Schneier on Security
APRIL 16, 2021
Security Boulevard recently listed the “Top-21 Cybersecurity Experts You Must Follow on Twitter in 2021.” I came in at #7. I thought that was pretty good, especially since I never tweet. My Twitter feed just mirrors my blog. (If you are one of the 134K people who read me from Twitter, “hi.”).
Tech Republic Security
APRIL 16, 2021
The reports reveal an increase in requests from U.S. law enforcement agencies, and that the company received the most requests for content removal from China during this period.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
APRIL 16, 2021
Amongst the 100+ vulnerabilities patch in this month’s Patch Tuesday , there are four in Microsoft Exchange that were disclosed by the NSA.
Tech Republic Security
APRIL 16, 2021
Endpoint protection for remote workers is still a huge concern, but one report finds that there may be light at the end of the tunnel as businesses signal they're spending more on user training.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
CyberSecurity Insiders
APRIL 16, 2021
What are Internet of Medical Things (IoMT) products? Internet of Medical Things (IoMT) products refer to a combination of medical applications and devices connected to healthcare information technology systems through an online computer network or a wireless network. IoMT devices rely heavily on biosensors, critical in detecting an individual's tissue, respiratory, and blood characteristics.
Tech Republic Security
APRIL 16, 2021
Cyber insurance is gaining favor in the business world. An expert offers tips on how to get what's needed for the best price.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Tech Republic Security
APRIL 16, 2021
The ransomware changes the device password to "DTrump4ever" and forces the device to log in automatically after being rebooted.
Security Boulevard
APRIL 16, 2021
At the end of January 2021, Emotet, “the world’s most dangerous malware,” was taken down by law enforcement following an extensive effort by a global coalition of agencies across Europe and the U.S. The effort succeeded in taking down Emotet’s command-and-control infrastructure and at least two of the cybercriminals behind the malware were arrested.
Bleeping Computer
APRIL 16, 2021
Some Windows 10 users have issues with DNS resolution after installing the latest Windows 10 cumulative updates released this week. [.].
Security Boulevard
APRIL 16, 2021
Cybereason is pleased to announce that it has joined with the MassCyberCenter at the MassTech Collaborative and other Massachusetts companies to mentor college students from 14 schools across the state. Cybereason has three on-staff mentors, including: Sam Curry, Chief Security Officer, Lodrina Cherne, Principal Security Advocate and Maggie MacAlpine, Security Strategist. .
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Bleeping Computer
APRIL 16, 2021
The authors of a cryptocurrency-stealing malware are distributing it over Telegram to aspiring cybercriminals under the guise of free malicious applications. [.].
We Live Security
APRIL 16, 2021
Here are some quick and easy tips to help you clean up your cyber-clutter and keep your digital footprint tidy. The post Spring cleaning? Don’t forget about your digital footprint appeared first on WeLiveSecurity.
Bleeping Computer
APRIL 16, 2021
Microsoft Edge's update server is suffering a worldwide outage preventing users from updating to the newly released version 90 of the web browser. [.].
Hot for Security
APRIL 16, 2021
The Swedish authorities have decided to halt an investigation into a data breach supposedly perpetrated by the Russian military intelligence, GRU, over the course of a few months in 2017 and 2018. From December 2017 until May 2018, the Swedish Sports Confederation was under attack from a then-unknown entity. Following the investigation, authorities in Sweden determined the attack came from Russia and was likely part of a more extensive campaign directed at the World Anti-Doping Agency (WADA) and
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Security Affairs
APRIL 16, 2021
Cybersecurity provider Juniper Networks addressed a critical vulnerability that could be exploited by attackers to remotely hijack or disrupt vulnerable devices. Cybersecurity vendor Juniper Networks addressed a critical vulnerability in Junos OS , tracked as CVE-2021-0254, that could allow an attacker to remotely hijack or disrupt affected devices.
