Krebs on Security
MARCH 15, 2023
Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially severe weakness in Microsoft Outlook that can be exploited without any user interaction. The Outlook vulnerability ( CVE-2023-23397 ) affects all versions of Microsoft Outlook from 2013 to the newest.
Tech Republic Security
MARCH 15, 2023
AI-generated phishing emails, including ones created by ChatGPT, present a potential new threat for security professionals, says Hoxhunt. The post Humans are still better at creating phishing emails than AI — for now appeared first on TechRepublic.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
DoublePulsar
MARCH 15, 2023
Yesterday Microsoft dropped a patch for a vulnerability found by @hexnomad.
Tech Republic Security
MARCH 15, 2023
PURPOSE The purpose of this policy is to provide guidelines for the appropriate disposal of information and the destruction of electronic media, which is defined as any storage device used to hold company information including, but not limited to, hard disks, magnetic tapes, compact discs, audio or videotapes, and removable storage devices such as USB.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
SecureWorld News
MARCH 15, 2023
Alright, how many of you saw a cryptocurrency ad on TV in 2022? Oh, yeah, everyone did. How many of you acted on those ads and actually purchased crypto? Probably some of you. Now the important question: how many of you got scammed in some sort of way by cryptocurrency or another type of investment? According to the U.S. Federal Bureau of Investigations (FBI), the answer is a lot of people did.
Tech Republic Security
MARCH 15, 2023
With backing from major firms, credential security company Beyond Identity has launched the Zero Trust Authentication initiative for organizations to hack-proof user credentials. The post For credentials, these are the new Seven Commandments for zero trust appeared first on TechRepublic.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Tech Republic Security
MARCH 15, 2023
The service is rated at 8/10 stars by The VPN Lab. The post Get 3 years of rock-solid protection with Surfshark VPN for $83.99 appeared first on TechRepublic.
Dark Reading
MARCH 15, 2023
Over the weekend, cybercriminals laid the groundwork for Silicon Valley Bank-related fraud attacks that they're now starting to cash in on. Businesses are the targets and, sometimes, the enablers.
CyberSecurity Insiders
MARCH 15, 2023
Australian firm Latitude Financial Services is hitting news headlines as a cyber attack on its servers has led to the data breach of 225,000 customers. Among the stolen data, a majority of the documents are related to driving licenses, employee login details, and such. The company which has over 2.8 million customer information in its database has launched a forensic investigation on this note and told that it will provide its company services such as issuance of personal credit cards, travel cr
PCI perspectives
MARCH 15, 2023
Following its annual Special Interest Group (SIG) election process, the PCI Security Standards Council has confirmed the winning SIG topic for 2023. The Council’s Participating Organizations voted to select “Scoping and Segmentation for Modern Network Architectures” as the focus for the year ahead.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Heimadal Security
MARCH 15, 2023
Software vendor SAP has released security updates to fix 19 vulnerabilities, five of which rated as critical. The patches released this month impact many products of the SAP suite, but the critical severity vulnerabilities affect SAP NetWeaver and SAP Business Objects Business Intelligence Platform (CMC). What Are the Critical Flaws Patched? CVE-2023-25616: this vulnerability affects […] The post SAP Fixes Five Critical Vulnerabilities With Newly Released Security Update appeared first on
Bleeping Computer
MARCH 15, 2023
Security researchers have shared technical details for exploiting a critical Microsoft Outlook vulnerability for Windows (CVE-2023-23397) that allows hackers to remotely steal hashed passwords by simply receiving an email. [.
Heimadal Security
MARCH 15, 2023
Remote work has become a highly popular and common practice around the world, especially now as companies allow a significant part of their employees to remain remote. However, while this practice increases flexibility, improves productivity, and enhances work-life balance, there’s a downside to it – remote work security risks. In this new remote-working landscape created […] The post Most Common Remote Work Security Risks & Best Practices appeared first on Heimdal Security Blog.
WIRED Threat Level
MARCH 15, 2023
Evgenii Serebriakov now runs the most aggressive hacking team of Russia’s GRU military spy agency. To Western intelligence, he’s a familiar face.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Heimadal Security
MARCH 15, 2023
After breaching the systems of Maximum Industries, the LockBit ransomware group claims to have stolen sensitive information related to SpaceX. Maximum Industries is a full-service, piece-part production, and contract manufacturing facility. The company provides CNC machining, laser cutting and waterjet cutting services for the aerospace, architectural, defense, marine, military, medical and mining industries.
The Hacker News
MARCH 15, 2023
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on March 15 added a security vulnerability impacting Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The critical flaw in question is CVE-2023-26360 (CVSS score: 8.6), which could be exploited by a threat actor to achieve arbitrary code execution.
