Fri.May 13, 2022

Android 13 promises more on Mobile Security and Privacy

CyberSecurity Insiders

Google disclosed at its I/O developer conference that its upcoming beta version of Android 13 mobile OS will have more features on privacy and security.

Mobile 107

He cracked passwords for a living – now he’s serving 4 years in prison

Naked Security

Crooks don't need a password for every user on your network to break in and wreak havoc. One could be enough. Cryptography Law & order bust cracking Cybercrime doj

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OpenSSF Seeks $150M+ to Address Open Source Software Security

Security Boulevard

The Open Source Security Foundation (OpenSSF) this week outlined a plan to better secure open source software by focusing on 10 streams of investment that, in total, would require more than $150 million.

Google Created 'Open-Source Maintenance Crew' to Help Secure Critical Projects

The Hacker News

Google on Thursday announced the creation of a new "Open Source Maintenance Crew" to focus on bolstering the security of critical open source projects.

91

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

MAJOR Justice Dept. Breach — ‘Time for Drastic Measures’

Security Boulevard

Criminals have access to Justice Department databases and can write fake data, as well as read highly sensitive info, we’re told. The post MAJOR Justice Dept. Breach — ‘Time for Drastic Measures’ appeared first on Security Boulevard.

How One Company Helps Keep Russia’s TV Propaganda Machine Online

WIRED Threat Level

Russia is using satellites controlled by French operator Eutelsat to broadcast state-run programming. A grassroots group is pushing for that to stop. Security Security / National Security

90

More Trending

SonicWall Releases Patches for New Flaws Affecting SSLVPN SMA1000 Devices

The Hacker News

SonicWall has published an advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability. The weaknesses in question impact SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1.

NIST Updates Guidance for Supply Chain Security Management  

Security Boulevard

The National Institute of Standards and Technology (NIST) has updated its cybersecurity supply chain risk management (C-SCRM) guidance in an effort to help organizations protect themselves as they acquire and use technology products and services.

Ingram Micro Cloud Expands Availability of Bitdefender Solutions in Cloud Marketplace

CyberSecurity Insiders

IRVINE, Calif.–( –( BUSINESS WIRE )–Ingram Micro Cloud today announced the expanded availability of Bitdefender solutions on the Ingram Micro Cloud Marketplace, one of the world’s largest cloud marketplaces for the channel.

Protecting Container Workloads With a Zero-Trust Strategy

Security Boulevard

Zero-trust security models are rising in popularity as arguably the most practical and logical approach for securing container environments.

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

How To Sell A Domain Name Fast

SecureBlitz

In this article, you’ll find out what is the best way to sell a domain name and how to sell domain names fast. Selling domain names for profit is not so straightforward. You’re going to have to embark on a journey of trial and error until you find a way to do it right.

Tesla Safety Negligence Finally Goes to Court: “Sore Thumb” of American Roads

Security Boulevard

Quality of Tesla vehicles has been notoriously bad for years, and has been trending worse, which should be little surprise given how poorly it treats human life (from its workers and its customers to anyone in or around their product).

87

Log4Shell Exploit Threatens Enterprise Data Lakes, AI Poisoning

Dark Reading

A brand-new attack vector lays open enterprise data lakes, threatening grave consequences for AI use cases like telesurgery or autonomous cars

85

Cylance vs CrowdStrike: EDR software comparison

Tech Republic Security

See what features you can expect from Cylance and CrowdStrike to choose the EDR solution that is ideal for your business. The post Cylance vs CrowdStrike: EDR software comparison appeared first on TechRepublic. Artificial Intelligence Cloud Security Software

How to Avoid the Pain and Cost of PCI Compliance While Optimizing Payments

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

Cybersecurity News Round-Up: Week of May 9, 2022

Security Boulevard

Costa Rica is reeling from a ransomware attack, the U.S. CISA Chief talks about future tech challenges, Russian hackers issue a chilling warning to the UK. The post Cybersecurity News Round-Up: Week of May 9, 2022 appeared first on Security Boulevard. Security Bloggers Network

6 Cybersecurity Myths Busted That You Should Know About

SecureBlitz

This post will show you 6 cybersecurity myths busted… Cybersecurity is one of the top priorities for modern organizations. Data breaches are affecting companies ranging from small unknown start-ups to infamous conglomerates. But what are some of the cybersecurity myths?

