Schneier on Security

JUNE 5, 2023

Developers are starting to talk about the software-defined car. For decades, features have accumulated like cruft in new vehicles: a box here to control the antilock brakes, a module there to run the cruise control radar, and so on. Now engineers and designers are rationalizing the way they go about building new models, taking advantage of much more powerful hardware to consolidate all those discrete functions into a small number of domain controllers.

Software 295

Software Engineering Internet Internet 295

Security Boulevard

JUNE 5, 2023

Malware Déjà Vu: Perhaps as many as 87 million victims—maybe more. The post Chrome Extensions Warning — Millions of Users Infected appeared first on Security Boulevard.

Malware 145

Malware Social Engineering Security Awareness Engineering 145

Bleeping Computer

JUNE 5, 2023

​Outlook is down again for the second time today, with users facing a frustrating 503 error message when trying to access their accounts. [.

Mobile 134

Mobile Accountability Software 134

CyberSecurity Insiders

JUNE 5, 2023

In an increasingly connected world, where our lives revolve around the internet, safeguarding our privacy online has become paramount. From social media platforms to online shopping and banking, we share a wealth of personal information that can be vulnerable to misuse or exploitation. However, by adopting a few simple yet effective practices, you can significantly enhance your online privacy.

Passwords 126

Passwords Encryption Media Banking 126

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

CSO Magazine

JUNE 5, 2023

IT security teams lack confidence in their executives’ ability to prevent attacks on their personal hardware, systems, and network. This is according to a study sponsored by BlackCloak, a provider of digital privacy protection for high-profile executives, Ponemon Institute surveyed 553 US IT and IT security practitioners. Asked to rate from 1 to 10 how confident they were in CEOs and executives’ abilities to know how to recognize a phishing email, only 28% of respondents were confident.

CISO 125

CISO Phishing 125

Bleeping Computer

JUNE 5, 2023

KeePass has released version 2.54, fixing the CVE-2023-3278 vulnerability that allows the extraction of the cleartext master password from the application's memory. [.

Passwords 124

Passwords 124

Bleeping Computer

JUNE 5, 2023

Cybersecurity firm Kaspersky has released a tool to detect if Apple iPhones and other iOS devices are infected with a new 'Triangulation' malware. [.

Malware 123

Malware Cybersecurity Mobile 123

CyberSecurity Insiders

JUNE 5, 2023

Hackers somehow managed to exploit a vulnerability in Moveit file transfer software and ac-cessed information from the servers of Zellis, a payroll service provider in Britain. Unfortu-nately, British Airways (BA) and Boots are two among the list of companies that were impact-ed by the security incident. MOVEit produced by Progress Software is taking all precautions to mitigate the risks associat-ed with the incident and has informed the staff of Zellis on how to neutralize the effects of the cy

Data breaches 122

Data breaches Cybersecurity Insurance Ransomware 122

Bleeping Computer

JUNE 5, 2023

The Clop ransomware gang has told BleepingComputer they are behind the MOVEit Transfer data-theft attacks, where a zero-day vulnerability was exploited to breach multiple companies' servers and steal data. [.

Ransomware 122

Ransomware 122

CyberSecurity Insiders

JUNE 5, 2023

To those interested in known news bits on the technology of Artificial Intelligence, here some fuel for thought. According to a report published in New York Post, a woman located in the same city has married a virtual man generated to the Artificial Intelligence. The woman named Rosanna Ramos, mother of two children, married a man named Eren Kartal, a person she met through an online dating app.

Artificial Intelligence 122

Artificial Intelligence Media Accountability Technology 122

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Security Boulevard

JUNE 5, 2023

Red Sift today announced it is employing the GPT-4 generative artificial intelligence (AI) platform via a Relevance Detection capability to better determine whether a suspicious online entity should be monitored. Previously, Red Sift was applying machine learning algorithms to analyze domain name system (DNS) platforms, secure socket layer (SSL) certificates and the WHOIS database in.

Artificial Intelligence 119

Artificial Intelligence Cybersecurity DNS Malware 119

CyberSecurity Insiders

JUNE 5, 2023

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In an era where digital technology increasingly underpins food production and distribution, the urgency of cybersecurity in agriculture has heightened. A surge of cyberattacks in recent years, disrupting operations, causing economic losses, and threatening food industry security- all underscore this escalatin

Passwords 114

Passwords Digital transformation Cyber threats Risk 114

The Last Watchdog

JUNE 5, 2023

As the threat of cybercrime grows with each passing year, cybersecurity must begin utilizing artificial intelligence tools to better combat digital threats. Related: Leveraging human sensors Although AI has become a powerful weapon, there’s concern it might be too effective compared to human cybersecurity professionals — leading to layoffs and replacements.

Cybersecurity 113

Cybersecurity Artificial Intelligence Cyber threats Cybercrime 113

Graham Cluley

JUNE 5, 2023

Staff at the BBC have been warned that their personal data may now be in the hands of cybercriminals, following the exploitation of a vulnerability in a software tool used by the company that manages their payroll.

Data breaches 111

Data breaches Software Ransomware Malware 111

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

CyberSecurity Insiders

JUNE 5, 2023

Attention all business Gmail account holders, it is crucial to stay informed about the following news story. Security experts have issued a warning regarding the exploitation of the Gmail Blue Check Mark feature by scammers. These individuals are utilizing the mark to create counterfeit email addresses resembling those of well-known brands. Their goal is to deceive users into providing personal credentials and making fraudulent payments.

