Schneier on Security
MARCH 29, 2023
Jenny Blessing and Ross Anderson have evaluated the security of systems designed to allow the various Internet messaging platforms to interoperate with each other: The Digital Markets Act ruled that users on different platforms should be able to exchange messages with each other. This opens up a real Pandora’s box. How will the networks manage keys, authenticate users, and moderate content?
Tech Republic Security
MARCH 29, 2023
Learn how to protect your organization and users from this Android banking trojan. The post Nexus Android malware targets 450 financial applications appeared first on TechRepublic.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Bleeping Computer
MARCH 29, 2023
A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company's customers in an ongoing supply chain attack. [.
Security Boulevard
MARCH 29, 2023
Skyhawk Security today revealed it is employing ChatGPT to add generative artificial intelligence (AI) capabilities to its cloud threat detection and response (CDR) platform at no extra charge. Skyhawk Security CEO Chen Burshan said in addition to providing textual explanations of the evolution of a security incident discovered by the company’s platform, ChatGPT also makes.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Bleeping Computer
MARCH 29, 2023
Taiwanese hardware vendor QNAP warns customers to secure their Linux-powered network-attached storage (NAS) devices against a high-severity Sudo privilege escalation vulnerability. [.
WIRED Threat Level
MARCH 29, 2023
Documents obtained by WIRED confirm that Good Smile, which licenses toy production for Disney, was an investor in the controversial image board.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
We Live Security
MARCH 29, 2023
How fraudsters groom their marks and move in for the kill using tricks from the playbooks of romance and investment scammers The post Pig butchering scams: The anatomy of a fast‑growing threat appeared first on WeLiveSecurity
Bleeping Computer
MARCH 29, 2023
AI professors and developers have co-signed an open letter to artificial intelligence labs, calling them to pause the development and training of AI systems more powerful than GPT-4 for at least six months. [.
The Hacker News
MARCH 29, 2023
Trojanized installers for the TOR anonymity browser are being used to target users in Russia and Eastern Europe with clipper malware designed to siphon cryptocurrencies since September 2022. "Clipboard injectors [.
Bleeping Computer
MARCH 29, 2023
The SafeMoon token liquidity pool lost $8.9 million after a hacker exploited a newly created 'burn' smart contract function that artificially inflated the price, allowing the actors to sell SafeMoon at a much higher price. [.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
CSO Magazine
MARCH 29, 2023
Concerns about the reach of ChatGPT and how easier it may get for bad actors to find sensitive information have increased following Microsoft’s announcement of the integration of ChatGPT into Bing and the latest update of the technology, GPT-4. Within a month of the integration, Bing had crossed the 100 million daily user threshold. Meanwhile, GPT-4 improved the AI which now has better reasoning skills, is more accurate and has the ability to see images.
Quick Heal Antivirus
MARCH 29, 2023
The rise of ransomware and malware variants has been a growing concern for individuals and organizations alike. With. The post Deep Dive into Royal Ransomware appeared first on Quick Heal Blog.
CSO Magazine
MARCH 29, 2023
There are many reasons retailers are juicy targets for hackers. They earn and handle tremendous amounts of money, store millions of customer credit card numbers, and have frontline staff who may lack cybersecurity training. To save money, some retailers use older equipment that isn’t adequately updated, secured, or monitored to deal with cyberattacks.
Security Boulevard
MARCH 29, 2023
The world is changing with generative AI. And your threat intelligence platform is too. We’re thrilled to announce the launch of Flare’s AI Powered Assistant! Security operations and threat intelligence teams can now instantly create informed, summarized, and translated reports from the clear and dark web, regardless of the language and technical jargon.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
CyberSecurity Insiders
MARCH 29, 2023
As the fear of AI machines grips most technologists, Tesla’s chief’s latest words are playing the role of a catalyst to intensify the buzz. Speaking during a conference at SpaceX’s Starbase Facility, Elon Musk expressed fears that robots might launch cyberattacks on themselves in the near future, potentially causing deep trouble for humans if we do not stop their advances now.
Bleeping Computer
MARCH 29, 2023
Valve announced that its Steam online game platform will officially drop support for the Windows 7, Windows 8, and Windows 8.1 platforms starting January 1st, 2024. [.
Dark Reading
MARCH 29, 2023
Credential phishing emails are the clear favorite of threat actors, with a 478% spike last year, new research shows.
