Schneier on Security
JANUARY 27, 2023
Early in his career, Kevin Mitnick successfully hacked California law. He told me the story when he heard about my new book , which he partially recounts his 2012 book, Ghost in the Wires. The setup is that he just discovered that there’s warrant for his arrest by the California Youth Authority, and he’s trying to figure out if there’s any way out of it.
Troy Hunt
JANUARY 27, 2023
Breaches all over the place today! Well, this past week, and there's some debate as to whether one of them is a breach, a scrape or if the term just doesn't matter anyway. Plus, we've been kitchen shopping, I'm helping friends out with connected doorbells and other random but somehow related things this week. Enjoy 😊 References I'll be "at" GOTO Aarhus in May (there online, but definitely speaking at the show) Following all the awesome input, we decided t
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
JANUARY 27, 2023
This is a good list of modern phishing techniques.
Tech Republic Security
JANUARY 27, 2023
Working with international law enforcement, the FBI said it has seized control of the servers the Hive group uses to communicate with members. The post FBI takes down Hive ransomware group appeared first on TechRepublic.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Bleeping Computer
JANUARY 27, 2023
Microsoft says this week's five-hour-long Microsoft 365 worldwide outage was caused by a router IP address change that led to packet forwarding issues between all other routers in its Wide Area Network (WAN). [.
Tech Republic Security
JANUARY 27, 2023
TechRepublic speaks with Carlos Morales of Neustar Security Services on the best ways for companies to spend on cybersecurity — even if their budgets are tighter. The post Here’s how IT budgets should fill cybersecurity moats in 2023 appeared first on TechRepublic.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Tech Republic Security
JANUARY 27, 2023
Microsoft’s cloud-hosted SIEM software comes with a suite of powerful analytics tools designed to read logs and find anomalies in the data haystack. The post How to use Microsoft KQL for SIEM insight appeared first on TechRepublic.
Dark Reading
JANUARY 27, 2023
OpenAI's chatbot has the promise to revolutionize how security practitioners work.
Security Boulevard
JANUARY 27, 2023
Law enforcement agencies from several countries got together and took down the site. They also worked to decrypt victims’ data. The post ‘Hive’ Russian Ransomware Gang Shut Down by FBI, DoJ, Europol, Bundeskriminalamt, et al appeared first on Security Boulevard.
CyberSecurity Insiders
JANUARY 27, 2023
Russia launched a war on Ukraine, its neighboring country, on February 24th of the year 2022. And still the Zelenskyy led nation hasn’t surrendered to Moscow, all because of the extreme support from the west, regarding arms & ammunition, essentials and, of course, funds. As the war is fast approaching the one year long milestone, Putin intensified the war by attacking the civilian populace from December last year.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Security Boulevard
JANUARY 27, 2023
The Federal Trade Commission (FTC) chair, Lina M. Khan, recently announced the commission’s intent to adjust a rule that would prohibit non-compete agreements by workers or independent contractors. Their rationale? Unfair competition—which, therefore, falls under the purview of the FTC. This could have a huge impact on the cybersecurity and IT industries, and open up.
Bleeping Computer
JANUARY 27, 2023
Security researchers have analyzed a variant of the PlugX malware that can hide malicious files on removable USB devices and then infect the Windows hosts they connect to. [.
Security Boulevard
JANUARY 27, 2023
Chainguard this week made available a memory-safe distribution of Linux, dubbed Wolfi, that promises to eliminate the root cause of the bulk of known software vulnerabilities. In addition, Chainguard has partnered with the Internet Security Research Group (ISRG) to create a Rustls TLS library for Wolfi available as the default backend in libcurl. All curl.
We Live Security
JANUARY 27, 2023
Data Privacy Week is a reminder to protect your data – all year round. Here are three privacy-boosting habits you can start today. The post Are you in control of your personal data?
