Schneier on Security

MAY 13, 2021

President Biden signed an executive order to improve government cybersecurity, setting new security standards for software sold to the federal government.

Cybersecurity 245

Cybersecurity Marketing Government Software 245

The Last Watchdog

MAY 13, 2021

In a day and age when the prime directive for many organizations is to seek digital agility above all else, cool new apps get conceived, assembled and deployed at breakneck speed. Related: DHS instigates 60-day cybersecurity sprints. Software developers are king of the hill; they are the deeply-committed disciples pursuing wide open, highly dynamic creative processes set forth in the gospels of DevOps and CI/CD.

Penetration Testing 135

Penetration Testing Digital transformation Software Architecture 135

Dark Reading

MAY 13, 2021

Bruce Schneier explores the potential dangers of artificial intelligence (AI) systems gone rogue in society

Artificial Intelligence 114

Artificial Intelligence 114

Tech Republic Security

MAY 13, 2021

The EO is designed to protect federal networks, foster information sharing between the government and private sector, and better respond to cyber incidents. But will it do the trick

Government 162

Government Cybersecurity 162

Dark Reading

MAY 13, 2021

Ransomware, phishing, and Web application attacks all increased during a year in which the majority of attacks involved a human element

Data breaches 114

Data breaches Phishing Ransomware 114

CSO Magazine

MAY 13, 2021

DarkSide is a ransomware threat that has been in operation since at least August 2020 and was used in a cyberattack against Georgia-based Colonial Pipeline , leading to a major fuel supply disruption along the East Coast of the US.

Encryption 112

Encryption Malware Hacking Ransomware 112

Dark Reading

MAY 13, 2021

Cybersecurity attackers follow the same principles practiced in warfare for millennia. They show up in unexpected places, seeking out portions of an organization's attack surface that are largely unmonitored and undefended

Cybersecurity 109

Cybersecurity 109

Dark Reading

MAY 13, 2021

Overall objectives are good, but EO may be too prescriptive in parts, industry experts say

Software 108

Software Cybersecurity 108

Security Affairs

MAY 13, 2021

FBI and DHS’s CISA have published a joint alert on DarkSide ransomware activity after the disruptive attack on Colonial Pipeline. FBI and DHS’s CISA have published a joint alert to warn of ransomware attacks conducted by the DarkSide group.

Ransomware 104

Ransomware Healthcare Firmware Insurance 104

Dark Reading

MAY 13, 2021

The IT and OT security providers will integrate solutions aimed at improving critical infrastructure security

105

105

Tech Republic Security

MAY 13, 2021

Canonical has made it easy for admins to join Ubuntu Desktop to Active Directory domains. Jack Wallen walks you through the steps

145

145

Dark Reading

MAY 13, 2021

Verizon's Data Breach Investigations Report (DBIR) covers 2020 -- a year like no other. Phishing, ransomware, and innovation caused big problems

Data breaches 104

Data breaches Phishing Ransomware 104

Tech Republic Security

MAY 13, 2021

The administration, public and private sector leaders applaud the initial steps outlined but said more action needs to be taken

Cybersecurity 143

Cybersecurity 143

Dark Reading

MAY 13, 2021

Half of companies had at least one case of having all ports open to the public, while more than a third had an exposed database

102

102

Anton on Security

MAY 13, 2021

A few days ago we did a very well-attended webinar focused on the modern Security Operations Center (SOC) approach (see “Trend for the Modern SOC” for a replay link). We got a lot of great questions, and just like in the good old times , I am writing a blog where I cover some of the answers. Q: You mentioned that SOC is first a team: which skills are expected to distinguish the “basic” SOC from the modern SOC?

Risk 100

Risk Threat Detection Technology Cybersecurity 100

eSecurity Planet

MAY 13, 2021

Oil and gas companies have two key areas of concern when addressing cybersecurity, especially in their unmanned remote facilities.

Digital transformation 99

Digital transformation Technology IoT Software 99

Dark Reading

MAY 13, 2021

Business continuity plans that address natural and manmade disasters can help turn a cataclysmic business event into a minor slowdown

98

98

We Live Security

MAY 13, 2021

The operation was carried out against an organized group that used online trading platforms to swindle victims out of US$36 million. The post European police bust major online investment fraud ring appeared first on WeLiveSecurity. Cybercrime

Cybercrime 91

Cybercrime 91

Naked Security

MAY 13, 2021

Vendor's site offline? Can't wait for your download? Tempted to go trawling through the underweb to find an "unofficial" version? Malware download scam malware MSI

Scams 88

Scams Malware 88

Security Affairs

MAY 13, 2021

Rapid7 disclosed that unauthorized third-party had access to source code and customer data as result of Codecov supply chain attack.