CSO Magazine
MARCH 29, 2023
For the first time, over a dozen cybersecurity companies have come together to produce an agnostic study titled LATAM CISO Report 2023: Insights from Industry Leaders. More than 200 CISOs in the Americas region, in addition to the Inter-American Development Bank (IDB), Latin American Federation of Banks (FELABAN), and the World Economic Forum (WEF), contributed to the report.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Security Boulevard
MARCH 29, 2023
ChatGPT is spreading like wildfire all over the internet, being used in everything from casual tools to cybersecurity and even industrial applications. It’s so popular, I wouldn’t be shocked if it starts running a nuclear power plant soon (if it isn’t already)! Using OpenAI’s ChatGPT-3.5, ChatGPT-4, and earlier models like Davinci costs a few cents [.
CSO Magazine
MARCH 29, 2023
When it comes to threat actors working for the North Korean government, most people have heard of the Lazarus group (APT38). It was responsible for the 2014 attack against Sony Pictures, the 2016 cyber heist of funds belonging to the central bank of Bangladesh, and the 2017 WannaCry ransomware worm. However, another team that security researchers call APT43, Kimsuky, or Thallium has been carrying out cyberespionage and cybercrime operations at the behest of the North Korean government since at l
Security Boulevard
MARCH 29, 2023
Simply being “cyber aware” is an unviable option for board members as the impact of cybersecurity expands beyond IT systems. An unnoticed security gap or dated risk assessment are minor mistakes that can lead to cyber breaches that could render the company obsolete. Considering the serious risks associated with poor cybersecurity, boards are becoming more involved in cyber risk management and recognize that it is not just an IT issue but a concern that impacts the entire organization's success.
Bleeping Computer
MARCH 29, 2023
Microsoft Defender is mistakenly flagging legitimate links as malicious, with some customers having already received dozens of alert emails since the issues began over five hours ago. [.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Security Boulevard
MARCH 29, 2023
Customer identity and access management (CIAM) is a major cybersecurity component of any company that maintains customer accounts. Online fraud and authentication attack attempts have grown significantly in the past several years, with attackers increasingly turning their attention to customers rather than companies. This can be seen, for example, in the finance industry, where attacks against customers now outnumber those on institutions or their employees by 4:1.
CyberSecurity Insiders
MARCH 29, 2023
Anxiety about the security of hot wallets grows as General Bytes customers are hit by a zero-day flaw in the company’s Bitcoin ATMs. By John E. Dunn It’s fair to say that crypto has an image problem. What it didn’t need was a Bitcoin ATM (BATM) hack to generate even more bad publicity. Unfortunately, that’s exactly what happened on March 17-18, according to General Bytes, one of the best-known makers of BATMs on the market.
Security Boulevard
MARCH 29, 2023
An estimated 333 billion emails were sent and received daily worldwide in 2022. Email is one of the most important communication tools used today. It’s also a powerful, accessible, effective and low-cost tool for cybercriminals to use. As attacks continue to evolve, harnessing AI and advanced social engineering techniques for increasingly sophisticated, stealthy attacks, many.
CyberSecurity Insiders
MARCH 29, 2023
OpenAI-developed conversational AI ChatGPT is hitting the news headlines almost daily, and as it is now a part of Microsoft, the software giant is also getting a lot of credit for devising such a tool that can do anything and everything…well, almost! Microsoft, which is busy integrating the services of the chatbot into its software products such as Bing, made an announcement that it intends for the world to entrust cybersecurity to artificial intelligence technology, as its capabilities ar
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Trend Micro
MARCH 29, 2023
In late March 2023, security researchers revealed that threat actors were actively abusing a popular business communication software from 3CX.
Dark Reading
MARCH 29, 2023
A vulnerability with a 9.8 CVSS rating in IBM's widely deployed Aspera Faspex offering is being actively exploited to compromise enterprises.
Lenny Zeltser
MARCH 29, 2023
In the two decades I've spent in cybersecurity, I've observed and experienced the fighting spirit of security professionals: When tasked with safeguarding information assets, we envision ourselves erecting defenses to keep threat actors at bay, or we emulate malicious actions to find flaws in the organization's security measures before attackers exploit them.
Security Boulevard
MARCH 29, 2023
Accelerating Cybersecurity for US Critical Infrastructure Guest post By Gaurav Pal, Principal and Founder, stackArmor, Inc. Disruptions in gasoline supplies due to the cyberattack on the Colonial Pipeline in May 2021 transformed cybersecurity attacks from an “online problem” to a national security concern. This seminal event resulted in the release of the National Cybersecurity Strategy (NCS) […] The post Accelerating Cybersecurity for US Critical Infrastructure with FedRAMP appeared first on Se
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
201 
Let's personalize your content