Schneier on Security

FEBRUARY 20, 2023

Tile has an interesting security solution to make its tracking tags harder to use for stalking: The Anti-Theft Mode feature will make the devices invisible to Scan and Secure, the company’s in-app feature that lets you know if any nearby Tiles are following you. But to activate the new Anti-Theft Mode, the Tile owner will have to verify their real identity with a government-issued ID, submit a biometric scan that helps root out fake IDs, agree to let Tile share their information with law e

Surveillance 247

Surveillance Government 247

Security Boulevard

FEBRUARY 20, 2023

GoDaddy’s web hosting service breached yet again. This time, the perps were redirecting legit websites to malware. The post GoDaddy Hosting Hacked — for FOURTH Time in 4 Years appeared first on Security Boulevard.

Hacking 143

Hacking Malware Social Engineering CISO 143

CyberSecurity Insiders

FEBRUARY 20, 2023

IBM Chief felt ChatGPT, an OpenAI developed a platform of Microsoft, has the potential to replace white-collar jobs such as insurance consultants, lawyers, accountants, computer programmers and admin roles. Arvind Krishna, the lead of the technology at IBM, predicts that some sort of jobs will replace by AI models and so job steal is predictably possible.

Insurance 137

Insurance Engineering Accountability Technology 137

Heimadal Security

FEBRUARY 20, 2023

GoDaddy, a major provider of web hosting services, claims that a multi-year attack on its cPanel shared hosting environment resulted in a breach where unidentified attackers stole source code and installed malware on its servers. While the attackers had access to the company’s network for a number of years, GoDaddy only learned about the security […] The post GoDaddy Discloses Data Breach Spanning Multiple Years appeared first on Heimdal Security Blog.

Data breaches 132

Data breaches Malware Cybersecurity 132

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

Graham Cluley

FEBRUARY 20, 2023

Many Twitter users have been presented with a message telling them that SMS-based two-factor authentication (2FA) will be removed next month. According to Twitter, only subscribers to its premium Twitter Blue service will be able to use text message-based 2FA to protect their accounts. Is that such a good idea?

Authentication 132

Authentication Accountability Mobile 132

The Last Watchdog

FEBRUARY 20, 2023

Well-placed malware can cause crippling losses – especially for small and mid-sized businesses. Related: Threat detection for SMBs improves Not only do cyberattacks cost SMBs money, but the damage to a brand’s reputation can also hurt growth and trigger the loss of current customers. One report showed ransomware attacks increased by 80 percent in 2022, with manufacturing being one of the most targeted industries.

Ransomware 124

Ransomware Education Hacking Backups 124

CSO Magazine

FEBRUARY 20, 2023

With cyberattacks rising at an alarming rate around the world, cyber insurance has become an increasingly popular layer of protection for businesses across all sectors. However, despite its clear appeal as a means of supporting and augmenting cyber risk management, insurance might not be the right fit for all companies in every circumstance. In fact, there are compelling reasons why some might be advised to avoid, delay, or at least seriously reconsider buying or renewing a policy —increasing co

Cyber Insurance 112

Cyber Insurance Insurance Cyber Risk Risk 112

We Live Security

FEBRUARY 20, 2023

AI-pocalypse soon? As stunning as ChatGPT’s output can be, should we also expect the chatbot to spit out sophisticated malware? The post Will ChatGPT start writing killer malware?

Malware 109

Malware 109

Heimadal Security

FEBRUARY 20, 2023

Scandinavian Airline SAS reported a cyber attack Tuesday evening and advised customers not to use its app, but later stated that the problem had been resolved. According to media reports, the hackers took down the carrier’s website and exposed customer information from its app. In addition, the cyberattack caused a malfunction in the airline’s online […] The post Scandinavian Airlines Suffer Major Data Breach After Cyberattack appeared first on Heimdal Security Blog.

Data breaches 109

Data breaches Cyber Attacks Media Cybersecurity 109

CSO Magazine

FEBRUARY 20, 2023

Web hosting and infrastructure provider GoDaddy said it suspects a recent attack on its infrastructure in December 2022 may be connected to a series of incidents the business has been experiencing since 2020. The attack involved an unauthorized third-party gaining access to and installing malware on GoDaddy’s cPanel hosting servers, the company disclosed in an SEC filing.

