Troy Hunt
JULY 13, 2023
Each year since 2011, Microsoft has sent me a lovely email around this time: I've been fortunate enough to find a passion in life that has allowed me to do what I love and make a great living out of it all whilst contributing to the community in a meaningful and impactful way. In last year's MVP announcement blog post , I talked about one of my favourite contributions of all that year being the Pwned Passwords ingestion pipeline for the FBI.
Schneier on Security
JULY 13, 2023
The French police are getting new surveillance powers : French police should be able to spy on suspects by remotely activating the camera, microphone and GPS of their phones and other devices, lawmakers agreed late on Wednesday, July 5. […] Covering laptops, cars and other connected objects as well as phones, the measure would allow the geolocation of suspects in crimes punishable by at least five years’ jail.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Troy Hunt
JULY 13, 2023
Today was a bit back-to-back having just wrapped up the British Airways Magecart attack webinar with Scott. That was actually a great session with loads of engagement and it's been recorded to so look out for that one soon if you missed it. Anyway, I filled this week's update with a bunch of random things from the week. I especially enjoyed discussing the HIBP domain search progress and as I say in the video, talking through it with other people really helps crystalise things so I thin
The Last Watchdog
JULY 13, 2023
Pittsburgh, PA – July 13, 2023 – Security Journey, a best-in-class application security education company, has today announced an acceleration of its secure coding training platform enhancements. Since combining HackEDU and Security Journey training offerings into one Platform, the company has added or refreshed almost 200 lessons and 25 languages, frameworks, and technologies; giving customers even more new training content to improve secure coding knowledge gain of up to 85%.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Tech Republic Security
JULY 13, 2023
Among the strategic propositions in Gartner's 2023-2024 cybersecurity outlook are that organizations need to institute cultural changes to lower pressure on security teams.
The Last Watchdog
JULY 13, 2023
London, July 13, 2023 — Beazley, the leading specialist insurer, today published its latest Risk & Resilience report: Spotlight on: Cyber & Technology Risks 2023. The data shows how perceptions around cyber and technology risks, from ransomware and other cyber-attacks to the threats posed by AI, are changing the global business risk landscape.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
The Last Watchdog
JULY 13, 2023
Santa Clara, Calif. and Bangalore, India – July 13, 2023 — Large companies are typically using over 1100 SaaS applications to run their operations and the number of companies adopting this trend is rapidly growing 20% every year but this presents a number of risks. Helping them manage their SaaS estates and mitigate risks, SaaS operations(SaaSOps) platform Zluri is today announcing a $20M funding round.
Tech Republic Security
JULY 13, 2023
Looking for a list of the top tech conferences and events in 2023? Explore our guide to find out which events you should add to your calendar.
We Live Security
JULY 13, 2023
Some threats may be closer than you think. Are security risks that originate from your own trusted employees on your radar?
Security Affairs
JULY 13, 2023
Apple re-released its Rapid Security Response updates for iOS and macOS after fixing browsing issues on certain websites caused by the first RSR. Apple has re-released its Rapid Security Response updates to address the CVE-2023-37450 flaw in iOS and macOS after fixing browsing issues on certain websites caused by the first RSR issued by the company.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Trend Micro
JULY 13, 2023
We recently found that an MSI installer built by the National Information Technology Board (NITB), a Pakistani government entity, delivered a Shadowpad sample, suggesting a possible supply-chain attack.
Security Affairs
JULY 13, 2023
Zimbra has released updates to address a zero-day vulnerability actively exploited in attacks aimed at Zimbra Collaboration Suite (ZCS) email servers. Zimbra urges customers to manually install updates to fix a zero-day vulnerability that is actively exploited in attacks against Zimbra Collaboration Suite (ZCS) email servers. Zimbra Collaboration Suite is a comprehensive open-source messaging and collaboration platform that provides email, calendaring, file sharing, and other collaboration tools
eSecurity Planet
JULY 13, 2023
ChatGPT and other generative AI tools have been used by cybercriminals to create convincing spoofing emails, resulting in a dramatic rise in business email compromise (BEC) attacks. Now security researchers have discovered a black hat generative AI tool called WormGPT that has none of the ethical restrictions of tools like ChatGPT, making it even easier for hackers to craft cyber attacks based on AI tools.
Security Affairs
JULY 13, 2023
SonicWall fixed multiple critical vulnerabilities impacting its GMS firewall management and Analytics management and reporting engine. SonicWall addressed multiple critical vulnerabilities in its Global Management System (GMS) firewall management and Analytics network management and reporting engine. The company fixed 15 vulnerabilities that were disclosed in a Coordinated Vulnerability Disclosure (CVD) report in conjunction with NCCGroup.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Security Boulevard
JULY 13, 2023
Storm-0558 Brewing: Multiple Microsoft failures cause data leaks at State and Commerce depts., plus 23 other orgs. The post China Breaches Microsoft Cloud — Spied on US Govt. Email appeared first on Security Boulevard.
