Schneier on Security
MARCH 29, 2023
Jenny Blessing and Ross Anderson have evaluated the security of systems designed to allow the various Internet messaging platforms to interoperate with each other: The Digital Markets Act ruled that users on different platforms should be able to exchange messages with each other. This opens up a real Pandora’s box. How will the networks manage keys, authenticate users, and moderate content?
Tech Republic Security
MARCH 29, 2023
Learn how to protect your organization and users from this Android banking trojan. The post Nexus Android malware targets 450 financial applications appeared first on TechRepublic.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
WIRED Threat Level
MARCH 29, 2023
Documents obtained by WIRED confirm that Good Smile, which licenses toy production for Disney, was an investor in the controversial image board.
Bleeping Computer
MARCH 29, 2023
A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company's customers in an ongoing supply chain attack. [.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Security Boulevard
MARCH 29, 2023
Skyhawk Security today revealed it is employing ChatGPT to add generative artificial intelligence (AI) capabilities to its cloud threat detection and response (CDR) platform at no extra charge. Skyhawk Security CEO Chen Burshan said in addition to providing textual explanations of the evolution of a security incident discovered by the company’s platform, ChatGPT also makes.
Trend Micro
MARCH 29, 2023
In late March 2023, security researchers revealed that threat actors were actively abusing a popular business communication software from 3CX.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Dark Reading
MARCH 29, 2023
Credential phishing emails are the clear favorite of threat actors, with a 478% spike last year, new research shows.
Bleeping Computer
MARCH 29, 2023
Taiwanese hardware vendor QNAP warns customers to secure their Linux-powered network-attached storage (NAS) devices against a high-severity Sudo privilege escalation vulnerability. [.
We Live Security
MARCH 29, 2023
How fraudsters groom their marks and move in for the kill using tricks from the playbooks of romance and investment scammers The post Pig butchering scams: The anatomy of a fast‑growing threat appeared first on WeLiveSecurity
Bleeping Computer
MARCH 29, 2023
Google's Threat Analysis Group (TAG) discovered several exploit chains using Android, iOS, and Chrome zero-day and n-day vulnerabilities to install commercial spyware and malicious apps on targets' devices. [.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
The Hacker News
MARCH 29, 2023
An unknown Chinese state-sponsored hacking group has been linked to a novel piece of malware aimed at Linux servers. French cybersecurity firm ExaTrack, which found three samples of the previously documented malicious software that date back to early 2022, dubbed it Mélofée.
CSO Magazine
MARCH 29, 2023
Concerns about the reach of ChatGPT and how easier it may get for bad actors to find sensitive information have increased following Microsoft’s announcement of the integration of ChatGPT into Bing and the latest update of the technology, GPT-4. Within a month of the integration, Bing had crossed the 100 million daily user threshold. Meanwhile, GPT-4 improved the AI which now has better reasoning skills, is more accurate and has the ability to see images.
Bleeping Computer
MARCH 29, 2023
AI professors and developers have co-signed an open letter to artificial intelligence labs, calling them to pause the development and training of AI systems more powerful than GPT-4 for at least six months. [.
CSO Magazine
MARCH 29, 2023
There are many reasons retailers are juicy targets for hackers. They earn and handle tremendous amounts of money, store millions of customer credit card numbers, and have frontline staff who may lack cybersecurity training. To save money, some retailers use older equipment that isn’t adequately updated, secured, or monitored to deal with cyberattacks.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Quick Heal Antivirus
MARCH 29, 2023
The rise of ransomware and malware variants has been a growing concern for individuals and organizations alike. With. The post Deep Dive into Royal Ransomware appeared first on Quick Heal Blog.
Security Boulevard
MARCH 29, 2023
The world is changing with generative AI. And your threat intelligence platform is too. We’re thrilled to announce the launch of Flare’s AI Powered Assistant! Security operations and threat intelligence teams can now instantly create informed, summarized, and translated reports from the clear and dark web, regardless of the language and technical jargon.
Dark Reading
MARCH 29, 2023
A vulnerability with a 9.8 CVSS rating in IBM's widely deployed Aspera Faspex offering is being actively exploited to compromise enterprises.
