Security Boulevard
FEBRUARY 14, 2023
Many people look for love or companionship online, and Valentine’s Day presents the perfect opportunity for digital crooks to take advantage of vulnerable lonely hearts. A report from Bitdefender found Valentine’s Day-themed spam has dramatically spiked in recent days, using the promise of love, discounts on merchandise and gifts from popular brands as lures.
Krebs on Security
FEBRUARY 14, 2023
Microsoft is sending the world a whole bunch of love today, in the form of patches to plug dozens of security holes in its Windows operating systems and other software. This year’s special Valentine’s Day Patch Tuesday includes fixes for a whopping three different “zero-day” vulnerabilities that are already being used in active attacks.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
FEBRUARY 14, 2023
This is a current list of where and when I am scheduled to speak: I’m speaking at Mobile World Congress 2023 in Barcelona, Spain, on March 1, 2023 at 1:00 PM CET. I’m speaking on “ How to Reclaim Power in the Digital World ” at EPFL in Lausanne, Switzerland, on Thursday, March 16, 2023, at 5:30 PM. I’m speaking at IT-S Now 2023 in Vienna, Austria, on June 1-2, 2023.
CyberSecurity Insiders
FEBRUARY 14, 2023
The pandemic shook businesses to its core, forcing users to trade in their office chairs for home desks. The result? Users, devices, and data scattered across the world. And for those in the networking and security fields, this shift brought major challenges. The traditional castle and moat access approach was no longer enough, and even the most reliable security tools became obsolete.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Security Boulevard
FEBRUARY 14, 2023
U.S. GDPR ASAP: Data brokers are selling PII about mental health conditions—depression, anxiety, bipolar disorder, PTSD, OCD, etc. The post Your Mental Health Data for Sale or Rent — 20¢ appeared first on Security Boulevard.
CSO Magazine
FEBRUARY 14, 2023
The new Transparent Data Encryption (TDE) feature will be shipped along with the company’s enterprise version of its database.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
CSO Magazine
FEBRUARY 14, 2023
The last year saw a rise in the sophistication and number of attacks targeting industrial infrastructure, including the discovery of a modular malware toolkit that's capable of targeting tens of thousands of industrial control systems (ICS) across different industry verticals. At the same time, incident response engagements by industrial cybersecurity firm Dragos showed that 80% of impacted environments lacked visibility into ICS traffic and half had network segmentation issues and uncontrolled
Heimadal Security
FEBRUARY 14, 2023
Threat actors breached Pepsi Bottling Ventures LLC`s network and successfully installed info-stealing malware. The incident happened on or around December 23rd, 2022, and the team discovered it 18 days later, on January 10th, 2023. It took the IT team another 9 days to remediate the breach and secure the system. So, the hackers had around […] The post Pepsi Bottle Ventures Suffers Data Breach After Malware Attack appeared first on Heimdal Security Blog.
CSO Magazine
FEBRUARY 14, 2023
A core pillar of a mature cyber risk program is the ability to measure, analyze, and report cybersecurity threats and performance. That said, measuring cybersecurity is not easy. On one hand business leaders struggle to understand information risk (because they usually are from a non-cyber background), while on the other, security practitioners get caught up in too much technical detail which ends up confusing, misinforming, or misleading stakeholders.
eSecurity Planet
FEBRUARY 14, 2023
In 2013, Adam Markowitz founded Portfolium, an edtech startup that matched college students and graduates with employers. “I remember the first time we were asked for a SOC 2 report, which quickly became the minimum bar requirement in our industry for proof of an effective security program,” he said. The process for creating the report was time-consuming, manual and costly.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Security Boulevard
FEBRUARY 14, 2023
When considering how to thwart threat actors and protect IT assets against cyber attacks, many organizations take an inherently defensive approach. Locking down systems and assets with protective tools and procedures like firewalls, employee training, and incident response plans makes sense. However, in today’s high-volume and sophisticated threat landscape, intruders continue to innovate and find […] The post Offensive Cybersecurity: The Definitive Guide appeared first on Flare | Cyber Thr
Bleeping Computer
FEBRUARY 14, 2023
Today is Microsoft's February 2023 Patch Tuesday, and security updates fix three actively exploited zero-day vulnerabilities and a total of 77 flaws. [.
Security Boulevard
FEBRUARY 14, 2023
As the head of IT, your job to keep your organization’s networks up and running and secure is a challenge in any environment—and even more so when you’re doing work for the Department of Defense (DoD). The aim of this blog is to help guide the critical conversations you need to have with your CEO […] The post <span style="color:#f05f2a;">Six IT Talking Points:</span> Briefing your CEO on DoD compliance appeared first on PreVeil.
SecureWorld News
FEBRUARY 14, 2023
Cybersecurity firm Group-IB successfully defended against a targeted attack by the Chinese state-sponsored Tonto Team, one of the world's most advanced persistent threat (APT) actors. Despite Tonto Team being known for its sophisticated techniques and ability to evade detection, Group-IB was able to detect and block the attack before any damage could be done.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
We Live Security
FEBRUARY 14, 2023
Spoiler alert: it turned me down. But that’s far from the only thing I learned while playing around with the bot that the world has fallen in love with so badly. The post ChatGPT, will you be my Valentine?
