Joseph Steinberg
JANUARY 4, 2023
Zero Trust is a term that is often misunderstood and misused, which is why I wrote an article not long ago entitled Zero Trust: What These Overused Cybersecurity Buzz Words Actually Mean – And Do Not Mean. But, even those who have a decent grasp on the meaning of Zero Trust seem to frequently confuse the term with Zero Trust Network Architecture (ZTNA).
Schneier on Security
JANUARY 4, 2023
Maintaining bitcoin and other cryptocurrencies causes about 0.3 percent of global CO 2 emissions. That may not sound like a lot, but it’s more than the emissions of Switzerland, Croatia, and Norway combined. As many cryptocurrencies crash and the FTX bankruptcy moves into the litigation stage, regulators are likely to scrutinize the cryptocurrency world more than ever before.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
JANUARY 4, 2023
A nightly build version of a machine-learning framework dependency has been compromised. The package ran malicious code on affected systems and stole data from unsuspecting users. The post Machine-Learning Python package compromised in supply chain attack appeared first on TechRepublic.
Javvad Malik
JANUARY 4, 2023
Cops in Santa Cruz, California, were out in full force, arresting a 19-year-old they allege was behind a sinister plot to swindle unsuspecting beachgoers out of their hard-earned cash. The suspect, Damian Vela of Watsonville, had been placing counterfeit parking tickets on vehicles near the shoreline, complete with a QR code that victims could scan to pay the bogus fines.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Tech Republic Security
JANUARY 4, 2023
Meta has violated GDPR with illegal personal data collection practices for targeted ads. Learn about this latest violation and Meta's rocky GDPR history. The post Meta violates GDPR with non-compliant targeted ad practices, earns over $400 million in fines appeared first on TechRepublic.
Trend Micro
JANUARY 4, 2023
The Dridex variant we analyzed targets MacOS platforms with a new technique to deliver documents embedded with malicious macros to users.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Identity IQ
JANUARY 4, 2023
5 Things You Should Not Share on Social Media. IdentityIQ. Social media has become some of the most popular platforms people spend their time on. Whether you want to check up on your family members, post photos or even meet new people, social media is the way to go. Even businesses take up social media to promote their products and services. What you post on social media today is important, so make sure you try to avoid these types of posts. 1.
Dark Reading
JANUARY 4, 2023
Job applicants could face a raft of follow-on attacks after cyber intruders accessed their data in an opportunistic attack.
Security Boulevard
JANUARY 4, 2023
F5 has extended the reach of its cloud security platform to include the infrastructure that applications are deployed on using technology it gained with the acquisition of ThreatStack in late 2021. Chris Ford, regional vice president for F5, said F5 Distributed Cloud App Infrastructure Protection (AIP) expands the scope of the capabilities that the company.
CyberSecurity Insiders
JANUARY 4, 2023
Adding more embarrassment to last year’s Twitter Data Breach, a new finding on the web has discovered a new database dump exposed on an online hacking forum. It appears to be a big data leak as information related to about 235 million users was found by a cyber intelligence firm named Hudson Rock, based in Israel. Exposed details include user names, email address, screen names, number of followers and date of account creation along with the linked phone number.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
We Live Security
JANUARY 4, 2023
Are your virtual doctor visits private and secure? Here’s what to know about, and how to prepare for, connecting with a doctor from the comfort of your home. The post The doctor will see you now … virtually: Tips for a safe telehealth visit appeared first on WeLiveSecurity.
CSO Magazine
JANUARY 4, 2023
Every business needs a secure way to collect, manage, and authenticate passwords. Unfortunately, no method is foolproof. Storing passwords in the browser and sending one-time access codes by SMS or authenticator apps can be bypassed by phishing. Password management products are more secure, but they have vulnerabilities as shown by the recent LastPass breach that exposed an encrypted backup of a database of saved passwords.
Heimadal Security
JANUARY 4, 2023
Members of the security community are at risk. A new phishing campaign is taking advantage of the community’s growing interest in Flipper Zero to steal both their personal data and cryptocurrencies. The tool gives pen-testers and hacking enthusiasts, and researchers the ability to tinker with a wide range of hardware. Portable and multi-functional, Flipper Zero […].
CSO Magazine
JANUARY 4, 2023
The number of attacks targeting the government sector increased by 95% worldwide in the second half of 2022 compared to the same period in 2021, according to a new report by AI-based cybersecurity company CloudSek. The increase in attacks can be attributed to rapid digitization and the shift to remote work during the pandemic, which broadened the attack surface of government entities and paved the way for an increase in cyberwarfare waged by nation-state actors, according to the report.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Security Boulevard
JANUARY 4, 2023
Extended Detection and Response (XDR) is a detection and response cybersecurity tool that consolidates solutions and unifies data to offer extended protection beyond predecessor technologies like endpoint detection and response (EDR), which focus exclusively on endpoints. The post What is XDR (Extended Detection and Response)? appeared first on Security Boulevard.
