The Last Watchdog

JUNE 21, 2022

It’s stunning that the ransomware plague persists. Related: ‘SASE’ blends connectivity and security. Verizon’s Data Breach Incident Report shows a 13 percent spike in 2021, a jump greater than the past years combined; Sophos’ State of Ransomware survey shows victims routinely paying $1 million ransoms. In response, Cato Networks today introduced network-based ransomware protection for the Cato SASE Cloud.

Ransomware 198

Ransomware Data breaches Network Security Internet 198

Tech Republic Security

JUNE 21, 2022

A new banking Trojan dubbed "Malibot" pretends to be a cryptomining application to spread between Android phones. While only active now in Spain and Italy, it could begin targeting Americans. The post New Android banking malware disguises as crypto app to spread appeared first on TechRepublic.

Banking 178

Banking Malware 178

Bleeping Computer

JUNE 21, 2022

Cloudflare says a massive outage that affected more than a dozen of its data centers and hundreds of major online platforms and services today was caused by a change that should have increased network resilience. [.].

Technology 143

Technology 143

Tech Republic Security

JUNE 21, 2022

The number of cybersecurity protection tools on the market is staggering, which makes it challenging to decide which to use. Acronis has one tool that stands out in the pack. Read on to see if this tool is right for you. The post Acronis Cyber Protect Home Office: More than just a backup solution appeared first on TechRepublic.

Backups 151

Backups Marketing Cybersecurity Software 151

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Malwarebytes

JUNE 21, 2022

A researcher has found a way to generate a fingerprint of your device from your installed Google Chrome extensions, and then use that fingerprint to track you online. Fingerprinting is a way of figuring out what makes your device unique and then using that to identify you as you move around the internet. Websites you visit receive a huge amount of information when you land on their portal—it’s a lot more than “just” which web browser you use to load up someone’s site.

VPN 142

VPN Media Internet Internet 142

Tech Republic Security

JUNE 21, 2022

Business organizations that have suffered from malicious attacks are beginning to realize that some of the attacks are precipitated by privileged users. As a result, privileged users should be a corporate security concern if you want to keep cyber-related security at bay in your organization. . The post How to stop malicious privileged user attacks appeared first on TechRepublic.

Network Security 151

Network Security 151

CSO Magazine

JUNE 21, 2022

Cybersecurity researchers work hard to keep the digital world safe, but every once in a while their own physical security is at risk. Anyone who has been in this field long enough has stumbled upon stories of infosec professionals receiving threats or has experienced incidents themselves. A security expert who wanted to remain anonymous to protect his family says that "several people focusing on cybercrime have received death threats" in the past few years, and some of them even decided to fly u

Cybersecurity 137

Cybersecurity InfoSec Cybercrime Risk 137

Security Boulevard

JUNE 21, 2022

Cybercriminals are moving to exploit vulnerabilities in the digital value chain as organizations fight to secure a rapidly expanding threat surface. These were among the findings of a report from Micro Focus subsidiary CyberRes. The study revealed North America tops the list of most impacted regions, experiencing a third of the total cyber issues reported.

Security Awareness 135

Security Awareness Cybersecurity Network Security 135

Google Security

JUNE 21, 2022

Posted by Jan Keller, Technical Entertainment Manager, Bug Hunters Are you ready to put your hacking skills to the test? It’s Google CTF time! The competition kicks off on July 1 2022 6:00 PM UTC and runs through July 3 2022 6:00 PM UTC. Registration is now open at [link] In true old Google CTF fashion, the top 8 teams will qualify for our Hackceler8 speedrunning meets CTFs competition.

Hacking 135

Hacking 135

Bleeping Computer

JUNE 21, 2022

A security report has been published on a set of 56 vulnerabilities that are collectively called Icefall and affect operational technology (OT) equipment used in various critical infrastructure environments. [.].

Technology 126

Technology 126

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Graham Cluley

JUNE 21, 2022

Have you received an email notification that there is a voicemail waiting to be listened to by you? Maybe you would be wise to think carefully before clicking on the attachment.

Phishing 125

Phishing 125

CSO Magazine

JUNE 21, 2022

One of the most significant cybersecurity incidents related to Russia's war on Ukraine was a " multi-faceted " attack against satellite provider Viasat's KA-SAT network on February 24, one hour before Russia's invasion began. The assault, which both Ukraine and Western intelligence authorities attribute to Russia, was intended to degrade the Ukrainian national command and control.

Cybersecurity 125

Cybersecurity 125

Bleeping Computer

JUNE 21, 2022

An ongoing outage is affecting multiple Microsoft 365 services, with customers worldwide reporting delays, sign-in failures, and issues accessing their accounts. [.].

Accountability 125

Accountability 125

Dark Reading

JUNE 21, 2022

In the wake of devastating attacks, here are some of the best techniques and policies a company can implement to protect its data.

143

143

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Bleeping Computer

JUNE 21, 2022

The Ukrainian Computer Emergency Response Team (CERT) is warning that Russian hacking groups are exploiting the Follina code execution vulnerability in new phishing campaigns to install the CredoMap malware and Cobalt Strike beacons. [.].

Malware 120

Malware Phishing Hacking 120

We Live Security

JUNE 21, 2022

Educating employees about how to spot phishing attacks can strike a much-needed blow for network defenders. The post Phishing awareness training: Help your employees avoid the hook appeared first on WeLiveSecurity.