Webroot
FEBRUARY 14, 2023
Online dating scams are on the RiseAccording to the FBI, Americans lost $1 billion in 2021 due to online dating scams; 2022 numbers are expected to be higher. Romance scammers are masters of disguise. They lead people on with talk of love and then attempt to trick them into giving money or personal data. As demonstrated by The Tinder Swindler, anyone at any age can be manipulated into a romance scam.
Dark Reading
FEBRUARY 14, 2023
78 new CVEs patched in this month's batch — nearly half of which are remotely executable and three of which attackers already are exploiting.
SecureBlitz
FEBRUARY 14, 2023
The number of online shoppers worldwide is rising, especially since the pandemic. An omnichannel strategy hence is basic for any business nowadays. Customers want to purchase their preferred channel effortlessly. They expect a seamless experience across all touchpoints, whether online, in-store or on mobile devices. To provide such an experience, companies need to streamline their […] The post How To Streamline The Customer Journey With Omnichannel Integration appeared first on SecureBlitz
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Naked Security
FEBRUARY 14, 2023
Everyone update now! Except for those who don't need to! Or who need to but will only get updates later on, though Apple isn't saying yet!
CyberSecurity Insiders
FEBRUARY 14, 2023
We all know that the iPhone giant released its iOS 16 a few weeks ago and wanted everyone to upgrade to the new operating systems as it’s more intuitive and easier to use. A couple of weeks back, the technology giant of America issued a warning to all its users and urged them to go for the upgrade at the earliest. As among the two identified flaws, one was discovered to be exploited already by threat actors.
Dark Reading
FEBRUARY 14, 2023
How newly exposed security weaknesses in industrial wireless, cloud-based interfaces, and nested PLCs serve as a wake-up call for hardening the physical process control layer of the OT network.
SecureBlitz
FEBRUARY 14, 2023
Read on for the Dynadot domain registration service review. Dynadot is a domain registrar that boasts thousands of users. But it’s not the only one. Hundreds of domain registrars exist with thousands of users. If you want to build a website, the domain registrar you choose will majorly impact your experience. Therefore, picking the best […] The post Dynadot Domain Registration Service Review appeared first on SecureBlitz Cybersecurity.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
CyberSecurity Insiders
FEBRUARY 14, 2023
Mortal Kombat is the news ransomware that is on the prowl and Cisco Talos says the new ransomware can wipe off data of the victim, if they fail to pay the demanded ransom on time. Security firm of Cisco says the malware also can steal cryptocurrency, thanks to its add-on of Laplas, that has the ability to replace the crypto address on the Windows Clipboard and substitute it with the one dictated by the threat actor.
The Hacker News
FEBRUARY 14, 2023
Malicious actors have published more than 451 unique Python packages on the official Python Package Index (PyPI) repository in an attempt to infect developer systems with clipper malware. Software supply chain security company Phylum, which spotted the libraries, said the ongoing activity is a follow-up to a campaign that was initially disclosed in November 2022.
CSO Magazine
FEBRUARY 14, 2023
Pepsi Bottling Ventures, the largest bottlers of Pepsi beverages in the US, has reported a data breach affecting the personal information of several employees. The company filed a notice of the data breach with the Attorney General of Montana on February 10 after discovering that a threat actor had accessed confidential information of certain current and former employees.
The Hacker News
FEBRUARY 14, 2023
The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70 bogus domains mimicking URL shorteners and infected over 10,800 websites.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Anton on Security
FEBRUARY 14, 2023
This post continues the discussion started in “Use Cloud Securely? What Does This Even Mean?!” and focuses on an area that should be easy for every purported security professional — defense in depth. So, before reading further, ask yourself two questions: Do you understand the concept of “defense in depth” (DiD) in security? Do you understand how DiD applies in public cloud environments?
The Hacker News
FEBRUARY 14, 2023
Google announced on Tuesday that it's officially rolling out Privacy Sandbox on Android in beta to eligible mobile devices running Android 13. "The Privacy Sandbox Beta provides new APIs that are designed with privacy at the core, and don't use identifiers that can track your activity across apps and websites," the search and advertising giant said.
Bleeping Computer
FEBRUARY 14, 2023
Microsoft says that some WSUS servers upgraded to Windows Server 2022 might fail to push Windows 11, version 22H2 updates released during this month's Patch Tuesday to endpoints across enterprise environments. [.
Malwarebytes
FEBRUARY 14, 2023
Apple has released information about the new security content of macOS Ventura 13.2.1 and of iOS 16.3.1 and iPadOS 16.3.1. Most prominent is a vulnerability in WebKit that may have been actively exploited. In December, 2022, we warned our readers about another actively exploited vulnerability in Apple’s WebKit. The currently patched vulnerability was a type confusion issue that Apple says has been addressed with improved checks.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
98 
Let's personalize your content