CyberSecurity Insiders
MARCH 29, 2023
As the fear of AI machines grips most technologists, Tesla’s chief’s latest words are playing the role of a catalyst to intensify the buzz. Speaking during a conference at SpaceX’s Starbase Facility, Elon Musk expressed fears that robots might launch cyberattacks on themselves in the near future, potentially causing deep trouble for humans if we do not stop their advances now.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Dark Reading
MARCH 29, 2023
With an infrastructure for observability, security teams can make better decisions about access and identity-based threats.
Security Boulevard
MARCH 29, 2023
ChatGPT is spreading like wildfire all over the internet, being used in everything from casual tools to cybersecurity and even industrial applications. It’s so popular, I wouldn’t be shocked if it starts running a nuclear power plant soon (if it isn’t already)! Using OpenAI’s ChatGPT-3.5, ChatGPT-4, and earlier models like Davinci costs a few cents [.
CSO Magazine
MARCH 29, 2023
For the first time, over a dozen cybersecurity companies have come together to produce an agnostic study titled LATAM CISO Report 2023: Insights from Industry Leaders. More than 200 CISOs in the Americas region, in addition to the Inter-American Development Bank (IDB), Latin American Federation of Banks (FELABAN), and the World Economic Forum (WEF), contributed to the report.
Trend Micro
MARCH 29, 2023
Trend Micro co-Authors Cyber Mercenary Principles to help guide the technology industry and others in dealing with the growing market of cyber mercenaries.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
CSO Magazine
MARCH 29, 2023
When it comes to threat actors working for the North Korean government, most people have heard of the Lazarus group (APT38). It was responsible for the 2014 attack against Sony Pictures, the 2016 cyber heist of funds belonging to the central bank of Bangladesh, and the 2017 WannaCry ransomware worm. However, another team that security researchers call APT43, Kimsuky, or Thallium has been carrying out cyberespionage and cybercrime operations at the behest of the North Korean government since at l
The Hacker News
MARCH 29, 2023
3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that's using digitally signed and rigged installers of the popular voice and video conferencing software to target downstream customers.
Security Boulevard
MARCH 29, 2023
Simply being “cyber aware” is an unviable option for board members as the impact of cybersecurity expands beyond IT systems. An unnoticed security gap or dated risk assessment are minor mistakes that can lead to cyber breaches that could render the company obsolete. Considering the serious risks associated with poor cybersecurity, boards are becoming more involved in cyber risk management and recognize that it is not just an IT issue but a concern that impacts the entire organization's success.
Heimadal Security
MARCH 29, 2023
A command-and-control server (C&C) is a computer that threat actors use to send instructions to compromised systems. Their goal is to direct infected devices into performing further malicious activities on the host or network. Hackers can use C&C or C2 servers to create botnets and launch DDoS attacks, steal, delete, and/or encrypt data. Basically, a […] The post Command-and-Control Servers Explained.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Trend Micro
MARCH 29, 2023
We detected Mac malware MacStealer spreading via websites, social media, and messaging platforms Twitter, Discord, and Telegram. Cybercriminals lure victims to download it by plagiarizing legitimate play-to-earn (P2E) apps’ images and offering jobs as beta testers.
Security Boulevard
MARCH 29, 2023
Customer identity and access management (CIAM) is a major cybersecurity component of any company that maintains customer accounts. Online fraud and authentication attack attempts have grown significantly in the past several years, with attackers increasingly turning their attention to customers rather than companies. This can be seen, for example, in the finance industry, where attacks against customers now outnumber those on institutions or their employees by 4:1.
The Hacker News
MARCH 29, 2023
A number of zero-day vulnerabilities that were addressed last year were exploited by commercial spyware vendors to target Android and iOS devices, Google's Threat Analysis Group (TAG) has revealed. The two distinct campaigns were both limited and highly targeted, taking advantage of the patch gap between the release of a fix and when it was actually deployed on the targeted devices.
Security Boulevard
MARCH 29, 2023
An estimated 333 billion emails were sent and received daily worldwide in 2022. Email is one of the most important communication tools used today. It’s also a powerful, accessible, effective and low-cost tool for cybercriminals to use. As attacks continue to evolve, harnessing AI and advanced social engineering techniques for increasingly sophisticated, stealthy attacks, many.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
297 
Let's personalize your content