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Security Boulevard
JANUARY 27, 2023
Artificial intelligence (AI) is rapidly becoming a powerful tool in the cybersecurity landscape, with the potential to revolutionize the way we detect and respond to cyber threats. However, as with any technology, there are also risks associated with the use of AI in cybersecurity. In this blog post, we will explore both the advantages and dangers of AI in cybersecurity, including examples of how cybercriminals could use AI to improve social engineering attacks and how cybersecurity companies ca
Dark Reading
JANUARY 27, 2023
A nasty SSRF bug in Web Services plagues a laundry list of enterprise printers.
Security Boulevard
JANUARY 27, 2023
A breach at LastPass is the gift that keeps on giving—or taking, depending on your perspective. LastPass parent company GoTo raised the alarm this week that, in addition to stealing encrypted backups containing customer data, hackers nicked an encryption key last November. “An unauthorized party gained access to a third-party cloud-based storage service, which LastPass.
IT Security Guru
JANUARY 27, 2023
This year’s annual Data Privacy Day falls on January 28 th. Each year, the day provides an opportunity to educate consumers and organisations alike on the importance of privacy and staying safe online. Since the awareness around data privacy is still somewhat lacking, we’ve come up with a piece that you can share with your less tech-savvy friends and family members.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Naked Security
JANUARY 27, 2023
Unfortunately, you've probably already heard the cliche that "cybercrime abhors a vacuum".
CSO Magazine
JANUARY 27, 2023
Security researchers warn that an increasing number of attackers are using legitimate remote monitoring and management (RMM) tools in their attacks to achieve remote access and control over systems. These tools are commonly used by managed service providers (MSPs) and IT help desks so their presence on an organization's network and systems might not raise suspicion.
Dark Reading
JANUARY 27, 2023
An academic analysis of website defacement behavior by 241 new hackers shows there are four clear trajectories they can take in future, researchers say.
CSO Magazine
JANUARY 27, 2023
The US Department of Justice (DOJ) along with international partners have taken down the Hive ransomware group. The operation that began in July 2022 resulted in the FBI penetrating Hive’s computer networks, capturing its decryption keys, and offering them to victims worldwide, preventing victims from having to pay the $130 million in ransom demanded, DOJ said in a release on Thursday.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
The Hacker News
JANUARY 27, 2023
Orcus is a Remote Access Trojan with some distinctive characteristics. The RAT allows attackers to create plugins and offers a robust core feature set that makes it quite a dangerous malicious program in its class. RAT is quite a stable type that always makes it to the top. ANY.
Bleeping Computer
JANUARY 27, 2023
For the most part, this week has been relatively quiet regarding ransomware attacks and researcher — that is, until the FBI announced the disruption of the Hive ransomware operation. [.
The Hacker News
JANUARY 27, 2023
The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could lead to a denial-of-service (DoS) condition. "A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and system failures," the U.S.
Bleeping Computer
JANUARY 27, 2023
The Ukrainian Computer Emergency Response Team (CERT-UA) found a cocktail of five different data-wiping malware strains deployed on the network of the country's national news agency (Ukrinform) on January 17th. [.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
The Hacker News
JANUARY 27, 2023
Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems.
Heimadal Security
JANUARY 27, 2023
One of the most recent finds exposed the Aurora Stealer malware imitating popular applications to infect as many users as possible. Cyble researchers were able to determine that, in order to target a variety of well-known applications, the threat actors are actively changing and customizing their phishing websites. Aurora targets data from web browsers and crypto […] The post Aurora Infostealer Malware Deploys Shapeshifting Tactics appeared first on Heimdal Security Blog.
The Hacker News
JANUARY 27, 2023
Ukraine has come under a fresh cyber onslaught from Russia that involved the deployment of a previously undocumented Golang-based data wiper dubbed SwiftSlicer. ESET attributed the attack to Sandworm, a nation-state group linked to Military Unit 74455 of the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU).
Security Boulevard
JANUARY 27, 2023
Anyone who has been in IT for the last decade knows the risks posed by ransomware and cyberattacks. They have been on our radar as a top concern for many years. But there have been changes. Most notably, the prevalence of attacks, specifically on large global companies, and the growing focus on a new target, The post Securing Against Supply Chain Attacks appeared first on Security Boulevard.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
354 
Let's personalize your content