Read on to find out. Atomic swaps are one of the most promising developments. Read more. The post Can Atomic Exchanges Achieve Critical Mass? appeared first on SecureBlitz Cybersecurity.

Cybersecurity 103

Cybersecurity Cryptocurrency 103

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Malwarebytes

JUNE 9, 2022

After a decent amount of pressure, Owl Labs has finally released updates for vulnerabilities in Meeting Owl, and Whiteboard Owl cameras. The vulnerabilities were reported to Owl Labs in January, One of the vulnerabilities , CVE-2022-31460 has been added to the Known exploited vulnerabilities catalog by the Cybersecurity & Infrastructure Security Agency (CISA) and needs to be updated by June 22, 2022.

Passwords 103

Passwords Authentication Software Wireless 103

Security Affairs

JUNE 9, 2022

Threat actors spread info-stealing malware through the search results for a pirated copy of the CCleaner Pro Windows optimization program. Researchers from Avast have uncovered a malware campaign, tracked as FakeCrack, spreading through the search results for a pirated copy of the CCleaner Pro Windows optimization program. The researchers pointed out that operators behind the campaign used a large infrastructure to deliver an info-stealing malware and harvest sensitive data, including crypto ass

Malware 102

Malware Encryption Passwords Hacking 102

Dark Reading

JUNE 9, 2022

The malware is using spreadsheets, documents, and other types of Microsoft Office attachments in a new and improved version that is often able to bypass email gateway-security scanners.

Banking 102

Banking Malware 102

Zero Day

JUNE 9, 2022

Weeks after I reported that my Instagram account had been hacked, Instagram remained silent. My account is now long gone.

Accountability 102

Accountability Hacking 102

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!