Schneier on Security
JANUARY 15, 2021
For a limited time, I am selling signed copies of Click Here to Kill Everybody in hardcover for just $6, plus shipping. Note that I have had occasional problems with international shipping. The book just disappears somewhere in the process. At this price, international orders are at the buyer’s risk. Also, the USPS keeps reminding us that shipping — both US and international — may be delayed during the pandemic.
Tech Republic Security
JANUARY 15, 2021
Review your recent Gmail access, browser sign-in history, and Google account activity to make sure no one other than you has used your account.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Adam Shostack
JANUARY 15, 2021
Rupin Gupta runs Digital Guru books. He’s one of the nicest people you’ll ever meet, a real joy to work with, and he works hard to put books on shelves so that you can discover them. With the conference business changing, Digital Guru needs some help. Borrowing some words from my editor Jim Minatel: “If you’ve ever bought a book at a technical conference bookstore – RSA, dozens of Microsoft events, and so on – chances are you’ve bought it from the Digita
Tech Republic Security
JANUARY 15, 2021
Virtual workforces face escalated threats due to their remote access from various networks. Learn how security information and event management tools can help in the battle.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
CSO Magazine
JANUARY 15, 2021
Sizable fines assessed for data breaches since 2019 suggest that regulators are getting more serious about organizations that don’t properly protect consumer data. Marriott was hit with a $124 million fine, later reduced, while Equifax agreed to pay a minimum of $575 million for its 2017 breach. This comes after an active 2018. Uber’s poor handling of its 2016 breach cost it close to $150 million.
Tech Republic Security
JANUARY 15, 2021
Find out what your company could risk by not getting cybersecurity audits.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
CSO Magazine
JANUARY 15, 2021
Looking for a qualified candidate or new job? CSO's security recruiter directory is your one-stop shop. The recruiters listed below can help you find your next Chief Security Officer (CSO), Chief Information Security Officer (CISO), or VP of Security and fill hard-to-hire positions in risk management, security operations, security engineering, compliance, application security, penetration testers, and computer forensics, among many others.
WIRED Threat Level
JANUARY 15, 2021
A sprawling tactical industry is teaching American civilians how to fight like Special Ops forces. By preparing for violence at home, are they calling it into being?
Threatpost
JANUARY 15, 2021
Starting Feb. 9, Microsoft will enable Domain Controller “enforcement mode” by default to address CVE-2020-1472.
CSO Magazine
JANUARY 15, 2021
Driverless vehicles could save energy, limit car accidents and improve transport infrastructure. They could, eventually, save us the time we’d typically spend concentrating at the wheel. But with great autonomy, comes great cyber-risk. Autonomous cars are like big computers on wheels. They have many applications – from sensors to music streaming – collecting, analyzing and transferring data at a rapid rate.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
WIRED Threat Level
JANUARY 15, 2021
Google researchers say the campaign, which booby-trapped sites to ensnare targets, was carried out by a “highly sophisticated actor.”.
Identity IQ
JANUARY 15, 2021
As the COVID-19 vaccine continues to become available to more people, be aware of potential scams related to the vaccine. It’s important to stay vigilant to certain warning signs that can help you avoid being scammed. Two vaccines to prevent coronavirus infections have now been granted authorization for emergency use. Every day thousands of more people are becoming vaccinated.
Threatpost
JANUARY 15, 2021
The tech giant removes 164 more offending Android apps after banning software showing this type of behavior from the store last year.
CSO Magazine
JANUARY 15, 2021
To prevent security breaches and data loss, organizations have directed a lot of time, effort, and capital spend toward security initiatives. Even the most advanced “next generation” application layer firewalls filtering malicious traffic at the network perimeter have only revealed equal if not greater threats within. To help counter this internal threat, organizations have invested heavily in internal monitoring and other advanced security controls that inspect traffic at all layers of the OSI
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Security Affairs
JANUARY 15, 2021
The researcher John Page launched malvuln.com, the first website exclusively dedicated to the research of security flaws in malware codes. The security expert John Page (aka hyp3rlinx ) launched malvuln.com, the first platform exclusively dedicated to the research of security flaws in malware codes. The news was first announced by SecurityWeek, the researcher explained that Malvuln is the first website dedicated to research and analysis of vulnerabilities in malware samples. “malvuln.com
We Live Security
JANUARY 15, 2021
Nobody said parenting was easy, but in the digital age it comes with a whole slew of new challenges. How do parents view the role of parental monitoring in children's online safety? The post What’s your attitude to parental controls? appeared first on WeLiveSecurity.