Hot for Security
APRIL 16, 2021
Security researchers have identified several vulnerabilities in how apps open and handle URLs, leading to 1-click code execution actions that don’t require user input. It’s easy to think that a simple action like opening an URL in an application doesn’t pose much of a security problem, but that’s not really the case. Apps opening up URLs without proper precautions is a problem that affects all operating systems.
Security Boulevard
APRIL 16, 2021
Kids & Online Security: A new generation of digital nomads? A digital nomad lifestyle enables people who can work online to balance remote work with travel. Does this now extend to children and distance learning? And how are parents keeping kids safe online and managing their snowballing screen time? Millions of people are still navigating […].
Malwarebytes
APRIL 16, 2021
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) have jointly released a Cybersecurity Advisory called Russian SVR Targets U.S. and Allied Networks , to expose ongoing Russian Foreign Intelligence Service (SVR) exploitation of five publicly known vulnerabilities.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Security Boulevard
APRIL 16, 2021
In late March 2021, Representative Susan DelBene (D-WA 01) introduced legislation to the 116th Congress to protect consumer privacy and put control of consumers’ data in their own hands. DelBene noted that states are surging ahead of the federal government in creating privacy laws, each with their own flavor and each serving the needs of. The post New Federal Data Privacy Legislation Proposed appeared first on Security Boulevard.
Security Affairs
APRIL 16, 2021
Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “ Gafgyt ,”some of them re-used Mirai code. . Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “ Gafgyt ”, via threat intelligence systems and our in-house osquery-based sandbox.
Security Boulevard
APRIL 16, 2021
To the surprise of precisely nobody, the NSA, FBI and CISA agreed that last year’s SolarWinds supply-chain attack was orchestrated by the Russian state. The post U.S. Fingers Putin’s Cozy Bear for SolarWinds Attacks appeared first on Security Boulevard.
Bleeping Computer
APRIL 16, 2021
Codecov online platform for hosted code testing reports and statistics announced on Thursday that a threat actor had modified its Bash Uploader script, exposing sensitive information in customers' continuous integration (CI) environment. [.].
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
CyberSecurity Insiders
APRIL 16, 2021
By Ralph Pisani, president, Exabeam. As more adults worldwide are successfully vaccinated, cybercriminals are targeting workers seeking a return to the office. While the vaccine distribution progresses, the onus will fall on HR departments to alert staffers on the transition back into a physical workspace, whether full or part time. Knowing these communications are immediately on the horizon, phishers are off and running, trying to catch isolated and excited individuals off guard.
Bleeping Computer
APRIL 16, 2021
An expired certificate has led to the repeated removal of linked American Express credit cards from user's Google Pay accounts. [.].
Threatpost
APRIL 16, 2021
A malicious ‘Jungle Run’ app tricked security protections to make it into the Apple App Store, scamming users out of money with a casino-like functionality.
Bleeping Computer
APRIL 16, 2021
It has been a pretty quiet week with only a few large attacks disclosed and only a few new ransomware variants released. The highest-profile attack this week is the NBA's Houston Rockets who were transparent about their ransomware attack. [.].
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Security Boulevard
APRIL 16, 2021
It is quite sad how someone can gleefully erase people to highlight himself. Anyone believe a claim by Steve Jobs in 2001 that there was no personal computer in 1975? Being literate in history should require knowing that by 1974 personal computers already were on the cover of popular magazines. It also is useful to … Continue reading Who Invented the Personal Computer?
Security Affairs
APRIL 16, 2021
SolarWinds supply chain attack also impacted six European Union institutions, European Commissioner for Budget and Administration confirmed. European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result of the SolarWinds supply chain attack in a response to a question filed by an EU Parliament member in February 2021.
Threatpost
APRIL 16, 2021
Widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and more.
The Hacker News
APRIL 16, 2021
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an advisory warning of multiple vulnerabilities in the OpENer EtherNet/IP stack that could expose industrial systems to denial-of-service (DoS) attacks, data leaks, and remote code execution.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
275 
Let's personalize your content