Hacking 106

Hacking Malware 106

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Trend Micro

FEBRUARY 20, 2023

This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends.

Ransomware 106

Ransomware Cyber threats IoT Risk 106

SecureBlitz

FEBRUARY 20, 2023

In this post, I will show you the pros and cons of outsourcing your cybersecurity audit. As businesses become increasingly reliant on technology for their operations, the security of their digital infrastructure becomes increasingly important. One way to ensure the security of your business is to outsource a cybersecurity audit. Outsourcing a cybersecurity audit can […] The post The Pros And Cons Of Outsourcing Your Cybersecurity Audit appeared first on SecureBlitz Cybersecurity.

Cybersecurity 105

Cybersecurity Technology Hacking 105

Heimadal Security

FEBRUARY 20, 2023

Europol put an end to the operations of a Franco-Israeli CEO fraud group. The threat actors used business email compromise (BEC) attacks to steal money. This led to €38,000,000 stolen in just a few days from one organization. Details About the Europol Investigation It took the collaboration between Europol, French, Croatian, Hungarian, Portuguese, and Spanish […] The post Europol Shuts Down a Franco-Israeli CEO Fraud Group appeared first on Heimdal Security Blog.

Cybersecurity 104

Cybersecurity 104

Naked Security

FEBRUARY 20, 2023

Ironically, Twitter Blue users will be allowed to keep using the very 2FA process that's not considered secure enough for everyone else.

Authentication 101

Authentication 101

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

The Hacker News

FEBRUARY 20, 2023

The cyber espionage threat actor tracked as Earth Kitsune has been observed deploying a new backdoor called WhiskerSpy as part of a social engineering campaign. Earth Kitsune, active since at least 2019, is known to primarily target individuals interested in North Korea with self-developed malware such as dneSpy and agfSpy.

Social Engineering 101

Social Engineering Engineering Malware 101

Security Affairs

FEBRUARY 20, 2023

The Coinbase cryptocurrency exchange was the victim of a sophisticated cyberattack, experts believe is was targeted by Twilio hackers. A sophisticated threat actor launched a smishing campaign against the employees of the cryptocurrency exchange Coinbase. According to the company, on February 5, 2023, some of its employees received text messages requesting them to urgently log in to their accounts using an embedded link.

Cryptocurrency 98

Cryptocurrency Accountability Authentication Hacking 98

The Hacker News

FEBRUARY 20, 2023

Norwegian police agency Økokrim has announced the seizure of 60 million NOK (about $5.84 million) worth of cryptocurrency stolen by the Lazarus Group in March 2022 following the Axie Infinity Ronin Bridge hack. "This case shows that we also have a great capacity to follow the money on the blockchain, even if the criminals use advanced methods," the agency said in a statement.

Cryptocurrency 99

Cryptocurrency Hacking 99

Security Affairs

FEBRUARY 20, 2023

The LockBit ransomware gang claims to have hacked Aguas do Porto, a Portuguese municipal water utility company. The LockBit ransomware gang claims to have hacked Aguas do Porto, a Portuguese municipal water utility company, and is threatening to leak the stolen data. Aguas do Porto is a municipal water utility company that manages the full water cycle including water supply, and wastewater drainage.

Ransomware 98

Ransomware Cyber Attacks Cybercrime Hacking 98

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

Bleeping Computer

FEBRUARY 20, 2023

According to reports from an increasing number of Microsoft customers, Outlook inboxes have been flooded with spam emails over the last nine hours because email spam filters are currently broken. [.

