Sat.Jul 17, 2021

article thumbnail

To My Fellow CEOs: Cyber Security is your Business Too!

Security Boulevard

With each passing year, cyber security challenges have become more complex and more frequent. But along with this, the threat they pose to the business revenue of an organization has become immense. This is even more true in these times when the world is trying to recover from the pandemic. Cyber attackers are trying to […]. The post To My Fellow CEOs: Cyber Security is your Business Too!

article thumbnail

HelloKitty ransomware is targeting vulnerable SonicWall devices

Bleeping Computer

CISA is warning of threat actors targeting "a known, previously patched, vulnerability" found in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware. [.].

Firmware 144
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

China's New Law Requires Researchers to Report All Zero-Day Bugs to Government

The Hacker News

The Cyberspace Administration of China (CAC) has issued new stricter vulnerability disclosures regulations that mandate security researchers uncovering critical flaws in computer systems to mandatorily disclose them first-hand to the government authorities within two days of filing a report.

article thumbnail

Ecuador's state-run CNT telco hit by RansomEXX ransomware

Bleeping Computer

Ecuador's state-run Corporación Nacional de Telecomunicación (CNT) has suffered a ransomware attack that has disrupted business operations, the payment portal, and customer support. [.].

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

75,000+ Customers Affected in CNA Ransomware Attack

Security Boulevard

The CNA ransomware attack that made the news in March this year has an extension to the story. The insurance giant revealed that the organization suffered a data breach following the ransomware attack. The American insurance major has recently disclosed that data of over 75,000 of its customers has been affected due to the breach. […]. The post 75,000+ Customers Affected in CNA Ransomware Attack appeared first on Kratikal Blogs.

article thumbnail

US govt offers $10 million reward for info on nation-state cyber operations

Security Affairs

The US government is offering a $10 million reward to everyone that provides information on operations conducted by nation-state actors. The US government is offering a $10 million reward for information on campaigns conducted by state-sponsored hackers. The move was announced by the U.S. Department of State, the US agency states that its Rewards for Justice (RFJ) program will reward reports of malicious activity against U.S. critical infrastructure conducted by nation-state actors.

More Trending

article thumbnail

CloudFlare CDNJS Bug Could Have Led to Widespread Supply-Chain Attacks

The Hacker News

Web infrastructure and website security company Cloudflare last month fixed a critical vulnerability in its CDNJS library that's used by 12.7% of all websites on the internet. CDNJS is a free and open-source content delivery network (CDN) that serves about 4,041 JavaScript and CSS libraries, making it the second most popular CDN for JavaScript after Google Hosted Libraries.

Internet 120
article thumbnail

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

Security Affairs

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. An attacker could exploit the flaws to execute arbitrary code on unpatched routers, crash the devices, or gain access to sensitive information.

Firmware 116
article thumbnail

Instagram Launches 'Security Checkup' to Help Users Recover Hacked Accounts

The Hacker News

Instagram earlier this week introduced a new "Security Checkup" feature that aims to keep accounts safe and help users—whose accounts may have been compromised—to recover them.

article thumbnail

XKCD ‘Board Game Argument: Legacy’

Security Boulevard

via the comic artistry and dry wit of Randall Munroe , resident at XKCD ! Permalink. The post XKCD ‘Board Game Argument: Legacy’ appeared first on Security Boulevard.

116
116
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Windows 11’s subsystem for Android - What we know so far

Bleeping Computer

With Windows 11, Microsoft is planning to integrate Amazon Appstore into Windows 11's Microsoft Store. Here's everything we know so far. [.].

Software 136
article thumbnail

$10 Million US Dollars, Missing Ransomware Gangs, and so much more!

Security Boulevard

. Wow, what a week. From new incentives to become a cyber defender to new targets for threat actors, this week had it all. We start with the $10 million dollar information bounty currently offered by the US Government and we end with the startling news of the Trickbot comeback. See? This week was wild--keep reading for the News In Review. The post $10 Million US Dollars, Missing Ransomware Gangs, and so much more!

article thumbnail

Cisco fixes high-risk DoS flaw in ASA, FTD Software

Security Affairs

Cisco addressed a high severity DoS vulnerability in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. Cisco this week released security updates for a high severity vulnerability in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products. The flaw resides in the software cryptography module of both ASA and FTD software, an attacker in a man-in-the-middle position could exploit the issue to trigger a DoS condition and cause an unexpected

Software 106
article thumbnail

BSides Vancouver 2021 – Eric Payne’s ‘Take Down Cyberthreat Dwell Time With Kaspersky Optimum Security’

Security Boulevard

Our thanks to BSides Vancouver for publishing their outstanding BSides Vancouver 2021 Conference videos on the groups' YouTube channel. Permalink. The post BSides Vancouver 2021 – Eric Payne’s ‘Take Down Cyberthreat Dwell Time With Kaspersky Optimum Security’ appeared first on Security Boulevard.

Education 111
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Biden’s Cybersecurity Team Gets Crowded at the Top

WIRED Threat Level

It’s a lot of talent, but the US now has five overlapping roles jockeying for limited budgets, authorities, and bureaucratic victories.

article thumbnail

Our New Domain Is SecureWorld.io! Find Out Why

SecureWorld News

For more than 20 years, SecureWorld has been producing high-quality events in support of our mission of "connecting, informing, and developing leaders in cybersecurity.". Many in the InfoSec industry know us in this capacity, having built connections and grown professionally over the years at our regional conferences. And while "Expo" was in our original name, our events came to be much more than an "exposition" experience.

InfoSec 92
article thumbnail

Biden Puts a $10M Bounty on Foreign Hackers

WIRED Threat Level

Plus: REvil goes dark, spyware runs amok, and more of the week's top security news.

Spyware 112
article thumbnail

BSidesNoVA 2021 – Rich Wickersham’s, David Martin’s, Dan Higham’s And Robert Lowe’s ‘Panel: Cyber Engineering & Architecture’

Security Boulevard

Our thanks to BSidesNoVA for publishing their outstanding videos on the organization's YouTube channel. Permalink. The post BSidesNoVA 2021 – Rich Wickersham’s, David Martin’s, Dan Higham’s And Robert Lowe’s ‘Panel: Cyber Engineering & Architecture’ appeared first on Security Boulevard.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.