WIRED Threat Level
MARCH 15, 2023
Russia, North Korea, Iran, and China have been caught using fake profiles to gather information. But the platform’s tools to weed them out only go so far.
Security Affairs
MARCH 15, 2023
Russia-linked APT29 group abused the legitimate information exchange systems used by European countries to target government entities. Russia-linked APT29 (aka SVR group , Cozy Bear , Nobelium , and The Dukes ) was spotted abusing the legitimate information exchange systems used by European countries in attacks aimed at governments. In early March, BlackBerry researchers uncovered a new cyber espionage campaign aimed at EU countries.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Heimadal Security
MARCH 15, 2023
Rubrik, the cybersecurity giant, confirmed a data breach. The incident was caused by a large-scale attack using a zero-day vulnerability in the Fortra GoAnywhere platform. GoAnywhere is a secure data transfer business solution for encrypted files. The announcement comes after the Clop ransomware published a sample of the stolen data. Organizations use Rubrik cloud data […] The post Security Organization Rubrik Affected by the GoAnywhere Zero-day Attacks appeared first on Heimdal Security B
Security Affairs
MARCH 15, 2023
Top aviation company Safran Group left itself vulnerable to cyberattacks, likely for well over a year, underlining how vulnerable big aviation firms are to threat actors, according to research by Cybernews. Original post at [link] The Cybernews research team recently discovered that the French-based multinational aviation company, the eighth largest aerospace supplier worldwide, was leaking sensitive data due to a misconfiguration of its systems.
Security Boulevard
MARCH 15, 2023
With recent events involving Silicon Valley Bank and Signature Bank fresh in our minds, investors and financial institutions both big and small are looking to reduce exposure and risk. The post Turbulence In Banking: Navigating the Cyber Risk appeared first on Security Boulevard.
Security Affairs
MARCH 15, 2023
Data security firm Rubrik discloses a data breach, attackers exploited recent GoAnywhere zero-day to steal its data. Cybersecurity firm Rubrik disclosed a data breach, a ransomware group stolen compeny data by exploiting the recently disclosed zero-day vulnerability in the Fortra GoAnywhere secure file transfer platform. The company was the victim of a large-scale campaign targeting GoAnywhere MFT devices worldwide by exploiting the zero-day vulnerability.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Security Boulevard
MARCH 15, 2023
October is officially cybersecurity awareness month, originally designated back in 2004 by United States President George W. Bush and Congress to raise awareness of the growing cybersecurity threat landscape that affects businesses, the government and individuals. While basic cybersecurity knowledge is commonplace by now, it’s not enough. Cybersecurity Ventures predicts cybercrime to cost the world.
GlobalSign
MARCH 15, 2023
If you haven’t already automated certificate management, now is the time. We explore why in this blog and how ACME can help to do so.
Malwarebytes
MARCH 15, 2023
The Amsterdam court has ruled that Facebook illegally processed user data in a case started by the Dutch Data Privacy Stichting (DPS), a foundation that acts on behalf of victims of privacy violations in the Netherlands. According to the ruling , Facebook used personal data for advertising purposes in the period April 1, 2010, to January 1, 2020, when this was not allowed.
Security Boulevard
MARCH 15, 2023
Microsoft’s March Patch Tuesday provided fixes for a total of 83 vulnerabilities, including two actively exploited zero-days. Here’s what you need to know. What is the situation? Out of the 83 vulnerabilities, nine of them have been classified as “Critical” and allow remote code execution (RCE), denial of service (DoS) or an attacker to elevate privileges.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Digital Shadows
MARCH 15, 2023
The post QBot: Laying the Foundations for Black Basta Ransomware Activity appeared first on ReliaQuest.
The Hacker News
MARCH 15, 2023
A previously undocumented threat actor dubbed YoroTrooper has been targeting government, energy, and international organizations across Europe as part of a cyber espionage campaign that has been active since at least June 2022.
Security Boulevard
MARCH 15, 2023
In the 1973 baseball melodrama Bang the Drum Slowly, the players, intent on scamming some rubes, play a card game called “TEGWAR.” It stands, as you later learn, for ‘The Exciting Game Without Any Rules.’ Three recent unrelated events in the news this week illustrate how U.S. data privacy rules are, to a great extent, The post Privacy Challenges Illustrated by Recent Cases appeared first on Security Boulevard.
SecureBlitz
MARCH 15, 2023
If you’re shopping for a residential proxy provider, this is your 101 on how to choose the best provider. First: What is a residential proxy? A residential proxy address is an IP address assigned to a home device or computer connected to the internet through an Internet Service Provider. Residential proxies can protect your online […] The post 5 Best Residential Proxy Providers appeared first on SecureBlitz Cybersecurity.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
280 
Let's personalize your content