Shrinking malware development and emergence cycles and its implications

Security Boulevard

In the first half of 2022, we have seen at least one major ransomware that was rewired or built on the code bed of existing malware. Such transformations are now occurring regularly enough to cause alarm among cybersecurity teams and vendors.

US Agrees to International Electronic Cybercrime Evidence Swap

Dark Reading

The Budapest Convention is a multinational coalition that agrees to share electronic evidence across international jurisdictions to track down cybercriminals

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

How to spot and avoid a phishing attack – Week in security with Tony Anscombe

We Live Security

Can you spot the tell-tale signs of a phishing attempt and check if an email that has landed in your inbox is legit? The post How to spot and avoid a phishing attack – Week in security with Tony Anscombe appeared first on WeLiveSecurity

Threat Actors Use Telegram to Spread ‘Eternity’ Malware-as-a-Service

Threatpost

An account promoting the project—which offers a range of threat activity from info-stealing to crypto-mining to ransomware as individual modules—has more than 500 subscribers. Malware Web Security

Start a new career in ethical hacking with these 18 training courses

Tech Republic Security

You can have a great career helping companies secure their data by becoming a white hat hacker. Try this training to start a fun new career. The post Start a new career in ethical hacking with these 18 training courses appeared first on TechRepublic. Security

Microsoft: Sysrv botnet targets Windows, Linux servers with new exploits

Bleeping Computer

Microsoft says the Sysrv botnet is now exploiting vulnerabilities in the Spring Framework and WordPress to ensnare and deploy cryptomining malware on vulnerable Windows and Linux servers. [.]. Security CryptoCurrency

Data Transformation: 3 Sessions to Attend at RSA 2022

Dark Reading

Three RSA 2022 sessions take deep dives into the security considerations around data cloud transformation

70

Microsoft: The Ransomware ware is Changing, Here’s What You Need to Know

Hacker Combat

Microsoft has highlighted RaaS, also known as ransomware as a service, as a criminal company relying on freelancers and is designed to spread the risk. Microsoft security professionals track over 35 separate ransomware attacks and 250 threats.

Risk 69

New Saitama backdoor Targeted Official from Jordan's Foreign Ministry

The Hacker News

A spear-phishing campaign targeting Jordan's foreign ministry has been observed dropping a new stealthy backdoor dubbed Saitama.

Italian CERT: Hacktivists hit govt sites in ‘Slow HTTP’ DDoS attacks

Bleeping Computer

Italy's Computer Security Incident Response Team (CSIRT) has published an announcement about the recent DDoS attacks that key sites in the country suffered in the last couple of days. [.]. Security

DDOS 98

How to Avoid Falling Victim to PayOrGrief's Next Rebrand

Dark Reading

The group that shut down the second largest city in Greece was not new but a relaunch of DoppelPaymer

67

The Week in Ransomware - May 13th 2022 - A National Emergency

Bleeping Computer

While ransomware attacks have slowed during Russia's invasion of Ukraine and the subsequent sanctions, the malware threat continues to affect organizations worldwide. [.]. Security

Black Hat Asia: Democracy's Survival Depends on Taming Technology

Dark Reading

The conference opens with stark outlook on the future of global democracy — currently squeezed between Silicon Valley and China

Beware – Banking Trojans using enhanced techniques to spread malware.

Quick Heal Antivirus

In our Open-Source Threat Hunting, Quick Heal Security Researchers encountered a banking Trojan named Aberebot capable of stealing. The post Beware – Banking Trojans using enhanced techniques to spread malware. appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

Five Eyes nations warn MSPs of stepped-up cybersecurity threats

CSO Magazine

In an unexpected development, the cybersecurity authorities of the "Five Eyes" countries issued an alert warning of an increase in malicious cyber activity targeting managed service providers (MSPs), with these agencies saying they expect this trend to continue.

CSO 93

SonicWall urges customers to fix SMA 1000 vulnerabilities

Security Affairs

SonicWall warns customers to address several high-risk security flaws impacting its Secure Mobile Access (SMA) 1000 Series line of products. SonicWall urges customers to address several high-risk security vulnerabilities affecting its Secure Mobile Access (SMA) 1000 Series line of products.

BrandPost: The Top 4 Threats to a Secure Cloud Infrastructure

CSO Magazine

Cloud adoption has brought a wave of change to today's businesses, from enhanced internal collaboration and consumer engagement to improved agility and cost savings.