Phishing 118

Phishing Education Cybersecurity 118

Bleeping Computer

JUNE 21, 2022

7-zip has finally added support for the long-requested 'Mark-of-the-Web' Windows security feature, providing better protection from malicious downloaded files. [.].

Software 124

Software 124

eSecurity Planet

JUNE 21, 2022

An IT security certification can provide a key boost for your career, but with so many different certifications available (and so many organizations more than happy to take your money for training and testing), it’s important to make sure that the time and investment are well spent. The right certification can serve as a key differentiator in applying for jobs, demonstrating both your commitment to the field and the specialized knowledge you’ve gained.

Cybersecurity 118

Cybersecurity Penetration Testing System Administration Cyber Attacks 118

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

TrustArc

JUNE 21, 2022

With more regulations and consumers questioning companies’ use of their data, be prepared with 8 strategies for marketing in a consumer first privacy landscape.

Marketing 124

Marketing 124

Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in one of the malicious campaigns impersonate various services appearing to be legitimately created on the “azurefd.net” domain – This allows the bad actors to trick users and spread phishing content

Phishing 118

Phishing Accountability Hacking Scams 118

CSO Magazine

JUNE 21, 2022

British Telecom and Toshiba have launched a trial of what they say is the world's first commercial quantum secured metro network (QSMN) that aims to securely encrypt valuable data and information over standard fibre optic links using quantum key distribution (QKD). The companies will operate the network for an initial period of up to three years.

Encryption 117

Encryption 117

CyberSecurity Insiders

JUNE 21, 2022

A downtime caused on the network of Cloudflare was claimed to be a cyber attack by some online news resources. But the cloud service giant responded by giving a press statement that the disruption caused on Monday this week was because of a network change and not by digital attack. CloudFlare downtime caused some of the big companies like Discord, DoorDash, NordVPN, Zerodha, Upstox to lose network access for a couple of hours.

Cyber Attacks 116

Cyber Attacks DDOS Media Internet 116

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Security Boulevard

JUNE 21, 2022

There’s been an astounding 84% increase in business email compromise (BEC) attacks, according to the latest NordLocker Email Threat Report, which compared half-yearly statistics. The news should be particularly alarming to organizations that use email services as their main means of internal communication or correspondence with their partners and clients.

Threat Reports 113

Threat Reports Cybersecurity Network Security 113

CSO Magazine

JUNE 21, 2022

Researchers from Kaspersky Lab have published an analysis of a previously undocumented advanced persistent threat (APT) group that they have dubbed ToddyCat. The threat actor, which has targeted high-profile organizations in Asia and Europe, often breaks into organizations by hacking into internet-facing Microsoft Exchange servers, following up with a multi-stage infection chain that deploys two custom malware programs.

Government 112

Government Internet Internet Malware 112

Bleeping Computer

JUNE 21, 2022

Security researchers found that Adobe Acrobat is trying to block security software from having visibility into the PDF files it opens, creating a security risk for the users. [.].

Antivirus 110

Antivirus Software Risk 110

Security Affairs

JUNE 21, 2022

Experts discovered a new kind of Windows NTLM relay attack dubbed DFSCoerce that allows taking control over a Windows domain. Researchers warn of a new Windows NTLM relay attack dubbed DFSCoerce that can be exploited by threat actors to take control over a Windows domain. The DFSCoerce attack relies on the Distributed File System (DFS): Namespace Management Protocol (MS-DFSNM) to take full control over a Windows domain.

Authentication 112

Authentication Hacking Cybersecurity Information Security 112

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Security Boulevard

JUNE 21, 2022

Capital One hacker Paige A. Thompson has been found guilty. But it has to be said that Capital One’s security design was absolutely awful. The post Hacker Paige Thompson Could Face 45 Years in Prison — ‘Suicide by Law Enforcement’ appeared first on Security Boulevard.

Risk 109

Risk Government Cybersecurity Network Security 109

Security Affairs

JUNE 21, 2022

Researchers linked a new APT group, tracked as ToddyCat, to a series of attacks targeting entities in Europe and Asia since at least December 2020. Researchers from Kaspersky have linked a new APT group, tracked as ToddyCat, to a series of attacks aimed at high-profile entities in Europe and Asia since at least December 2020. The threat actors initially launched a cyber espionage campaign against entities in Taiwan and Vietnam, the APT was observed targeting Microsoft Exchange servers with a zer

Architecture 109

Architecture Malware Hacking Cybersecurity 109

Security Boulevard

JUNE 21, 2022

Is Cyber Breach Insurance part of your Cybersecurity roadmap? Is Cyber Breach Insurance part of your Cybersecurity roadmap? Secureflo.net Click here to build the cybersecurity strategy to protect your business against cyber attacks Introduction As you have probably seen in the news, cyberattacks have grown across all business sectors. Companies of all sizes are getting […].

Insurance 109

Insurance Cybersecurity Cyber Attacks 109

The State of Security

JUNE 21, 2022

Modern goods and services rely on a supply chain ecosystem, which are interconnected networks of manufacturers, software developers, and other service providers. This ecosystem provides cost savings, interoperability, quick innovation, product feature diversity, and the freedom to pick between rival providers. However, due to the many sources of components and software that often form a final […]… Read More.

Manufacturing 109

Manufacturing Software Risk 109

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.