Wed.Nov 23, 2022

article thumbnail

The US Has a Shortage of Bomb-Sniffing Dogs

Schneier on Security

Nothing beats a dog’s nose for detecting explosives. Unfortunately, there aren’t enough dogs : Last month, the US Government Accountability Office (GAO) released a nearly 100-page report about working dogs and the need for federal agencies to better safeguard their health and wellness.

article thumbnail

Top 6 security risks associated with industrial IoT

Tech Republic Security

Industrial IoT is gaining adoption, but this comes with some security risks. Check out the dangers and how you can avoid them. The post Top 6 security risks associated with industrial IoT appeared first on TechRepublic.

IoT 159
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Get Pwned, for 30% Less!

Troy Hunt

We've had great feedback from people who have gotten Pwned. Loads of people had told us how much they've enjoyed it and would like to get their friends Pwned too. Personally, I think everyone should get Pwned!

193
193
article thumbnail

DDoS protection from OVHcloud

Tech Republic Security

Distributed denial-of-service protection from OVHcloud takes the complexity out of avoiding denial of service attacks for your business. The post DDoS protection from OVHcloud appeared first on TechRepublic. Security Software ddos ddos protection ddos software ovhcloud

DDOS 124
article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

article thumbnail

‘This is Appalling’ — Tax-Prep Sites Leak PII to Facebook

Security Boulevard

Some incredibly personal details are being sent to Facebook, without your consent, using the “Meta Pixel.”. The post ‘This is Appalling’ — Tax-Prep Sites Leak PII to Facebook appeared first on Security Boulevard.

CISO 109
article thumbnail

Experts claim that iPhone’s analytics data is not anonymous

Security Affairs

Researchers discovered that analytics data associated with iPhone include Directory Services Identifier (DSID) that could allow identifying users.

More Trending

article thumbnail

Identity-Based Attacks Increase, MFA-Thwarting Tactics Rise 

Security Boulevard

Multifactor authentication (MFA) push notification fatigue attacks are increasing and are proving more effective, according to Expel’s quarterly threat report, based on data from the company’s customer base.

article thumbnail

(ISC)² Board of Directors Election Results

CyberSecurity Insiders

The following individuals were elected to the Board and will begin their three-year term in January 2023: Laurie-Anne Bourdain, CISSP – Belgium. Edward Farrell, SSCP, CISSP – Australia. Nalneesh Gaur, CISSP-ISSAP – United States. Guy Ngambeket, CISSP – United Arab Emirates.

article thumbnail

'Patch Lag' Leaves Millions of Android Devices Vulnerable

Dark Reading

Months after a fix was issued by a vendor, downstream Android device manufacturers still haven't patched, highlighting a troubling trend

article thumbnail

Ducktail information stealer continues to evolve

Security Affairs

The operators behind the Ducktail information stealer continue to improve their malicious code, operators experts warn.

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

article thumbnail

Microsoft: Popular IoT SDKs Leave Critical Infrastructure Wide Open to Cyberattack

Dark Reading

Chinese threat actors have already used the vulnerable and pervasive Boa server to infiltrate the electrical grid in India, in spate of malicious incidents

IoT 97
article thumbnail

Thanks for Nothing

Security Boulevard

As we embark on the U.S. Thanksgiving holiday, we’re supposed to be grateful for our gifts. And I am certainly thankful for my family, my health (injured knee notwithstanding) and being able to work at Techstrong, which is a very cool gig.

article thumbnail

Hot Ticket: 'Aurora' Go-Based InfoStealer Finds Favor Among Cyber-Threat Actors

Dark Reading

The infostealer Aurora’s low detection rates and newcomer status are helping it fly under the radar, as more cybercriminal gangs target cryptocurrency wallets and communications apps

article thumbnail

Microsoft releases out-of-band update to fix Kerberos auth issues caused by a patch for CVE-2022-37966

Security Affairs

Microsoft released an out-of-band update to fix problems tied to a recent Windows security patch that caused Kerberos authentication issues. Microsoft released an out-of-band update to address issues caused by a recent Windows security patch that causes Kerberos authentication problems.

article thumbnail

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

article thumbnail

How Development Teams Should Respond to Text4Shell

Dark Reading

Yet another *4Shell exploit highlights the horror of strange visitors into enterprise environments. This Tech Tip focuses on what to do next

89
article thumbnail

How Health Care Data Encryption Fits Into Your Security Strategy

Security Boulevard

Hospitals, government health agencies and other health care entities have a growing need to securely store and transfer personal data, both from patient to provider and with relevant agencies, insurers and regulators.

article thumbnail

Pro-Russian group Killnet claims responsibility for DDoS attack that has taken down the European Parliament site

Security Affairs

Pro-Russian hacker collective Killnet took down the European Parliament website with a DDoS cyberattack. The Pro-Russia group of hacktivists Killnet claimed responsibility for the DDoS attack that today took down the website of the European Parliament website.

