Schneier on Security

NOVEMBER 12, 2020

Apple will start requiring standardized privacy labels for apps in its app store, starting in December: Apple allows data disclosure to be optional if all of the following conditions apply: if it’s not used for tracking, advertising or marketing; if it’s not shared with a data broker; if collection is infrequent, unrelated to the app’s primary function, and optional; and if the user chooses to provide the data in conjunction with clear disclosure, the user’s name or accou

Advertising 310

Advertising Marketing Accountability Software 310

Tech Republic Security

NOVEMBER 12, 2020

Launching more sophisticated botnets, malware, and other threats, cybercriminals are getting more ruthless, says Nuspire.

Malware 206

Malware 206

CompTIA on Cybersecurity

NOVEMBER 12, 2020

CompTIA Security+ got a big upgrade to reflect the changes in cybersecurity. If you're pursuing a career in cybersecurity, we have answers to some of the biggest questions about the new CompTIA Security+.

Cybersecurity 137

Cybersecurity 137

Tech Republic Security

NOVEMBER 12, 2020

The report also illustrates a shift in the way workers perceive IT. Half of the respondent employees said they "had more empathy, had more respect or were more grateful for IT.

Risk 155

Risk 155

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Affairs

NOVEMBER 12, 2020

Cybersecurity researchers spotted a new modular PoS malware, dubbed ModPipe, that targets PoS restaurant management software from Oracle. ESET researchers discovered a new modular backdoor, dubbed ModPipe, that was designed to target PoS systems running ORACLE MICROS Restaurant Enterprise Series (RES) 3700 , which is a management suite widely used in restaurant and hospitality sectors.

Malware 131

Malware Architecture Passwords Engineering 131

Tech Republic Security

NOVEMBER 12, 2020

If you've ever been tempted to change your Google account password, but weren't sure how, don't let that confusion stop you. Jack Wallen walks you through the process.

Passwords 150

Passwords Accountability 150

Tech Republic Security

NOVEMBER 12, 2020

The victims reside in the US and several other countries, while many of the targeted organizations are financial institutions, says BlackBerry.

149

149

Security Affairs

NOVEMBER 12, 2020

The popular children’s online playground Animal Jam has suffered a data breach that affected more than 46 million accounts. Animal Jam is a safe, award-winning online playground for kids created by WildWorks. Kids aging 7 through 11 can play games, personalize their favorite animal, learn fun facts, and so much more. Animal Jam currently has over 130 million registered players and 3.3 million monthly active users.

Data breaches 121

Data breaches Accountability Passwords Encryption 121

Threatpost

NOVEMBER 12, 2020

Animal Jam, just the latest in a string of attacks on gaming apps, has adopted a transparent communications strategy after stolen data turned up on a criminal forum.

Hacking 124

Hacking Data breaches Passwords Phishing 124

Security Affairs

NOVEMBER 12, 2020

Google has released Chrome version 86.0.4240.198 that addresses two additional zero-day vulnerabilities that were exploited in the wild. Google has addressed two zero-day vulnerabilities, actively exploited in the wild, with the release of Chrome version 86.0.4240.198. The IT giant has fixed a total of five Chrome zero-day vulnerabilities in only three weeks.

Hacking 121

Hacking Information Security Malware 121

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

SecureWorld News

NOVEMBER 12, 2020

Sometimes when you are down in the cyber attack trees defending your organization, it can be tough to see the cyber threat forest. Understanding how things are shifting in the forest, or overall threat landscape, can help us categorize, strategize, and prioritize our resources. And now we have brand new research coming from the EU which unpacks the top cyber threats as they stand now.

Cyber threats 105

Cyber threats Insurance Cyber Insurance Ransomware 105

Security Affairs

NOVEMBER 12, 2020

A Swedish administrative court has suspended the ban on Huawei equipment from the national 5G network. A Swedish administrative court ins Stockholm has suspended the decision to ban Huawei equipment from the country’s 5G network. In October, Sweden announced the ban of Chinese tech companies Huawei and ZTE from building its 5G network infrastructure.

Wireless 113

Wireless Internet Internet Manufacturing 113

CompTIA on Cybersecurity

NOVEMBER 12, 2020

As MSPs increasingly become the focus of hackers and ransomware attacks, some are finding that even being associated as an MSP doesn’t carry the same cachet it once did. So they're forging new identities.

