Schneier on Security
MARCH 19, 2021
Vice is reporting on a cell phone vulnerability caused by commercial SMS services. One of the things these services permit is text message forwarding. It turns out that with a little bit of anonymous money — in this case, $16 off an anonymous prepaid credit card — and a few lies, you can forward the text messages from any phone to any other phone.
Anton on Security
MARCH 19, 2021
For a reason that shall remain nameless, I’ve run this quick poll focused on the use cases for threat intelligence in 2021. The question and the results are below. Antons Threat Intel Poll 2021 Here are some thoughts and learnings based on the poll and the discussion , as well as other things. While running this poll my fear was that the detection use case will win.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
MARCH 19, 2021
Find out why cloud computing is leading IT security pros to reevaluate their in-house cybersecurity practices as well as resources provided by managed service providers.
Security Boulevard
MARCH 19, 2021
If 2020 has taught us anything, it’s that anything can happen. Honestly, how many of us had, “I will do my best to avoid a global pandemic,” as a New Year’s resolution for 2020? That said, the chances that 2021 will be even more unpredictable are slim. So, we might as well indulge in setting. The post 3 Cybersecurity Goals for CISOs appeared first on Security Boulevard.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Tech Republic Security
MARCH 19, 2021
The FBI received more than 19,000 complaints of business email compromises last year, costing victims around $1.8 billion.
Hot for Security
MARCH 19, 2021
The hacker who claimed responsibility for breaching the live video streams of 150,000 CCTV cameras at police departments, hospitals, and well-known businesses has been charged by the US Department of Justice with hacking more than 100 companies. Read more in my article on the Hot for Security blog.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Boulevard
MARCH 19, 2021
When we hear the words “cybercrime” or “cyber attack” we usually think of financial gains and personally identifiable information. Today, cyber threats are no longer just an inconvenience, but a matter of life and death. In episode five of CISO Talk, Miranda Ritchie of IBM joins Mat Newfield and Mitch Ashley to discuss healthcare and.
Bleeping Computer
MARCH 19, 2021
Cybersecurity firm NCC Group said on Thursday that it detected successful in the wild exploitation of a recently patched critical vulnerability in F5 BIG-IP and BIG-IQ networking devices. [.].
We Live Security
MARCH 19, 2021
Follow these easy steps to prevent your Twitter account from being hacked and to remain safe while tweeting. The post 7 steps to staying safe and secure on Twitter appeared first on WeLiveSecurity.
Bleeping Computer
MARCH 19, 2021
The REvil ransomware operation has added a new ability to encrypt files in Windows Safe Mode, likely to evade detection by security software and for greater success when encrypting files. [.].
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Security Affairs
MARCH 19, 2021
The Russian national who attempted to convince a Tesla employee to plant malware on Tesla systems has pleaded guilty. The U.S. Justice Department announced on Thursday that the Russian national Egor Igorevich Kriuchkov (27), who attempted to convince a Tesla employee to install malware on the company’s computers, has pleaded guilty. “A Russian national pleaded guilty in federal court today for conspiring to travel to the United States to recruit an employee of a Nevada company into a schem
Bleeping Computer
MARCH 19, 2021
Microsoft Defender Antivirus will now protect unpatched on-premises Exchange servers from ongoing attacks by automatically mitigating the actively exploited CVE-2021-26855 vulnerability. [.].
Security Affairs
MARCH 19, 2021
Experts found vulnerabilities in two WordPress plugins that could be exploited to run arbitrary code and potentially take over a website. Security researchers disclosed vulnerabilities in Elementor and WP Super Cache WordPress plugins that could be exploited to run arbitrary code and take over a website under certain circumstances. The flaws were uncovered in the Elementor and WP Super Cache plugin, the former is a website builder plugin with over seven million installs while the latter has ov
The Hacker News
MARCH 19, 2021
A newly discovered glitch in Zoom's screen sharing feature can accidentally leak sensitive information to other attendees in a call, according to the latest findings. Tracked as CVE-2021-28133, the unpatched security vulnerability makes it possible to reveal contents of applications that are not shared, but only briefly, thereby making it harder to exploit it in the wild.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
We Live Security
MARCH 19, 2021
When a breach captures a part of us that is unchangeable, does it mean that we have allowed technology to pry too deeply into our lives? The post Trust your surveillance? Why hacked cameras are very bad appeared first on WeLiveSecurity.