DDOS 87
article thumbnail

Black Friday deals 2022

Security Boulevard

This Black Friday, we are offering an amazing 50% discount on all new plugin subscriptions. This is the perfect opportunity to shore up your WordPress security and administration (at a hefty discount) as we head into a busy festive season.

87
article thumbnail

How to Avoid the Pain and Cost of PCI Compliance While Optimizing Payments

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

article thumbnail

Bahamut cybermercenary group targets Android users with fake VPN apps

We Live Security

Malicious apps used in this active campaign exfiltrate contacts, SMS messages, recorded phone calls, and even chat messages from apps such as Signal, Viber, and Telegram. The post Bahamut cybermercenary group targets Android users with fake VPN apps appeared first on WeLiveSecurity. ESET Research

VPN 86
article thumbnail

CryptoRom “pig butchering” scam sites seized, suspects arrested in US

Naked Security

Five tips to keep yourself, and your friends and family, out of the clutches of "chopping block" scammers. BEC Law & order Malware Social networks CryptoRom ios romance scam TestFlight

Scams 84
article thumbnail

Leveraging the NIST Cybersecurity Framework For Business

Security Boulevard

The NIST cybersecurity framework is a powerful tool to organize and improve your cybersecurity program. Today many businesses see cybersecurity with a kind of laissez-faire attitude where they purchase few tools and assign some people to look after their overall IT […].

article thumbnail

Safe Sales: 8 Tips for Keeping Your Data Safe & Secure This Holiday Shopping Season

CyberSecurity Insiders

By Gal Ringel, Co-Founder & CEO of Mine Privacy Ops. If you’re busy planning your holiday shopping this month, you’re not alone. Q4 is always the busiest time of year for shoppers and retailers, chock-full of shopping celebrations like Singles’ Day, Black Friday, and Cyber Monday, among others.

article thumbnail

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

article thumbnail

Sealing Off Your Cloud’s Blast Radius

Security Boulevard

Understand the challenges of securing your cloud and key best practices for minimizing your cloud’s blast radius. The post Sealing Off Your Cloud’s Blast Radius appeared first on Ermetic. The post Sealing Off Your Cloud’s Blast Radius appeared first on Security Boulevard.

82
article thumbnail

Futureproofing Cybersecurity With On-Premise Video And Access Control Systems

CyberSecurity Insiders

In 2022, it took around 9 months to identify and contain a breach. To prevent a cybersecurity breach for your business, you need to think about your on-premise security systems. How can you futureproof your cybersecurity with on-premise video and access control systems?

article thumbnail

GitHub repojacking attack: 10 lessons for software teams

Security Boulevard

Software supply chain attacks are on the rise because of their reach. Here are 10 valuable lessons from the recent GitHub namespace attack. The post GitHub repojacking attack: 10 lessons for software teams appeared first on Security Boulevard.

article thumbnail

Why Africa's Telecoms Must Actively Collaborate to Combat Fraud

Dark Reading

Unique conditions contribute to outsized telecom fraud across the continent, but working together can bring solutions

80
article thumbnail

DoD Releases Enterprise-Wide Zero Trust Strategy

SecureWorld News

Earlier this month the U.S. Department of Defense released its DoD Zero Trust Strategy, which outlines an "enhanced cybersecurity framework built upon Zero Trust principles that must be adopted across the Department, enterprise-wide, as quickly as possible as described within this document.".

article thumbnail

Where Are We Heading With Data Privacy Regulations?

Dark Reading

New laws have made the current US privacy landscape increasingly complex

article thumbnail

Backdoored Chrome extension installed by 200,000 Roblox players

Bleeping Computer

Chrome browser extension 'SearchBlox' installed by more than 200,000 users has been discovered to contain a backdoor that can steal your Roblox credentials as well as your assets on Rolimons, a Roblox trading platform. [.]. Security Google

107
107
article thumbnail

Penetration Testing Market Size Is Projected to Reach $5.28B Globally by 2028

Dark Reading

Fueling the trend are the rising adoption of cloud computing solutions, technology advancements, stricter data safety regulations, and the move to digitalization, says Brandessence Market Research

article thumbnail

Pro-Russian hacktivists take down EU Parliament site in DDoS attack

Bleeping Computer

The website of the European Parliament has been taken down following a DDoS (Distributed Denial of Service) attack claimed by a pro-Russia group of hacktivists calling themselves Anonymous Russia. [.]. Security

DDOS 105
article thumbnail

Meta outlines US involvement in social media disinformation in new report

CSO Magazine

A report released by Meta’s security team describes the company’s shutdown of a network of Facebook and Instagram accounts participating in what it calls coordinated inauthentic behavior, and linking some of those accounts to the US military.

Media 100