Marketing 110

Marketing Engineering Accountability Technology 110

Naked Security

JUNE 5, 2023

Little Bobby Tables is back!

Data breaches 109

Data breaches Ransomware 109

Security Boulevard

JUNE 5, 2023

The explosion in the use of OpenAI's ChatGPT and other large language models (LLMs) — along with a range of other artificial intelligence (AI) and machine learning (ML) systems — is ramping up the security cat-and-mouse game. The post 5 AI threats keeping SOC teams up at night appeared first on Security Boulevard.

Artificial Intelligence 105

Artificial Intelligence Risk Government 105

The Hacker News

JUNE 5, 2023

Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to a threat actor it tracks as Lace Tempest. "Exploitation is often followed by deployment of a web shell with data exfiltration capabilities," the Microsoft Threat Intelligence team said in a series of tweets today.

Software 103

Software 103

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

Security Boulevard

JUNE 5, 2023

Attackers covet your data and never stop coming for it. In 2021, ransomware cases grew by 92.7%. Are you protecting your data with the same passion and with adequate cybersecurity solutions? • In 2022, the Austrian Health insurer Medibank lost the data of four million customers at an estimated cost of $25-35 million to the. The post When it Comes to Cybersecurity, Prepare, Protect, Deploy appeared first on Security Boulevard.

Cybersecurity 105

Cybersecurity Insurance Ransomware Data breaches 105

Trend Micro

JUNE 5, 2023

We have been able to uncover a massive cryptocurrency scam involving more than a thousand websites handled by different affiliates linked to a program called Impulse Project, run by a threat actor named Impulse Team.

Cryptocurrency 101

Cryptocurrency Scams Cyber threats 101

Security Boulevard

JUNE 5, 2023

An analysis of cybersecurity breaches in 2022 conducted by FireTail, a provider of a platform for securing application programming interfaces (APIs), found only 12 publicly recorded breaches involving APIs, with six more being disclosed thus far in 2023. However, the average mean size of API data breach exposure is over 10 million records per incident.

Data breaches 104

Data breaches Cybersecurity Malware 104

Trend Micro

JUNE 5, 2023

This blog talks about the latest TargetCompany ransomware variant, Xollam, and the new initial access technique it uses. We also investigate previous variants' behaviors and the ransomware family's extortion scheme.

Ransomware 101

Ransomware 101

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

WIRED Threat Level

JUNE 5, 2023

Instead of scanning iCloud for illegal content, Apple’s tech will locally flag inappropriate images for kids. And adults are getting an opt-in nudes filter too.

100

100

Dark Reading

JUNE 5, 2023

Social media data can provide critical clues to help get ahead of the next cyberattack, experts say.

Media 100

Media Cybersecurity 100

Bleeping Computer

JUNE 5, 2023

The SpinOk malware was found in a new batch of Android apps on Google Play, reportedly installed an additional 30 million times. [.

Malware 99

Malware Mobile 99

Security Affairs

JUNE 5, 2023

KeePass addressed the CVE-2023-32784 bug that allows the extraction of the cleartext master password from the memory of the client. KeePass has addressed the CVE-2023-32784 vulnerability, which allowed the retrieval of the clear-text master password from the client’s memory. KeePass is a free and open-source software used to securely manage passwords.

Passwords 98

Passwords Password Management Encryption Hacking 98

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Malwarebytes

JUNE 5, 2023

In May, a lawyer who was defending their client in a lawsuit against Columbia's biggest airline, Avianca, submitted a legal filing before a court in Manhattan, New York, that listed several previous cases as support for their main argument to continue the lawsuit. But when the court reviewed the lawyer's citations, it found something curious: Several were entirely fabricated.

Artificial Intelligence 98

Artificial Intelligence Technology 98

Security Affairs

JUNE 5, 2023

Microsoft attributes the recent campaign exploiting a zero-day in the MOVEit Transfer platform to the Clop ransomware gang. The Clop ransomware gang (aka Lace Tempest ) is credited by Microsoft for the recent campaign that exploits a zero-day vulnerability, tracked as CVE-2023-34362 , in the MOVEit Transfer platform. Microsoft is attributing attacks exploiting the CVE-2023-34362 MOVEit Transfer 0-day vulnerability to Lace Tempest, known for ransomware operations & running the Clop extortion

Ransomware 98

Ransomware Authentication Engineering Hacking 98

Malwarebytes

JUNE 5, 2023

So, you’re on top of your software updates, you use a password manager, you’ve enabled two-factor authentication wherever you can, you’ve got BrowserGuard installed, and you’re running Malwarebytes Premium. If you're doing all of that you're already winning at security. But you want more, because you know that security is a journey and not a destination, and, let’s face it, you’re reading an article about five unusual cybersecurity tips: You’re hooked.

Cybersecurity 98

Cybersecurity Passwords Password Management Accountability 98

Security Affairs

JUNE 5, 2023

Last week two eastern Idaho hospitals and their clinics were hit by a cyberattack that temporarily impacted their operations. Last week the Idaho Falls Community Hospital was hit by a cyber attack that impacted its operations. Officials at the hospital confirmed that some clinics closed due to the cyber attack and some ambulances have been diverted to nearby hospitals.

Cyber Attacks 98

Cyber Attacks Hacking Ransomware Malware 98

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!