SecureWorld News
JULY 13, 2023
Organizations operating in today's interconnected world face significant cyber threats which necessitate constant vigilance in safeguarding their sensitive data and digital assets. A strategy gaining prominence is known as "depth of defense." This involves implementing multiple security measures to fortify systems against diverse cyber threats. It is essential to recognize that there is no one-size-fits-all solution in cybersecurity.
Malwarebytes
JULY 13, 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher.
Heimadal Security
JULY 13, 2023
Microsoft has revealed that Chinese hackers successfully accessed the email accounts of various government organizations. The breach was reportedly detected only weeks after the activity began. According to Microsoft, an entity based in China, named Storm-0558, managed to gain access to email accounts linked to around 25 organizations. These include government agencies and personal accounts […] The post Chinese Hackers Breach Government Email appeared first on Heimdal Security Blog.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
SecureBlitz
JULY 13, 2023
Want the best antivirus software for PC gaming in 2023? Do you find your PC gaming experience or your sessions at a live dealer casino constantly interrupted by bothersome viruses and malware? Picture this: You’re engrossed in a thrilling online match or in the middle of a high-stakes live dealer casino game, feeling the rush of […] The post Best Antivirus Software For PC Gaming In 2023 appeared first on SecureBlitz Cybersecurity.
eSecurity Planet
JULY 13, 2023
After Microsoft warned earlier this week that some drivers certified by the Windows Hardware Developer Program (MWHDP) are being leveraged maliciously, a Cisco Talos security researcher said the number of malicious drivers could number in the thousands. Talos researcher Chris Neal discussed how the security problem evolved in a blog post. “Starting in Windows Vista 64-bit, to combat the threat of malicious drivers, Microsoft began to require kernel-mode drivers to be digitally signed with
Security Boulevard
JULY 13, 2023
Current and former contractors and employees at Pepsi Bottling Ventures LLC (PBV) were victims of a security incident that exposed their personal information. The post Third Party Lets Pepsi Data Out of the Bottle, PII Nicked appeared first on Security Boulevard.
Heimadal Security
JULY 13, 2023
Advanced Endpoint Protection (AEP) is an AI-powered cybersecurity toolkit that focuses on detecting and preventing unknown cyber threats from harming a company`s endpoints. In today`s business landscape, where many employees work remotely, protecting assets turned out to be more and more complex. Traditional antiviruses are still useful tools, but they are less than enough in […] The post What Is Advanced Endpoint Protection.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Security Boulevard
JULY 13, 2023
Any seasoned traveler will know just how just how many single-use apps are downloaded over the course of an average vacation. These days, everything from watching movies on the plane to checking into your hotel or accessing your tickets to a theme park requires a download of some type. What might surprise you, however, is that many of those travel apps that you downloaded and forgot about are still grabbing data from your device long after you arrive back home.
Security Affairs
JULY 13, 2023
Chinese hackers have compromised the emails of an unnamed US Federal Civilian Executive Branch (FCEB) agency. In Mid-June a malicious email activity was reported by an unnamed US Federal Civilian Executive Branch (FCEB) agency. Microsoft experts who investigated the suspicious activity discovered that China-linked threat actors have targeted the agency as part of a cyberespionage campaign targeting two dozen organizations.
Bleeping Computer
JULY 13, 2023
Microsoft announced today that the upcoming Windows 11, version 23H2, will be available in the fourth quarter of 2023 as an enablement package since it shares Windows 11 22H2's code base and servicing branch. [.
Security Boulevard
JULY 13, 2023
In a move that further strengthens its commitment to empowering organizations with innovative risk and analytics management solutions, Incisive Software is excited to announce its partnership with Alteryx, a leading provider of data analytics platforms. Organizations can elevate their data analytics capabilities by combining the power of Incisive Analytics Essentials with Alteryx workflows, ensuring effective […] The post Enhancing Data Governance and Analytics with Alteryx: Incisive Software Jo
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
SecureWorld News
JULY 13, 2023
Today, SlashNext published original threat findings on a unique module based on the generative AI of ChatGPT that cybercriminals are leveraging for nefarious purposes. These research findings have widespread implications for the security community in understanding how threat actors are not only manipulating generative AI platforms for malicious purposes but also creating entirely new platforms based on the same technology, specifically designed to do their ill-bidding.
Security Boulevard
JULY 13, 2023
SMS Traffic Monitoring: Stay Secure, Stay Ahead SMS has become a vital communication tool for businesses in today’s digital landscape, facilitating seamless text message exchanges that are crucial for interactions between companies and customers. But as with other technological advancements, bad actors seek to exploit its capabilities for their own benefit.
The Hacker News
JULY 13, 2023
As many as 196 hosts have been infected as part of an aggressive cloud campaign mounted by the TeamTNT group called Silentbob.
Security Boulevard
JULY 13, 2023
Safe Security acquired RiskLens, a pioneer in the development of the Factor Analysis of Information Risk (FAIR) quantification standard for assessing cybersecurity risk. The post Safe Security Buys RiskLens to Advance Cybersecurity Risk Management appeared first on Security Boulevard.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
246 
Let's personalize your content