Software 87

Software Accountability Data breaches Cybersecurity 87

The Hacker News

MAY 13, 2021

Bogus COVID-19 test results, fraudulent vaccination cards, and questionable vaccines are emerging a hot commodity on the dark web in what's the latest in a long list of cybercrimes capitalizing on the coronavirus pandemic. "A

Cybercrime 84

Cybercrime Marketing 84

Security Affairs

MAY 13, 2021

Cisco has addressed a zero-day in the Cisco AnyConnect Secure Mobility Client VPN software, with publicly available proof-of-concept exploit code. Cisco has addressed a zero-day vulnerability in Cisco AnyConnect Secure Mobility Client , tracked as CVE-2020-3556 , that was disclosed in November.

VPN 82

VPN Mobile Authentication Software 82

CyberSecurity Insiders

MAY 13, 2021

Colonial Pipeline hack has taken a new twist yesterday when Congress came to learn that the company paid $5million to DarkSide Ransomware spreading hackers to free up the database from malware that led to disruption of fuel services across the United States and Australia to a certain extent.

Ransomware 81

Ransomware Government Software Cybersecurity 81

Security Affairs

MAY 13, 2021

The recent Colonial Pipeline attack highlights the dangers that are facing Critical Infrastructure worldwide.

Ransomware 80

Ransomware Education Engineering Technology 80

Threatpost

MAY 13, 2021

According to news reports, Colonial Pipeline paid the cybergang known as DarkSide the ransom it demanded in return for a decryption key. Critical Infrastructure Malware Vulnerabilities Web Security

Malware 114

Malware 114

Security Affairs

MAY 13, 2021

President Joe Biden signed an ambitious executive order to dramatically improve the security of the US government networks.

Cybersecurity 80

Cybersecurity Government Software Architecture 80

Bleeping Computer

MAY 13, 2021

One of the most popular Russian-speaking hacker forums, XSS, has banned all topics promoting ransomware to prevent unwanted attention. [.]. Security

Hacking 114

Hacking Ransomware 114

Security Affairs

MAY 13, 2021

Microsoft warns of a malware-based campaign that targeted organizations in the aerospace and travel sectors in the past months. Microsoft researchers revealed that organizations in the aerospace and travel sectors have been targeted in the past months in a malware-based campaign.

Security Intelligence 80

Security Intelligence Phishing Malware Hacking 80

CyberSecurity Insiders

MAY 13, 2021

An interesting take-away from the (ISC) 2 Cybersecurity Career Pursuers Study is what cybersecurity professionals told us were the most important technical skills for those looking for their first cybersecurity job.

Penetration Testing 80

Penetration Testing Architecture Backups Encryption 80

Bleeping Computer

MAY 13, 2021

Chemical distribution company Brenntag paid a $4.4 million ransom in Bitcoin to the DarkSide ransomware gang to receive a decryptor for encrypted files and prevent the threat actors from publicly leaking stolen data. [.]. Security

Encryption 114

Encryption Ransomware 114

Zero Day

MAY 13, 2021

The payment was reportedly made soon after the attack began. It wasn’t enough to stop the disruption

Ransomware 114

Ransomware 114

Bleeping Computer

MAY 13, 2021

US cybersecurity firm Rapid7 has disclosed that some source code repositories were accessed in a security incident linked to the supply-chain attack that recently impacted customers of the popular Codecov code coverage tool. [.]. Security

Cybersecurity 114

Cybersecurity 114

CyberSecurity Insiders

MAY 13, 2021

Today, we are reviewing FortiWeb Cloud WAF-as-a-Service by Fortinet, a Web Application Firewall solution to protect organizations against a broad range of attacks.

DDOS 79

DDOS DNS Firewall Engineering 79

Malwarebytes

MAY 13, 2021

Someone has found an extraordinary way to exfiltrate data by piggybacking data on the backs of unsuspecting iPhones. Say what?

Firmware 113

Firmware Internet Internet Authentication 113

Threatpost

MAY 13, 2021

An analysis of three popular forums used by ransomware operators reveals a complex ecosystem with many partnerships. Malware Most Recent ThreatLists Vulnerabilities Web Security

Ransomware 111

Ransomware Malware 111

CyberSecurity Insiders

MAY 13, 2021

Joe Biden who succeeded in his first presidential task of vaccinating almost the entire populace of the United States against Corona Virus has signed an executive order on Wednesday that bolsters supply chain security with cyber threat sharing.

Cyber threats 77

Cyber threats Cyber Attacks Ransomware Government 77

Threatpost

MAY 13, 2021

The ‘Send My’ exploit can use Apple's locator service to collect and send information from nearby devices for later upload to iCloud servers. Cloud Security IoT Mobile Security Vulnerabilities Web Security

IoT 110

IoT Mobile 110