Troy Hunt
OCTOBER 23, 2021
Well this is a totally different office view! I'm properly getting into working more on the acoustics and aesthetics to make this the most productive environment possible which means this week things are in a bit of disarray due to ongoing works. Speaking of disarray, I've not been able to raise this week's sponsor in time so as I say in the video, their appearance on my blog this week is a bit. unusual.
Bleeping Computer
OCTOBER 23, 2021
Hackers hijacked the popular UA-Parser-JS NPM library, with millions of downloads a week, to infect Linux and Windows devices with cryptominers and password-stealing trojans in a supply-chain attack. [.].
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Boulevard
OCTOBER 23, 2021
Human hacking is a modern way to think about phishing in its entirety, which is anything malicious that reaches a user to steal credentials, data, or financial information. By focusing on phishing as an email problem or a spam problem is giving hackers the upper hand. Today, only protecting email and leaving other digital communication […]. The post Human Hacking and Multi-Channel Phishing is Surging first appeared on SlashNext.
Bleeping Computer
OCTOBER 23, 2021
The Federal Trade Commission (FTC) found that six largest internet service providers (ISPs) in the U.S. collect and share customers' personal data without providing them with info on how it's used or meaningful ways to control this process. [.].
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Security Affairs
OCTOBER 23, 2021
The U.S. CISA warned of crypto-mining malware hidden in a popular JavaScript NPM library, named UAParser.js, which has millions of weekly downloads. The U.S. Cybersecurity and Infrastructure Security Agency published an advisory to warn of the discovery of a crypto-mining malware in the popular NPM Package UAParser.js. The popular library has million of weekly downloads. “Versions of a popular NPM package named ua-parser-js was found to contain malicious code.
The Hacker News
OCTOBER 23, 2021
Microsoft on Thursday disclosed an "extensive series of credential phishing campaigns" that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Bleeping Computer
OCTOBER 23, 2021
Hackers are selling a stolen database containing 50 million records of Moscow driver data on an underground forum for only $800. [.].
Dark Reading
OCTOBER 23, 2021
Ransomware attacks continue to grow in number and severity, data shows, but organizations are stepping up to prepare for the threat.
WIRED Threat Level
OCTOBER 23, 2021
Plus: Data theft in Argentina, a Sinclair Broadcast Group hack, and more of the week’s top security news.
The Hacker News
OCTOBER 23, 2021
The Russian-led REvil ransomware gang was felled by an active multi-country law enforcement operation that resulted in its infrastructure being hacked and taken offline for a second time earlier this week, in what's the latest action taken by governments to disrupt the lucrative ecosystem.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Security Boulevard
OCTOBER 23, 2021
Our thanks to DEFCON for publishing their outstanding DEFCON 29 Aerospace Village videos on the organizations’ YouTube channel. Permalink. The post DEF CON 29 Aerospace Village – Pearce Barry’s ‘Collecting CANs: A Bridge Less Travelled’ appeared first on Security Boulevard.
CyberSecurity Insiders
OCTOBER 23, 2021
BOSTON–( BUSINESS WIRE )– Corvus Insurance , the leading provider of smart commercial insurance products powered by AI-driven risk data, today released findings from its inaugural Corvus Risk Insights Index , a compilation of industry trends and data analysis based on the company’s proprietary IT security scanning technology, the Corvus Scan, as well as other first- and third-party data sources.
Security Boulevard
OCTOBER 23, 2021
via the comic artistry and dry wit of Randall Munroe , resident at XKCD ! Permalink. The post XKCD ‘Dark Arts’ appeared first on Security Boulevard.
Spinone
OCTOBER 23, 2021
Third-party applications can greatly extend the functionality and capabilities of your public cloud environments. However, they can also introduce potential security implications as well. This threat makes companies seek application security assessment tools that can eliminate risks while not turning down the advantages of using public SaaS completely.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Security Boulevard
OCTOBER 23, 2021
Our thanks to DEFCON for publishing their outstanding DEFCON 29 Aerospace Village videos on the organizations’ YouTube channel. Permalink. The post DEF CON 29 Aerospace Village – Ronald Brobert’s ‘Fuzzing NASA Core Flight System Software’ appeared first on Security Boulevard.
Spinone
OCTOBER 23, 2021
If you supply or provide services (including consulting) for the Department of Defense, NASA, or other federal or state agencies, you need to meet NIST 800-171 compliance requirements. Even if you don’t need to meet NIST 800-171 Compliance requirements, it’s still a good idea to keep them in mind while building your cyber security strategy. […] The post NIST 800-171 Compliance: What You Need to Know first appeared on SpinOne.
CyberSecurity Insiders
OCTOBER 23, 2021
BOSTON–( BUSINESS WIRE )– Tufin® (NYSE: TUFN), a company pioneering a policy-centric approach to security and IT operations, today announced that it was recognized as “ Policy Management Solution of the Year ” by the fifth annual CyberSecurity Breakthrough Awards. The awards are conducted by CyberSecurity Breakthrough , a leading independent market intelligence organization that recognizes the top companies, technologies, and products in the global information security market today.
Expert insights. Personalized for you.
255 
Let's personalize your content