Daniel Miessler
AUGUST 7, 2022
A number of security people have come out against Amazon buying One Medical. It’s to be expected, as most security people are rightly worried about big corporations getting a hold of more personal data. And the timing couldn’t have been worse, with the story about Amazon sharing Ring footage with police only a few weeks old. "Why is @Amazon acquiring @OneMedical bad news?
Lohrman on Security
AUGUST 7, 2022
What does it mean to be prepared for technology and business disruptions in the 2020s? How can your organization recover fast?
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The State of Security
AUGUST 7, 2022
Life among America’s nearly 32 million small businesses has never been easy. According to the Small Business Administration, about 20% of small business startups fail in their first year and half succumb to failure within five years. Bigger businesses have always had more capital, better access to loans, and more staying power. Lately, survival has […]… Read More.
Security Affairs
AUGUST 7, 2022
A massive cyberattack hit the website of the German Chambers of Industry and Commerce (DIHK) this week. A massive attack hit the website of the German Chambers of Industry and Commerce (DIHK) forcing the organization to shut down its IT systems as a precautionary measure for security reasons. Aktuell wird intensiv an Lösung und Abwehr gearbeitet. Wir informieren Sie hier, welche Anwendungen wieder funktionsfähig sind: [link] #IHK #DIHK pic.twitter.com/5OHMOLH7Mz — DIHK (@DIHK_News) August
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Appknox
AUGUST 7, 2022
Penetration Testing has become indispensable to most companies' secure software development lifecycle. Unfortunately, because of widespread misconceptions, several businesses still don't understand the true potential of pen testing and refrain from using it to ensure mobile app security. However, this article will clear those myths and help you with a reality check on penetration testing for mobile applications.
Bleeping Computer
AUGUST 7, 2022
A new social engineering campaign by the notorious North Korean Lazarus hacking group has been discovered, with the hackers impersonating Coinbase to target employees in the fintech industry. [.].
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
CyberSecurity Insiders
AUGUST 7, 2022
Research carried out by Reversing Labs suggests that a new ransomware is invading government related Linux Systems in South Korea and the malware is mainly targeting industries and pharmaceutical companies. Cybersecurity researchers from Reversing Labs suggest the ransomware name is GwisinLocker and is probably being developed and distributed by a state funded group of North Korea.
Bleeping Computer
AUGUST 7, 2022
Attackers abused open redirects on the websites of Snapchat and American Express in a series of phishing attacks to steal Microsoft 365 credentials. [.].
CyberSecurity Insiders
AUGUST 7, 2022
A sophisticated cyber attack has reportedly disrupted the services of NHS UK’s telephone based medical service 111 number severely delaying response to medical emergencies. The downtime was caused because of a software glitch on the servers of Advanced, a privately owned software company that supplies technical services to the medical hotline service.
Security Affairs
AUGUST 7, 2022
Researchers spotted a new family of ransomware, named GwisinLocker, that encrypts Windows and Linux ESXi servers. Researchers warn of a new ransomware called GwisinLocker which is able to encrypt Windows and Linux ESXi servers. The ransomware targets South Korean healthcare, industrial, and pharmaceutical companies, its name comes from the name of the author ‘Gwisin’ (ghost in Korean).
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Malwarebytes
AUGUST 7, 2022
Cisco has released a security advisory about several vulnerabilities in the Cisco Small Business RV series routers, covering the RV160, RV260, RV340, and RV345. There are no workarounds available that address these vulnerabilities, so you need to patch. Vulnerabilities. The vulnerabilities are dependent on one another—exploitation of one of the vulnerabilities may be required to exploit another vulnerability.
Security Affairs
AUGUST 7, 2022
Microsoft is actively blocking Tutanota email addresses from registering a Microsoft Teams account. Tutanota is an end-to-end encrypted email app and a freemium secure email service, as of March 2017, Tutanota’s owners claimed to have over 2 million users. The news is that Microsoft is actively blocking Tutanota email addresses from registering a Microsoft Teams account. “Politicians on both sides of the Atlantic are discussing stronger antitrust legislation to regulate Big Tech R
Malwarebytes
AUGUST 7, 2022
Gas and electricity price concerns are rife at the moment, with spiralling costs and bigger increases waiting down the line. Sadly this makes the subject valuable material for fraudsters, playing into people’s fears with a dash of social engineering to make them worse off than they were previously. Warnings abound of several energy / cost of living-themed scams doing the rounds.