The Hacker News
MARCH 19, 2021
Cybersecurity researchers on Thursday disclosed a new attack wherein threat actors are leveraging Xcode as an attack vector to compromise Apple platform developers with a backdoor, adding to a growing trend that involves targeting developers and researchers with malicious attacks.
Hot for Security
MARCH 19, 2021
The share button is not as innocent as it seems. You might be animated by the best intentions when you click it and we don’t want to ruin it for you. On the contrary, we want to add one more: sharing is caring for your data, too. Fact: A data haul of more than 40 million records belonging to ShareThis users was put up for sale on a dark web marketplace in February 2019.
Bleeping Computer
MARCH 19, 2021
Facebook services are currently experiencing issues around the world, with users unable to access Facebook, Messenger, WhatsApp, and Instagram. [.].
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Security Boulevard
MARCH 19, 2021
Here’s a new way of sending powerful denial of service traffic: misusing servers that talk Datagram Transport Layer Security (D/TLS). The post Dirt Cheap DDoS for Hire, via D/TLS Amplification appeared first on Security Boulevard.
Bleeping Computer
MARCH 19, 2021
The REvil ransomware operation claims to have stolen unencrypted data after hacking electronics and computer giant Acer. [.].
Threatpost
MARCH 19, 2021
Researchers are reporting mass scanning for – and in-the-wild exploitation of – a critical-severity flaw in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure.
Bleeping Computer
MARCH 19, 2021
The Federal Bureau of Investigation (FBI) is warning US private sector companies about an increase in business email compromise (BEC) attacks targeting state, local, tribal, and territorial (SLTT) government entities. [.].
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Security Boulevard
MARCH 19, 2021
Language. English. Tags: . <a href='/blog?tag=Inbound Threats'>Inbound Threats</a> <a href='/blog?tag=File Transfers'>File Transfers</a> <a href='/blog?tag=Email Security'>Email Security</a> Depending on where you are in the world, it is now approximately one year since the COVID-19 pandemic meant that many employees had to start working from home suddenly.
Threatpost
MARCH 19, 2021
A previously undocumented password and cookie stealer has been compromising accounts of big guns like Facebook, Apple, Amazon and Google since 2019 and then using them for cybercriminal activity.
The Hacker News
MARCH 19, 2021
The U.S. Department of Justice yesterday announced updates on two separate cases involving cyberattacks—a Swiss hacktivist and a Russian hacker who planned to plant malware in the Tesla company. A Swiss hacker who was involved in the intrusion of cloud-based surveillance firm Verkada and exposed camera footage from its customers was charged by the U.S.
SC Magazine
MARCH 19, 2021
Researchers disrupted a newly documented Chinese-based malware called CopperStealer that, since significant countermeasures started in late January, infected up to 5,000 individual hosts per day, stealing credentials of users on major platforms including Facebook, Instagram, Apple, Amazon, Bing, Google, PayPal, Tumblr and Twitter. Sherrod DeGrippo, senior director of threat research at Proofpoint, said they were first notified of the CopperStealer malware by Twitter user TheAnalyst.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Security Boulevard
MARCH 19, 2021
“I always feel like somebody’s watching me… Tell me is it just a dream?” It may have been a dream in 1984 when “Somebody’s Watching Me” topped the charts, but today it’s real life: somebody. The post Different IoT Breach, Same (In)Security Story, Broader Consequences appeared first on Security Boulevard.
Bleeping Computer
MARCH 19, 2021
Russian national Egor Igorevich Kriuchkov has pleaded guilty to recruiting a Tesla employee to plant malware designed to steal data within the network of Tesla's Nevada Gigafactory. [.].
Tech Republic Security
MARCH 19, 2021
In these 18 online training courses on ethical hacking, cybersecurity pros will teach you about creating projects with Python, bug bounty hunting, Kali Linux hacker tools and much more.
Bleeping Computer
MARCH 19, 2021
The REvil ransomware operation claims to have stolen unencrypted data after hacking electronics and computer giant Acer. [.].
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
293 
Let's personalize your content