98

98

Security Affairs

FEBRUARY 20, 2023

Social engineering techniques are becoming increasingly sophisticated and are exploiting multiple emerging means, such as deep fakes. The increasing use of videoconferencing platforms and the various forms of remote work also adopted in the post-emergency covid make interpersonal collaborations increasingly virtual. This scenario must undoubtedly force organizations to prepare adequately to be able to recognize impersonation attempts based on social engineering attacks, which are also proving in

Social Engineering 98

Social Engineering Engineering Artificial Intelligence Computers and Electronics 98

SecureWorld News

FEBRUARY 20, 2023

Web hosting provider GoDaddy has revealed it suffered a security breach that lasted for several years, resulting in the installation of malware on its servers and the theft of source code related to some of its services. The company has attributed the campaign to a "sophisticated and organized group targeting hosting services." According to a statement published on its website , GoDaddy discovered the breach in December 2022 after receiving a small number of complaints from customers about their

Malware 98

Malware Passwords Cyber threats Phishing 98

Security Affairs

FEBRUARY 20, 2023

Researchers spotted a new information stealer, called Stealc, which supports a wide set of stealing capabilities. In January 2023, researchers at SEKOIA.IO discovered a new information stealer, dubbed Stealc, which was advertised in the dark web forums. The malware was developed by a threat actor that uses the moniker Plymouth who claims the info-stealer supports a wide set of stealing capabilities.

Malware 98

Malware Cryptocurrency Advertising Data collection 98

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Trend Micro

FEBRUARY 20, 2023

Amidst the uproar and opinions since November 2022, we look at the possibilities and implications of what OpenAI’s ChatGPT presents to the cybersecurity industry using a comparison to earlier products, like its predecessor GPT-3.

Cybersecurity 98

Cybersecurity Cyber threats Risk Malware 98

Security Affairs

FEBRUARY 20, 2023

Samsung introduces a new protection feature called Message Guard to protect users from zero-click malware attacks. Samsung announced the implementation of a new security feature called Message Guard that aims at protecting users from malicious code that can be installed via zero-click attacks. Zero-click exploits allow attackers to compromise the target device without any user interaction, for example, a threat actor can exploit a zero-day issue by sending an image to the victims. “Threats

Mobile 98

Mobile Malware Hacking Information Security 98

Malwarebytes

FEBRUARY 20, 2023

Twitter is making some dramatic shake ups to its currently available security settings. From March 19, users of Twitter won’t be able to use SMS-based two-factor authentication (2FA) unless they have a subscription to the paid Twitter Blue service. If you use text-based 2FA, the important thing here is not to worry. You may be under the impression that Twitter is removing your 2FA ability altogether, but this isn’t the case.

Authentication 98

Authentication Phishing Mobile Accountability 98

Security Boulevard

FEBRUARY 20, 2023

From here on out, hybrid and remote work are here to stay. Unfortunately, this seismic shift in the way we work has expanded the attack surface for opportunistic cybercriminals. Mimecast’s 2022 state of email security report (SOES) found that 72% of respondents experienced an increase in email-based threats over the previous 12 months. And in. The post The Essential Guide to Securing Hybrid Workplace Environments appeared first on Security Boulevard.

Security Awareness 98

Security Awareness Malware Cybersecurity 98

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

eSecurity Planet

FEBRUARY 20, 2023

Penetration tests find security vulnerabilities before hackers do and are critical for keeping organizations safe from cyber threats. You can either create your own pentesting program or hire an outside firm to do it for you. Penetration test services have become common, with many security companies offering them. But they can be expensive and should be done often, so if you have the expertise on staff, consider developing your own penetration testing program.

Penetration Testing 98

Penetration Testing Cyber threats Engineering Architecture 98

Security Boulevard

FEBRUARY 20, 2023

CSMA improves a company's security posture without adding specialized products that operate in silos. Unify your products so they work as a security ecosystem. The post Cybersecurity Mesh Architecture checklist for CISOs appeared first on Security Boulevard.

Architecture 98

Architecture CISO Cybersecurity 98

Bleeping Computer

FEBRUARY 20, 2023

Samsung has developed a new security system called Samsung Message Guard to help Galaxy smartphone users keep safe from the so-called "zero-click" exploits that use malicious image files. [.

Mobile 97

Mobile 97

Security Boulevard

FEBRUARY 20, 2023

Filing your taxes is already a drag, but finding out that someone has already filed a fake tax return in your name and is trying to steal your refund? That just takes the cake. The post How to protect yourself against identity theft this tax season appeared first on Security Boulevard.

Identity Theft 98

Identity Theft 98

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!