Bleeping Computer
DECEMBER 29, 2022
A bug in Google Home smart speaker allowed installing a backdoor account that could be used to control it remotely and to turn it into a snooping device by accessing the microphone feed. [.].
Javvad Malik
DECEMBER 29, 2022
The search for a job has never been easy, but with the commoditisation of AI tools, it’s becoming a bit easier for the ambitious jobseeker. Recently, one such individual used AI to apply for nearly 200 jobs in the span of two days – a feat most of us can only dream of achieving. @jerryjhlee Replying to @jaymie_inc this is how you apply to 200 jobs in 2 days — perfect timing with the holidays #resume #jobtips ♬ Betty (Get Money) – Yung Gravy.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Boulevard
DECEMBER 29, 2022
As another year wraps up, it’s time to take a look back at the cybersecurity trends that dominated the landscape. From the ongoing impact of the past years’ pandemic to major geopolitical events and nation-state cyber attacks, 2022 saw a surge in cyberattacks that shows no signs of slowing down. But what exactly is driving […]. The post Year in review for 2022 – Where is Cybersecurity headed?
CyberSecurity Insiders
DECEMBER 29, 2022
Joe Biden and his administration seems be on a forward thinking gear for quantum technology linked cyber attacks leading to data breaches. On December 21st,2022, the Senate passed a bipartisan bill to prevent data breaches emerging from quantum computing. The Quantum Computing Cybersecurity Preparedness Act was made into a legislation that prevents usage of quantum computing technology in decrypting stolen information, as they can break any kind of cryptographic algorithms.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Security Boulevard
DECEMBER 29, 2022
Today’s cyber threat landscape is constantly expanding and evolving. On top of that, threat actors’ attack tactics are increasingly complex and difficult to detect. It can be challenging for organizations to keep up with all the new technologies they are adopting, how and where they are being used, who is using them, and whether they are critical for operations. .
CyberSecurity Insiders
DECEMBER 29, 2022
Well, it cannot be termed exactly as an insider threat. But surely, an innocent mistake of an employee could have/might have leaked sensitive details to the outside world such as hackers. An IT worker of Sellafield Ltd,UK, accidentally forgot her bag in the parking lot and when she got to know about it and went to pick it up, the USB containing sensitive files fell from the bag into the car park leaving the worker in a state of shock.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
We Live Security
DECEMBER 29, 2022
What are some of the key cybersecurity trends and themes that organizations should have on their radars in 2023? The post Cybersecurity trends and challenges to look out for in 2023 appeared first on WeLiveSecurity.
Bleeping Computer
DECEMBER 29, 2022
Netgear has fixed a high-severity vulnerability affecting multiple WiFi router models and advised customers to update their devices to the latest available firmware as soon as possible. [.].
The Hacker News
DECEMBER 29, 2022
Thousands of Citrix Application Delivery Controller (ADC) and Gateway endpoints remain vulnerable to two critical security flaws disclosed by the company over the last few months. The issues in question are CVE-2022-27510 and CVE-2022-27518 (CVSS scores: 9.8), which were addressed by the virtualization services provider on November 8 and December 13, 2022, respectively.
Heimadal Security
DECEMBER 29, 2022
Even if the year is coming to a close, threat groups are still as busy. On Tuesday, a cyberattack targeting telecommunication company Intrado was claimed by Royal Ransomware group. The attack started on December 1st. The telecom giant is still to make a public statement about the cyberattack, but sources close to the case told […]. The post Telecom Company Intrado Hit by Royal Ransomware Cyberattack appeared first on Heimdal Security Blog.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Dark Reading
DECEMBER 29, 2022
Attackers are harvesting credentials from compromised systems. Here's how some commonly used tools can enable this.
CyberSecurity Insiders
DECEMBER 29, 2022
In one of the strange decisions taken by Ohio Supreme Court over a previous judgement pronounced earlier by Ohio Second District Court, the law stated that there must be a direct physical loss or damage to a company in the event of a file encrypting malware disaster. Otherwise, the insurance provider can quash of the policy coverage as the malware infected only the software.
The Hacker News
DECEMBER 29, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two years-old security flaws impacting TIBCO Software's JasperReports product to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The flaws, tracked as CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS score: 9.
Dark Reading
DECEMBER 29, 2022
Businesses need to educate employees the type of social engineering attacks used by hacking group DEV-0537 (LAPSUS$) and strengthen their security posture.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Heimadal Security
DECEMBER 29, 2022
Nearly 270,000 patients of the Lake Charles Memorial Health System (LCMHS) are being notified of a data breach that may have exposed their personal information. An announcement on the LCMHS site reveals that the event occurred on October 21, 2022, when the security staff noticed suspicious behavior on the network. On October 25, 2022, after an […].
