Lohrman on Security
FEBRUARY 6, 2022
In this interview, Kansas Chief Information Security Officer Jeff Maxon covers wide-ranging topics from his cyber career to Kansas' priorities like whole-of-state cybersecurity.
The Hacker News
FEBRUARY 6, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging federal agencies to secure their systems against an actively exploited security vulnerability in Windows that could be abused to gain elevated permissions on affected hosts. To that end, the agency has added CVE-2022-21882 (CVSS score: 7.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Boulevard
FEBRUARY 6, 2022
We’ve begun a major shift in how the internet is structured. Our current Web2, defined by a read/write architecture that, until recently was dominated by a handful of massive technology companies, is giving way to the next iteration of the internet: Web3. Unlike its predecessor, Web3 reflects a more decentralized internet where users and the. The post Cybersecurity Considerations for Web3 appeared first on Security Boulevard.
Bleeping Computer
FEBRUARY 6, 2022
The numerous law enforcement operations leading to the arrests and takedown of ransomware operations in 2021 have forced threat actors to narrow their targeting scope and maximize the efficiency of their operations. [.].
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Security Boulevard
FEBRUARY 6, 2022
Cyberdyne Systems has sued to keep its Skynet algorithm from being publicly disclosed, claiming it is a trade secret. Wait, what? No. Cyberdyne Systems did not sue to keep the algorithm for its Skynet system from public disclosure. (And for those of you who don’t know, this is a reference to the Terminator movie franchise.). The post Waymo Sues to Keep Auto Algorithm Trade Secret appeared first on Security Boulevard.
Security Affairs
FEBRUARY 6, 2022
One of the Apple iOS zero-day flaws exploited by the NSO group was also used by another surveillance firm named QuaDream. One of the vulnerabilities in Apple iOS that was previously exploited by the spyware developed by the Israeli company NSO Group was also separately used by another surveillance firm named QuaDream. Like NSO Group, QuaDream develops surveillance malware for government and intelligence agencies.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
The Hacker News
FEBRUARY 6, 2022
A Chinese advanced persistent threat (APT) group has been targeting Taiwanese financial institutions as part of a "persistent campaign" that lasted for at least 18 months.
Security Boulevard
FEBRUARY 6, 2022
Our sincere thanks to Security BSides Dublin for publishing their tremendous videos from the Security BSides Dublin 2021 Conference on the organization’s YouTube channel. Additionally, the Security BSides Dublin organization has slated their eponymous Security BSides Dublin 2022 confab at the The Convention Centre Dublin ( CCD ) on 2022/03/19. Just a month and a half away.
Security Affairs
FEBRUARY 6, 2022
A flaw in Argo CD tool for Kubernetes could be exploited by attackers to steal sensitive data from Kubernetes Apps. A zero-day vulnerability, tracked as CVE-2022-24348, in the Argo CD tool for Kubernetes could be exploited by attackers to steal sensi tive data from Kubernetes Apps , including passwords and API keys. The flaw received a CVSS score of 7.7 and affects all versions, it was addressed with the release of versions 2.3.0, 2.2.4, and 2.1.9.
Security Boulevard
FEBRUARY 6, 2022
Our sincere thanks to Security BSides Dublin for publishing their tremendous videos from the Security BSides Dublin 2021 Conference on the organization’s YouTube channel. Additionally, the Security BSides Dublin organization has slated their eponymous Security BSides Dublin 2022 confab at the The Convention Centre Dublin ( CCD ) on 2022/03/19. Just a month and a half away.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
The State of Security
FEBRUARY 6, 2022
Have you considered how often your phone number has been shared? Most of us give out our cell phone numbers all the time – to friends, acquaintances, colleagues, and even big, monolithic, impersonal companies. We may even print them on business cards or list them on public forums. A cell phone is no longer just a […]… Read More. The post Your Cell Phone and Your Identity: Keeping Your PII Safe appeared first on The State of Security.
Security Boulevard
FEBRUARY 6, 2022
Assessing your cyber readiness every year is vital to ensuring that your network, applications, and systems have the appropriate protections in place. As we flip the calendar ahead into 2022, performing your cyber assessments is a great way to ring in the new year, along with dropping 15 pounds, hitting the gym 3 times a […]. The post Assessing Cyber Readiness for 2022 appeared first on HolistiCyber.
WIRED Threat Level
FEBRUARY 6, 2022
Privacy policies didn't tell the whole story about third-party tools gathering personal information from the sites of medical and genetic-testing companies.
Security Affairs
FEBRUARY 6, 2022
Russia-linked APT group Gamaredon is behind spear-phishing attacks against Ukrainian entities and organizations since October 2021. Russia-linked cyberespionage group Gamaredon (aka Armageddon , Primitive Bear, and ACTINIUM) is behind the spear-phishing attacks targeting Ukrainian entities and organizations related to Ukrainian affairs, since October 2021, Microsoft said.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
The State of Security
FEBRUARY 6, 2022
Tripwire Configuration Manager allows for user created configuration and compliance management content via a new Policy Management capability. Custom user content can be used alongside existing cloud service provider and third-party SaaS policies, providing multiple new use cases for data gathering and expanding policy compliance support into new services.
Security Affairs
FEBRUARY 6, 2022
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. LockBit ransomware gang claims to have stolen data from PayBito crypto exchange FBI issued a flash alert on Lockbit ransomware operation CISA orders federal agencies to fix actively exploited CVE-2022-21882 Windows flaw Over 500,000 people were imp
Security Boulevard
FEBRUARY 6, 2022
Have you considered how often your phone number has been shared? Most of us give out our cell phone numbers all the time – to friends, acquaintances, colleagues, and even big, monolithic, impersonal companies. We may even print them on business cards or list them on public forums. A cell phone is no longer just a […]… Read More. The post Your Cell Phone and Your Identity: Keeping Your PII Safe appeared first on The State of Security.
The Security Ledger
FEBRUARY 6, 2022
In this episode of the podcast (#234) US Representative Jim Langevin (D-RI), joins Paul to talk about the flurry of legislation passed on Capitol Hill in recent months to boost the U.S.’s cyber defenses. The post Episode 234: Rep. Jim Langevin on Cyber Policy in an Age of Political Polarization appeared first on The Security Ledger with Paul F. Read the whole entry. » Click the icon below to listen.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Security Boulevard
FEBRUARY 6, 2022
Tripwire Configuration Manager allows for user created configuration and compliance management content via a new Policy Management capability. Custom user content can be used alongside existing cloud service provider and third-party SaaS policies, providing multiple new use cases for data gathering and expanding policy compliance support into new services.
Security Boulevard
FEBRUARY 6, 2022
Researchers have discovered a new web tracking technique using your graphics card, scammers are exploiting security weaknesses on job recruitment websites to post fraudulent job postings, and how a hacker single-handedly took down North Korea’s Internet. ** Links mentioned on the show ** Your graphics card could be used to track you across the web […].
Expert insights. Personalized for you.
127 
Let's personalize your content