Ransomware 102

Ransomware Hacking 102

Dark Reading

NOVEMBER 12, 2020

Crypto-ransomware groups are increasingly adopting malware and tools that can probe and attack operational technology, such as industrial control systems, according to an assessment of current threats.

Manufacturing 131

Manufacturing Ransomware Technology Malware 131

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Threatpost

NOVEMBER 12, 2020

Browser users are once again being asked to patch severe vulnerabilities that can lead to remote code execution.

119

119

Dark Reading

NOVEMBER 12, 2020

Researchers from Check Point say an Iranian-based threat actor has successfully attacked multiple Israeli companies could soon go global.

Ransomware 110

Ransomware 110

Threatpost

NOVEMBER 12, 2020

Lesley Carhart, with Dragos, gives Threatpost a behind-the-scenes look at how industrial companies are faring during the COVID-19 pandemic - and how they can prepare for future threats.

Manufacturing 84

Manufacturing Technology Malware 84

Dark Reading

NOVEMBER 12, 2020

With 5G IoT devices projected to hit 49 million units by 2023, researchers launch programs to keep IoT from becoming a blackhole of exfiltration.

IoT 101

IoT 101

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Threatpost

NOVEMBER 12, 2020

Security problems in Schneider Electric programmable logic controllers allow compromise of the hardware, responsible for physical plant operations.

Firmware 87

Firmware Technology 87

Dark Reading

NOVEMBER 12, 2020

The group of APT mercenaries uses bespoke malware and strong operation security to target a range of organizations, located primarily in Southeast Asia.

Hacking 91

Hacking Malware 91

Threatpost

NOVEMBER 12, 2020

Hacker forums are a rich source of threat intelligence.

InfoSec 115

InfoSec Malware Hacking 115

Dark Reading

NOVEMBER 12, 2020

It's never been easier for employees to download company data and take it with them to their next gig.

Risk 100

Risk 100

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Threatpost

NOVEMBER 12, 2020

The modular malware is highly sophisticated but may not be able to capture credit-card info.

Software 88

Software Malware 88

Dark Reading

NOVEMBER 12, 2020

Recent efforts to take down the virulent botnet have been largely -- but not entirely -- successful.

98

98

McAfee

NOVEMBER 12, 2020

Corporate boards have many dimensions of responsibility. Cybersecurity can be one of the most nuanced and important areas of focus for a board, but not all board members are well versed in why and what they need to care about related to cybersecurity. Cybersecurity is a board level topic for three main reasons: Cybersecurity breaches are a serious matter for any company.

Cybersecurity 61

Cybersecurity Government Risk Penetration Testing 61

WIRED Threat Level

NOVEMBER 12, 2020

The defendant tried—and failed—to use bitcoin to cover his tracks.

Engineering 97

Engineering 97

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Dark Reading

NOVEMBER 12, 2020

There were 1.3 billion attacks in the third quarter alone, according to new analysis from Arkose Labs.

79

79

SecureWorld News

NOVEMBER 12, 2020

The Vatican Apostolic Library is home to more than 80,000 irreplaceable documents, as well as the oldest copy of the Bible in the world. To preserve and protect their artifacts, which include drawings and writings from the likes of Michelangelo and Galileo, the library is making the transition to digitize anything of importance. This move began in 2012 and is still an ongoing process.

Digital transformation 52

Digital transformation Cyber threats Education Internet 52

Spinone

NOVEMBER 12, 2020

What is social engineering? Social engineering is a manipulative technique used by criminals to elicit specific actions in their victims. These actions usually include revealing sensitive data or giving access to protected systems. Social engineering is seldom a stand-alone operation. It is usually a step in various fraud schemes. This technique is especially efficient in cyberattacks.

Social Engineering 52

Social Engineering Engineering Phishing Banking 52

Digital Shadows

NOVEMBER 12, 2020

If you keep a pulse on the technology sector or have take note of billboard ads in any urban area. The post To Code or Not to Code? Cybercriminals and the world of programming first appeared on Digital Shadows.

Technology 52

Technology Cybercrime 52

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.