Bleeping Computer
DECEMBER 29, 2022
An anonymous Twitter user published yesterday a set of 10,000 API keys allegedly obtained from the 3Commas cryptocurrency trading platform. [.].
Security Boulevard
DECEMBER 29, 2022
The World of IoT Connectivity has become an inseparable part of daily living. Its flexibility and wide range of potential applications across industries have made it. The post What Is IoT Connectivity and What Does It Look Like appeared first on FirstPoint. The post What Is IoT Connectivity and What Does It Look Like appeared first on Security Boulevard.
Bleeping Computer
DECEMBER 29, 2022
A group of imposters operating out of a Ukrainian call center defrauded thousands of victims while pretending to be IT security employees at their banks and leading them to believe that attackers had gained access to their bank accounts. [.].
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Dark Reading
DECEMBER 29, 2022
How CISOs handle the ethical issues around data breaches can make or break their careers. Don't wait until a breach happens to plot the course forward.
Security Affairs
DECEMBER 29, 2022
Researchers warn of thousands of Citrix Application Delivery Controller (ADC) and Gateway endpoints are still unpatched. NCC Group’s Fox-IT research team warns of thousands of Citrix ADC and Gateway endpoints remain vulnerable to two critical vulnerabilities, tracked as CVE-2022-27510 and CVE-2022-27518 (CVSS scores: 9.8), that the company addressed in recent months.
Dark Reading
DECEMBER 29, 2022
Security leaders from a media corporation, a commercial real estate company, and an automotive technology company share how they address cyber-risk.
Security Affairs
DECEMBER 29, 2022
The Lake Charles Memorial Health System (LCMHS) suffered a ransomware attack that impacted 270,000 patients. The Lake Charles Memorial Health System (LCMHS) disclosed a data breach that affected almost 270,000 patients at its medical centers. The Lake Charles Memorial Health System is the largest not-for-profit community healthcare system in Southwest Louisiana.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Heimadal Security
DECEMBER 29, 2022
On Dec. 11, 2021, Kronos, a workforce management company that serves over 40 million people in over 100 countries, was notified that a ransomware attack had compromised its Kronos Private Cloud. As a result of the attack, millions of Kronos employees are still short hundreds or thousands of dollars as the Kronos software continues to […]. The post The Kronos Ransomware Attack: Here’s What You Need to Know appeared first on Heimdal Security Blog.
Naked Security
DECEMBER 29, 2022
Is there a special meaning of "don't" that means "go right ahead"?
Heimadal Security
DECEMBER 29, 2022
Google Ads have become increasingly used by malware operators to spread malware to unsuspecting users searching for popular software products. The products impersonated in these campaigns include Grammarly, MSI Afterburner, Slack, Dashlane, Malwarebytes, Audacity, μTorrent, OBS, Ring, AnyDesk, Libre Office, Teamviewer, Thunderbird, and Brave. By cloning the official websites of the above projects, threat actors […].
Security Boulevard
DECEMBER 29, 2022
A friend of mine, Igor Odnovorov, always said, “Convenience is the enemy of security.” This recently hit home for me and many others. The post One Key to Rule Them All? A Very Bad Idea appeared first on Security Boulevard.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
SecureWorld News
DECEMBER 29, 2022
We love good "trends in cybersecurity" articles and posts. Here's a compilation of a dozen solid trend pieces looking back at the year that was 2022 and the year ahead in 2023. The State of Cybersecurity in 2022 and Trends and Predictions for 2023 – " These thoughts found in this post won't come from the lens of venture capital or private investing but from a cybersecurity practitioner who still buys software and leads security programs today.". 5 Trends to Watch for Cybersecurity in 2023 – "Fro
Security Boulevard
DECEMBER 29, 2022
via the comic artistry and dry wit of Randall Munroe , resident at XKCD ! Permalink. The post Randall Munroe’s XKCD ‘Game Night Ordering’ appeared first on Security Boulevard.
Naked Security
DECEMBER 29, 2022
Cryptographic agility: the ability and the willingness to change quickly when needed.
Security Boulevard
DECEMBER 29, 2022
The scale of the recent LastPass breach is so large, changing all the passwords isn’t the most practical or realistic solution. The post The Antidote for the LastPass password vault breach appeared first on VeriClouds. The post The Antidote for the LastPass password vault breach appeared first on Security Boulevard.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
145 
Let's personalize your content