Joseph Steinberg

OCTOBER 24, 2022

An online cybersecurity event with 2,500 people already logged in had to be cancelled after suspected cybercriminals launched a social engineering attack in the event’s chat window. According to multiple media reports, the Australian Institute of Company Directors had been scheduled to run an an online event today for nearly 5,000 registrants at which the organization planned to discuss its new “cybersecurity governance principles.

Cybersecurity 331

Cybersecurity Social Engineering Artificial Intelligence Scams 331

The Last Watchdog

OCTOBER 24, 2022

Employee security awareness is the most important defense against data breaches. Related: Leveraging security standards to protect your company. It involves regularly changing passwords and inventorying sensitive data. Cybercriminals view employees as a path of least resistance. As such, you should limit the amount of information that employees have access to.

Passwords 191

Passwords Security Awareness Data breaches Cybersecurity 191

Tech Republic Security

OCTOBER 24, 2022

Learn how Jamf Now’s features can streamline your company’s Apple mobile device management. The post Optimize and secure your team’s Apple devices with Jamf Now appeared first on TechRepublic.

Mobile 154

Mobile Software 154

Bleeping Computer

OCTOBER 24, 2022

Researchers at Guardio Labs have discovered a new malvertizing campaign pushing Google Chrome and Microsoft Edge extensions that hijack searches and insert affiliate links into webpages. [.].

142

142

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

CyberSecurity Insiders

OCTOBER 24, 2022

United States Cybersecurity and Infrastructure Security Agency(CISA) has issued an advisory to all hospitals and healthcare providers about a new ransomware dubbed ‘Daixin Team’ doing rounds on the internet. Information is out that the said hackers group is spreading malware to healthcare and the public sector and is demanding cryptocurrency in Bitcoins for an exchange of decryption key.

Ransomware 140

Ransomware Healthcare Cryptocurrency Malware 140

Bleeping Computer

OCTOBER 24, 2022

In security updates released on Monday, Apple has fixed the ninth zero-day vulnerability used in attacks against iPhones since the start of the year. [.].

142

142

CSO Magazine

OCTOBER 24, 2022

Most cybersecurity teams grapple with similar issues, from defending against the ever-changing threat landscape to finding time for training and upskilling opportunities. I recently had the chance to speak with numerous security executives and industry experts at the Fortinet Security Summit, held in conjunction with the second annual PGA Fortinet Championship in Napa Valley, to discuss some of these challenges, insights, and potential solutions for addressing them.

Cybersecurity 131

Cybersecurity Ransomware 131

Security Boulevard

OCTOBER 24, 2022

Employee security awareness is the most important defense against data breaches. Related: Leveraging security standards to protect your company. It involves regularly changing passwords and inventorying sensitive data. Cybercriminals view employees as a path of least resistance. As such, you … (more…). The post GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen appeared first on Security Boulevard.

Cybersecurity 129

Cybersecurity Security Awareness Data breaches Passwords 129

Graham Cluley

OCTOBER 24, 2022

Pendragon - the car dealership group which owns Evans Halshaw, CarStore, and Stratstone, and operates around 160 showrooms across the UK - has confirmed that its IT servers have been hacked by cybercriminals who claim to have stolen five per cent of its data.

Ransomware 121

Ransomware Hacking Malware 121

Bleeping Computer

OCTOBER 24, 2022

Google announced today that the Google Chrome web browser will likely drop support for Windows 7 and Windows 8.1 starting February 2023. [.].

136

136

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Tech Republic Security

OCTOBER 24, 2022

5G and IoT have made promising strides in the business and consumer technology spaces, but with new developments come new vulnerabilities. Learn what’s afoot and what you can do to secure against these risks. The post How to navigate the current 5G and IoT threat landscape appeared first on TechRepublic.

IoT 111

IoT Technology Risk 111

Dark Reading

OCTOBER 24, 2022

A CISA advisory warns that the Daixin Team ransomware group has put the US healthcare system in its crosshairs for data extortion, and provides tools to fight back.

Healthcare 117

Healthcare Ransomware 117

Bleeping Computer

OCTOBER 24, 2022

The Iranian Atomic Energy Organization (AEOI) has confirmed that one of its subsidiaries' email servers was hacked after the ''Black Reward' hacking group published stolen data online. [.].

Hacking 110

Hacking 110

Tech Republic Security

OCTOBER 24, 2022

Larry Zorio, chief information security officer at Mark43, offers helpful insight from the battlefront. The post Fighting cybersecurity risks for law enforcement: On-premises vs. cloud native systems appeared first on TechRepublic.

Risk 106

Risk Cybersecurity Information Security 106

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

CSO Magazine

OCTOBER 24, 2022

Even though many organizations have a goal of achieving zero trust, this goal may not always be realizable in the solutions they are implementing. In fact, a recent survey found that while most responding organizations said they had implemented or were implementing a zero trust strategy , more than half of them didn’t have the ability to authenticate users and devices on an ongoing basis.

Data breaches 109

Data breaches Authentication 109

Security Boulevard

OCTOBER 24, 2022

The post SBOMs are critical to software supply chain security — but only the first step in your journey appeared first on Security Boulevard.