Heimadal Security
JANUARY 4, 2023
Threat actors use data stolen from Columbian bank customers as lures in email phishing attacks. Cyber researchers warn that the campaign aims infecting endpoints with BitRAT remote access trojan. On the bright side, according to researchers, none of the sensitive data exfiltrated from the bank seems to have been spilled on the dark web or […].
CSO Magazine
JANUARY 4, 2023
In a case that highlights how attackers can leverage information from data breaches to enhance their attacks, a group of attackers is using customer information stolen from a Colombian bank in phishing attacks with malicious documents, researchers report. The group, which might have been responsible for the data breach in the first place, is distributing an off-the-shelf Trojan program called BitRAT that has been sold on the underground market since February 2021.
Security Boulevard
JANUARY 4, 2023
There’s no shortage of zero-trust hype in the cybersecurity realm. Analyst firms, vendors and security leaders alike are touting it as an effective solution to help bolster cybersecurity defenses at a time when attackers are continuing to wreak havoc in business. Though I typically caution enterprises to tread carefully when new buzzwords emerge, in the.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Webroot
JANUARY 4, 2023
The welcoming of a new year also welcomes the return of one of the most overused sayings in our shared lexicon: “New Year, New Me!” While there are countless overused resolutions like starting a workout regimen, the new year does provide an opportunity for additional self-improvement that most people never consider – bolstering cybersecurity protections.
Security Boulevard
JANUARY 4, 2023
Find out how an enterprise password manager works and the benefits they have to protect your company from SaaS security risks, threats, and attacks. The post Benefits of Using an Enterprise Password Manager for SaaS appeared first on Security Boulevard.
The Hacker News
JANUARY 4, 2023
Qualcomm on Tuesday released patches to address multiple security flaws in its chipsets, some of which could be exploited to cause information disclosure and memory corruption. The five vulnerabilities -- tracked from CVE-2022-40516 through CVE-2022-40520 -- also impact Lenovo ThinkPad X13s laptops, prompting the Chinese PC maker to issue BIOS updates to plug the security holes.
Security Boulevard
JANUARY 4, 2023
Organizations considering digital transformation must consider cybersecurity best practices, including phishing-resistant MFA features, to reinforce their cybersecurity posture. Phishing is one of the most common cybersecurity threats that cause brands to lose millions of dollars yearly and cause damage to business’ reputations. Regular cybersecurity awareness training and leveraging multifactor authentication (MFA) mechanisms could mitigate the.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
CSO Magazine
JANUARY 4, 2023
By now, many small and mid-sized organizations have transitioned to the cloud and are running hybrid environments. Not surprisingly, as the adoption of cloud technology grows, it has also become a more attractive target for cybercriminals. To better understand the reality of cloud security for small-to-medium-sized businesses (SMBs), Sophos recently commissioned a survey of 4,984 IT professionals in SMBs across 31 countries whose organizations use Infrastructure as a Service (IaaS).
Security Boulevard
JANUARY 4, 2023
The DFARS 252.204-7012 clause (aka DFARS 7012) was created in response to alarming increases in cyberthreats aimed at contractors in our nation’s Defense Industrial Base (the DIB). It went into effect at the end of 2017. The clause —entitled Safeguarding Covered Defense Information and Cyber Incident Reporting—stipulates cybersecurity requirements that contractors must meet to safeguard […].
Bleeping Computer
JANUARY 4, 2023
Hackers are abusing the Windows Problem Reporting (WerFault.exe) error reporting tool for Windows to load malware into a compromised system's memory using a DLL sideloading technique. [.].
Security Boulevard
JANUARY 4, 2023
Introduction If you’ve ever engaged in the age-old sport of “people watching” you’ll know that almost everyone has unique behaviors. From the barista behind your local coffee bar that pulls on his beard when he is bored, to the girl sitting at one of the tables that likes to punctuate her sentences with “eh,” to […]. The post Why Behaviors Matter in Threat Hunting appeared first on Cyborg Security.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Bleeping Computer
JANUARY 4, 2023
Security analysts disclosed severe API security flaws impacting numerous car makers, enabling them to access vehicle owner information, take over accounts, access internal systems, modify records, and track their position. [.].
Security Boulevard
JANUARY 4, 2023
Supply chain attacks are surging — and no one is immune. That has CISOs and boards worried. Learn from these notable 2022 software supply chain attacks. . The post 10 software supply chain attacks you can learn from appeared first on Security Boulevard.
The Hacker News
JANUARY 4, 2023
The Irish Data Protection Commission (DPC) has fined Meta Platforms €390 million (roughly $414 million) over its handling of user data for serving personalized ads in what could be a major blow to its ad-fueled business model. To that end, the privacy regulator has ordered Meta Ireland to pay two fines – a €210 million ($222.5 million) fine over violations of the E.U.
SecureBlitz
JANUARY 4, 2023
Here are 6 important skills for becoming an accountant. Becoming a successful accountant doesn’t just happen. From learning about the minute things like tally prime shortcut keys to the big things like knowledge about business you need to consistently improve. Accounting is a career for the notoriously organized, detail oriented and hard working people out […].
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
361 
Let's personalize your content