Schneier on Security
JUNE 29, 2021
Over at Lawfare, Susan Landau has an excellent essay on the risks posed by software used to collect evidence (a Breathalyzer is probably the most obvious example). Bugs and vulnerabilities can lead to inaccurate evidence, but the proprietary nature of software makes it hard for defendants to examine it. The software engineers proposed a three-part test.
Tech Republic Security
JUNE 29, 2021
Expert says attacks are getting bigger and more aggressive than before. Instead of being like a burglary, they're more like a home invasion.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Bleeping Computer
JUNE 29, 2021
Russian state hackers compromised Denmark's central bank (Danmarks Nationalbank) and planted malware that gave them access to the network for more than half a year without being detected. [.].
Tech Republic Security
JUNE 29, 2021
The number of spam calls, the number of people losing money to them and the total amount of money lost In the past year are all record setting.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Security Boulevard
JUNE 29, 2021
The “golden age of digital transformation” is upon us, and companies around the globe are scurrying to meet consumers on the digital frontier. For developers, it is a virtual gold rush, as businesses overhaul their infrastructure to meet consumers where they are—their mobile phones. For most, this means developing a mobile app. Unfortunately, the byproduct.
Tech Republic Security
JUNE 29, 2021
Normally used by organizations for penetration testing, Cobalt Strike is exploited by cybercriminals to launch attacks, says Proofpoint.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Tech Republic Security
JUNE 29, 2021
If you have access to Apple's iOS 15 Developer Beta, learn how to use an important security feature called Mail Privacy Protection.
Security Affairs
JUNE 29, 2021
A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92% of the total 756M users. A new massive LinkedIn breach made the headlines, a database containing data of 700M users, more than 92% of the total 756M users, is available for sale on forums on the dark web. The exposed records include email addresses full names, phone numbers, physical addresses, geolocation records, LinkedIn username and profile URL, personal and professional experi
Tech Republic Security
JUNE 29, 2021
More than 3.5 million people worldwide are needed to play defense against cyberattacks.
CSO Magazine
JUNE 29, 2021
As companies move applications to the cloud and expose functionality via application programming interfaces (APIs), criminals have been moving quickly to take advantage of this newly exposed attack surface. By using botnets , they can dramatically increase the reach and effectiveness of their attacks. As with many new technologies, security is lagging behind.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Tech Republic Security
JUNE 29, 2021
Data protection and lack of budgets and resources continue to present the biggest challenges as cyberattacks increase, according to a new Kaseya report.
CyberSecurity Insiders
JUNE 29, 2021
As the law enforcement agencies are urging ransomware victims not to make any ransom payment to hackers, as it not only encourages crime but also doesn’t guarantee a decryption key for sure in exchange for the payment. Some security analysts say that this could give rise to fresh troubles to businesses and their owners on a respective note. Know how….?
Tech Republic Security
JUNE 29, 2021
New Linux admins need to know how to give and take sudo privileges from users. Jack Wallen shows you how on both Ubuntu- and Red Hat-based Linux distributions.
Security Boulevard
JUNE 29, 2021
As more and more organizations make the move into public clouds, a corresponding rise in cloud data breaches has followed, according to an IDC survey of 200 security decision-makers in the U.S. The survey found nearly all (98%) of the companies surveyed had experienced at least one cloud data breach in the past 18 months, The post Data Breaches Rise as Organizations Shift to the Cloud appeared first on Security Boulevard.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Bleeping Computer
JUNE 29, 2021
A zero-day vulnerability in Western Digital My Book Live NAS devices allowed a threat actor to perform mass-factory resets of devices last week, leading to data loss. [.].
Security Boulevard
JUNE 29, 2021
The IoT is maturing rapidly, and surveys show that global IoT spending will achieve a combined annual growth rate (CAGR) of 11.3% over the 2020-2024 forecast period. It offers promising benefits that are rapidly transforming a variety of industries, including manufacturing, health care, commercial buildings, smart homes, retail and energy. The huge potential of IoT.
Bleeping Computer
JUNE 29, 2021
?Law enforcement has seized the servers and customer logs for DoubleVPN, a double-encryption service commonly used by threat actors to evade detection while performing malicious activities. [.].