Software 120

Software 120

CSO Magazine

OCTOBER 24, 2022

There's a joke cryptographer Jon Callas likes to tell: CISO stands for Chief Intrusion Scapegoat Officer, "because CISOs are often thrown into a position where they can't succeed." Callas, who is the director of public interest tech at the Electronic Frontier Foundation, says that security officers are often "simultaneously in charge and powerless." They know what they should do to mitigate risks, but they can't get enough support.

CISO 107

CISO Risk 107

Security Boulevard

OCTOBER 24, 2022

Cybersecurity is a year-round issue Cybersecurity awareness is important year-round for the security of our businesses and customers. We’re proud to be a supporter of Cybersecurity Awareness Month. It has been invaluable in raising awareness of digital safety issues for a broad cross-section of people, but the issues highlighted have to go beyond October and […].

Cybersecurity 104

Cybersecurity Authentication Security Awareness 104

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Dark Reading

OCTOBER 24, 2022

Burnout has led one-third of cybersecurity staffers to consider changing jobs over the next two years, potentially further deepening the talent shortage, research shows.

Cybersecurity 102

Cybersecurity 102

We Live Security

OCTOBER 24, 2022

Next time you're tempted to hold off on installing software updates, remember why these updates are necessary in the first place. The post 5 reasons to keep your software and devices up to date appeared first on WeLiveSecurity.

Software 99

Software Cybersecurity 99

Bleeping Computer

OCTOBER 24, 2022

Microsoft has fixed a known issue blocking the Windows 11 2022 Update from being offered on systems with printers using Universal Print Class or Microsoft IPP Class drivers because of compatibility issues. [.].

98

98

The Hacker News

OCTOBER 24, 2022

Tech giant Apple on Monday rolled out updates to remediate a zero-day flaw in iOS and iPadOS that it said has been actively exploited in the wild. The weakness, given the identifier CVE-2022-42827, has been described as an out-of-bounds write issue in the Kernel, which could be abused by a rogue application to execute arbitrary code with the highest privileges.

95

95

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Bleeping Computer

OCTOBER 24, 2022

The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert about potential Cuba Ransomware attacks against critical networks in the country. [.].

Ransomware 98

Ransomware 98

CSO Magazine

OCTOBER 24, 2022

A secure by design approach is vital to protecting the internet of things (IoT) and smart cities, according to Lindy Cameron, CEO of the UK National Cyber Security Centre (NCSC). Cameron spoke during Singapore International Cyber Week , calling for swift ongoing action to ensure connected devices are designed, built, deployed, and managed securely to prevent malicious actors, improve national resilience, and reap the benefits of emerging technologies.

IoT 99

IoT Technology Internet Internet 99

Heimadal Security

OCTOBER 24, 2022

Ransomware is a major threat that costs businesses, corporations, and infrastructure operators billions of dollars every year. Behind this type of threat are experienced ransomware gangs developing and distributing malware that make the attacks possible. By now you know that there are plenty of ransomware versions out there. With names such as Vice Society, Agenda, […].

Ransomware 90

Ransomware Malware 90

Malwarebytes

OCTOBER 24, 2022

Advocate Aurora Health has disclosed that by visiting its websites users may have shared personal information, and possibly protected health information (PHI), with Google and Meta (Facebook). Advocate Aurora Health is the 11th largest not-for-profit, integrated health system in the US and provides care for about 3 million patients. The company used tracking technology provided by Google and Meta to understand how patients and others interact with its websites.

Healthcare 90

Healthcare Technology Insurance Scams 90

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Security Boulevard

OCTOBER 24, 2022

The internet of things (IoT) can be used for more than just remotely turning on your coffee pot; the IoT can also seemingly predict the future. Today, companies are turning to IoT-enabled remote monitoring tools that can use predictive maintenance to analyze how assets operate. These new processes can increase productivity, lower maintenance costs, and.

IoT 95

IoT Internet Internet Cybersecurity 95

Malwarebytes

OCTOBER 24, 2022

Last week on Malwarebytes Labs: Thermal cameras could help reveal your password. How to spot a scam. Warning: "FaceStealer" iOS and Android apps steal your Facebook login. Criminal group busted after stealing hundreds of keyless cars. Fake tractor fraudsters plague online transactions. DeadBolt ransomware gang tricked into giving victims free decryption keys.

Scams 88

Scams Ransomware Passwords Risk 88

CSO Magazine

OCTOBER 24, 2022

It’s no secret why enterprises are rapidly moving to SaaS and, in particular, to Salesforce to handle so many mission-critical business functions. There are tremendous benefits, including scalability, availability, security, and compliance, all of which increase the speed of business. It’s a significant competitive advantage. Increasingly, our customers want to leverage Salesforce products in a new country in which they are doing business.

Architecture 88

Architecture 88

CyberSecurity Insiders

OCTOBER 24, 2022

Pendragon Group, that is into commercial car sales, was reportedly hit by a ransomware attack recently and Lockbit group is suspected to be behind the incident. The car dealer having over 200 dealerships has straight away denied paying a ransom of $60 million dollars and cleared the air that it is going to revive the encrypted data through a data continuity plan.

Ransomware 87

Ransomware Encryption Cyber Attacks Mobile 87

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.