Threatpost
JANUARY 15, 2021
Security researchers lambasted the controversial macOS Big Sur feature for exposing users' sensitive data.
CompTIA on Cybersecurity
JANUARY 15, 2021
Are you considering getting into IT during the COVID-19 pandemic? Don’t hold back. IT is one of the safest careers you can choose at this time.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
SecureWorld News
JANUARY 15, 2021
President-elect Joe Biden recently announced a comprehensive "American Rescue Plan" that will "change the course of the pandemic, build a bridge towards economic recovery, and invest in racial justice.". The bulk of the nearly $2 trillion plan includes a national vaccination program, emergency relief to families, and supporting communities hit hardest by the pandemic.
Dark Reading
JANUARY 15, 2021
As employees moved to working from home and on mobile devices, attackers followed them and focused on weekend attacks, a security firm says.
Threatpost
JANUARY 15, 2021
Expert panel awards dubious honors to 2021 Consumer Electronics Show’s biggest flops, including security and privacy failures.
Dark Reading
JANUARY 15, 2021
Faculty and students at the William E. Doar School for the Performing Arts in Washington, D.C. created "Cyberspace," a rap song about online safety as part of the NSA's national STOP. THINK. CONNECT. campaign back in 2012. Wonder how many went into security.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Security Affairs
JANUARY 15, 2021
Cisco announced it will no longer release firmware updates to fix 74 vulnerabilities affecting its RV routers, which reached end-of-life (EOL). Cisco will no longer release firmware updates to address 74 vulnerabilities affecting some of its RV routers that reached end-of-life (EOL). The vendor will not release updates for RV110W, RV130, RV130W, and RV215W devices the reached EOL in 2017 and 2018, but Cisco provided paid support until December 1, 2020.
Dark Reading
JANUARY 15, 2021
Organizations must fully understand the regulatory guidance on collaboration security and privacy so they can continue to implement and expand their use of tools such as Zoom and Teams.
Security Affairs
JANUARY 15, 2021
A Chinese Threat actor targeted organizations in Russia and Hong Kong with a previously undocumented backdoor, experts warn. Cybersecurity researchers from Positive Technologies have uncovered a series of attacks conducted by a Chinese threat actor that aimed at organizations in Russia and Hong Kong. Experts attribute the attacks to the China-linked Winnti APT group (aka APT41 ) and reported that the attackers used a previously undocumented backdoor in the attacks.
Dark Reading
JANUARY 15, 2021
Joyce has long worked in US cybersecurity leadership, most recently serving as the NSA's top representative in the UK.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
We Live Security
JANUARY 15, 2021
ESET research dissects targeted malware attacks in Colombia – What parents hope to get out of parental controls – Privacy risks of new mesh Wi-Fi routers. The post Week in security with Tony Anscombe appeared first on WeLiveSecurity.
SecureWorld News
JANUARY 15, 2021
Ransomware continues to be a top priority for security professionals around the world. In 2020, ransomware was used to target all different types of organizations, including a voter database in Georgia , toy maker company Mattel , K-12 school districts , and many more. But its 2021 now. We are all trying to put the nightmare that was 2020 behind us.
GlobalSign
JANUARY 15, 2021
In Covid-19 news, CheckPoint says cybercriminals on the dark web have been advertising available Coronavirus vaccines at $1,000 a pop in bitcoin. Keep reading for more of this week's biggest cybersecurity headlines.
ForAllSecure
JANUARY 15, 2021
After breaches like SolarWinds, companies pledge to improve their digital hygiene. What if they don’t? And what parallels might infosec learn from COVID-19? In this episode, Mike Ahmadi draws on his years of experience in infosec, his years hacking medical devices. Mike notes how some basic rules of physical hygiene that can slow the spread of COVID-19 can also map into the digital world.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
190 
Let's personalize your content