Heimadal Security
JUNE 29, 2021
The Mercedes-Benz data breach that recently took place exposed important information such as credit card information, social security numbers, and driver license numbers of almost 1,000 Mercedes-Benz customers and potential buyers. Mercedes-Benz announced last week, after assessing 1.6 million customer records which included customer names, addresses, emails, phone numbers, and purchased vehicle information, that sensitive […].
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Bleeping Computer
JUNE 29, 2021
Dutch cybersecurity firm Tesorion has released a free decryptor for the Lorenz ransomware, allowing victims to recover some of their files for free without paying a ransom. [.].
CyberSecurity Insiders
JUNE 29, 2021
This blog was written by an independent guest blogger. Ethics and compliance is becoming a burgeoning industry as an increase in government regulations in areas such as sustainability, diversity, and data privacy make compliance an important focus for companies. It’s especially important in tech companies as the ever-growing risk of cybersecurity breaches requires that security teams be vigilant in protecting sensitive data.
Bleeping Computer
JUNE 29, 2021
Microsoft has once again been successfully hit by a dependency hijacking attack. This month, another researcher found an npm internal dependency, after squatting which, he began receiving messages from Microsoft's servers. [.].
Security Affairs
JUNE 29, 2021
Researchers analyzed a recently discovered threat, the Lorenz ransomware, and developed a free decryptor for the victims of this new operation. The Lorenz ransomware gang has been active since April and hit multiple organizations worldwide demanding hundreds of thousands of dollars in ransoms to the victims. Like other ransomware gangs, Lorenz operators also implement double-extortion model by stealing data before encrypting it and threatening them if the victim doesn’t pay the ransom.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
CSO Magazine
JUNE 29, 2021
There’s little need to belabor the point that the cyberattack landscape has become significantly more dangerous. Yet, for small and medium-sized businesses (SMBs), any security incident can quickly become costly and damaging. At the same time, it’s difficult to limit access to the resources employees need to get work done. Any strain on productivity also affects the bottom line.
Bleeping Computer
JUNE 29, 2021
Microsoft has added a privacy feature to Windows 11 called DNS-over-HTTPS, allowing users to perform encrypted DNS lookups to bypass censorship and Internet activity. [.].
CSO Magazine
JUNE 29, 2021
The critical cybersecurity skills shortage is giving rise to innovative programs designed to bring into the field people who otherwise wouldn't or couldn't pursue the opportunity. STEMatch is one such program. “The purpose of STEMatch is to make the opportunities that are created by STEM education more visible, accessible and affordable for people that are underrepresented in our industry,” Chris Zannetos, creator of CSO50 recognized project STEMatch tells CSO.
Trend Micro
JUNE 29, 2021
The Trend Micro research paper, "2020 Report on Threats Affecting ICS Endpoints,” presents findings on ICS endpoints and the threats that plague them. From these findings, we rounded up the list of the top ten countries with the most malware and grayware detections.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
CSO Magazine
JUNE 29, 2021
Ransomware continues to plague businesses around the globe. Sophos’ 2021 State of Ransomware Survey finds 37% of respondent organizations were hit by ransomware in the last year alone. Several headline-making attacks in recent months, in which victim organizations paid the ransom for access to their data, raised eyebrows and sparked conversations on whether or not paying is ever a good idea.
Bleeping Computer
JUNE 29, 2021
?The first Windows 11 preview build was released yesterday, and with it came a variety of bugs that are sure to frustrate testers. Below we have listed the most noticeable issues and how you can fix them. [.].
Malwarebytes
JUNE 29, 2021
Black Mirror meets 1984. Imagine that your employer uses a bot to keep track of your “production level.” And when this bot finds that you are an under-performer it fires off a contract-termination mail. Does this sound like the world you live in? Unfortunately, for some people it is. The case. Amazon.com has used algorithms for many years to manage the millions of third-party merchants on its online marketplace.
Heimadal Security
JUNE 29, 2021
Last Tuesday, a popular hacker calling himself “GOD User TomLiner” advertised data from over 700 million LinkedIn users for sale with samples that the data is real and up to date as per June 2021. LinkedIn is one of the most popular professional networking platforms that allows its users to create business connections, discover potential […]. The post LinkedIn Data of 700 Million People Leaked appeared first on Heimdal Security Blog.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
303 
Let's personalize your content