Security Affairs
AUGUST 7, 2022
Threat actors abuse open redirects on Snapchat and American Express to launch phishing attacks against Microsoft 365 users. Attackers abused open redirects on the websites of Snapchat and American Express as part of a phishing campaign targeting Microsoft 365 users. The term Open URL redirection, open redirects, refers to a security issue that makes it easier for attackers to direct users to malicious resources under the control of the attackers.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Security Boulevard
AUGUST 7, 2022
What does it mean to be prepared for technology and business disruptions in the 2020s? How can your organization recover fast? The post Is Your Government Organization Cyber Resilient? appeared first on Security Boulevard.
Notice Bored
AUGUST 7, 2022
when threat exploits vulnerability causing impact. tough to measure, express and control. the product of probability and impact. the gap between theory and practice. the root of pessimism and optimism. the once-in-a-hundred-years event. needing seatbelt s and airbags. a hair's breadth from disaster. the possibility of exploitation. mitigated but not eliminated. a factor to be borne in mind. inevitable in the Real World. what keeps us up at night. not going entirely to plan. outcome =/= predictio
Security Boulevard
AUGUST 7, 2022
Security Risk by Accepting Policy Exceptions. When an exception to the rule becomes a security breach. I was profoundly shocked after reading the cybersecurity act of 2021. The action called for a 120-day study by the CISA on the various attack vectors impacting the K-12 school districts. Additional mandates include recommendations to deal with malware and ransomware.
Malwarebytes
AUGUST 7, 2022
Last week on Malwarebytes Labs: Have we lost the fight for data privacy? Lock and Code S03E16. Wrestling star Mick Foley’s Twitter compromised, selling PS5 consoles. Millions of Arris routers are vulnerable to path traversal attacks. When a sextortion victim fights back. How to protect yourself and your kids against device theft. For months, JusTalk messages were accessible to everyone on the Internet.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Security Boulevard
AUGUST 7, 2022
Threat Synopsis – Red Team Tools Over the years Threat Actors have steadily adopted the use of red team tools (sometimes referred to as offensive security tools), most notably Cobalt Strike. These tools have tremendous power, utility and are steadily updated with new capabilities and techniques to evade detection or perform actions in a compromised […].
WIRED Threat Level
AUGUST 7, 2022
Whether you want to turn off link previews or block unwanted FaceTime calls, here's what you need to know.
Security Boulevard
AUGUST 7, 2022
via the comic artistry and dry wit of Randall Munroe , resident at XKCD ! Permalink. The post XKCD ‘Asking Scientists Questions’ appeared first on Security Boulevard.
Trend Micro
AUGUST 7, 2022
With geopolitical tensions running high, oil and gas companies may be more susceptible to cyberattacks.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Security Boulevard
AUGUST 7, 2022
Richard Moore, Chief of MI6, UK Secret Intelligence Service. Moderator: Jim Sciutto, Chief National Security Correspondent, CNN. Our thanks to The Aspen Institute for publishing their cogent conference videos on the organization's YouTube channel. Permalink. The post Aspen Security Forum 2022 – Moderator: Jim Sciutto – Fireside Chat With Richard Moore appeared first on Security Boulevard.
Trend Micro
AUGUST 7, 2022
Understand the cybersecurity risks in the Metaverse.
Security Boulevard
AUGUST 7, 2022
Life among America’s nearly 32 million small businesses has never been easy. According to the Small Business Administration, about 20% of small business startups fail in their first year and half succumb to failure within five years. Bigger businesses have always had more capital, better access to loans, and more staying power. Lately, survival has […]… Read More.
Security Boulevard
AUGUST 7, 2022
Why your phone number is becoming a popular way to identify you, our advise on how to best protect your privacy at hacker summer camp in Las Vegas (BSides, BlackHat, DEF CON), and details on Samsung’s new repair mode which will protect your private data on your smartphone when you take it in for repairs. […]. The post Phone Numbers Used for Identification, Hacker Summer Camp Advice, Samsung Repair Mode appeared first on The Shared Security Show.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Security Boulevard
AUGUST 7, 2022
Kay Bailey Hutchison, Former U.S. Permanent Representative to NATO. Representative Brendan Boyle, Member, House Committee on Ways and Means. Ivo Daalder, Former U.S. Permanent Representative to NATO. Marcin Przydacz, Deputy Foreign Minister, Poland. Moderator: Dafna Linzer, Executive Editor, POLITICO. Our thanks to The Aspen Institute for publishing their cogent conference videos on the organization's YouTube channel.
Expert insights. Personalized for you.
250 
Let's personalize your content