Schneier on Security

JULY 1, 2022

Andrew Appel has a long analysis of the Swiss online voting system. It’s a really good analysis of both the system and the official analyses. Uncategorized voting

171

171

The Last Watchdog

JULY 1, 2022

The pandemic-driven remote working brought about unforeseen challenges that the pre-pandemic corporate world would have never imagined. From transitioning to a work-from-home as a ‘perk’ to a ‘necessity’, the organizations had to realign their operations and do it fast, to keep the ships afloat. Related: Deploying human sensors. Now that the dust seems to have settled on the novelty of remote working, there’s no doubt that remote working- whether organizations like it or not is here to say.

Mobile 159

Mobile Education Phishing Technology 159

Dark Reading

JULY 1, 2022

The latest evolution in social engineering could put fraudsters in a position to commit insider threats

Social Engineering 106

Social Engineering Engineering 106

The Hacker News

JULY 1, 2022

Amazon, in December 2021, patched a high severity vulnerability affecting its Photos app for Android that could have been exploited to steal a user's access tokens.

Authentication 99

Authentication 99

Speaker: William Hord, Vice President of ERM Services

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

Risk

CyberSecurity Insiders

JULY 1, 2022

Ransomware-as-a-service gang is on the prowl of teenagers who can act as distributors for malware. As law enforcement is tightening the noose around black hat hackers in all ways, ransomware spreading groups are now focusing more on luring teenagers into their business distribution stream.

Cybersecurity 97

Cybersecurity Ransomware DDOS Scams 97

Naked Security

JULY 1, 2022

The crooks hit us up with this phishing email less than half an hour after they activated their new scam domain. Data loss Facebook Phishing Privacy 2FA phishing Scam

Scams 93

Scams Phishing 93

Dark Reading

JULY 1, 2022

OpenSea warns users that they are likely to be targeted in phishing attacks after a vendor employee accessed and downloaded its email list

Phishing 83

Phishing Hacking 83

Security Boulevard

JULY 1, 2022

First, workplaces went fully remote to keep business operations running during the COVID-19 pandemic. Now, as the pandemic is easing into endemic, organizations are asking their employees to return to their offices.

Mobile 83

Mobile Network Security Cybersecurity 83

Dark Reading

JULY 1, 2022

With more staff working remotely, identity, authentication, and access (IAA) has never been more important. Microsoft has a new response

Authentication 83

Authentication 83

Security Boulevard

JULY 1, 2022

The increase in cyberattacks—and the increase in the cost of cyberattacks—sends a clear signal: Something about the cybersecurity industry needs to change. We live in a world where malicious cyberattack campaigns are persistent and relentless.

Ransomware 83

Ransomware Technology Cybersecurity 83

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

Cybersecurity

eSecurity Planet

JULY 1, 2022

Security researchers have uncovered an unusually sophisticated malware that has been targeting small office/home office (SOHO) routers for nearly two years, taking advantage of the pandemic and rapid shift to remote work.

DNS 81

DNS Antivirus Wireless Malware 81

Security Boulevard

JULY 1, 2022

Wicked Good Development is dedicated to the future of open source. This space is to learn about the latest in the developer community and talk shop with open source software innovators and experts in the industry.

Software 82

Software 82

Dark Reading

JULY 1, 2022

The hacktivist group is ramping up its activities and ready to assault governments and businesses with escalating capabilities

Government 81

Government Ransomware 81

Security Boulevard

JULY 1, 2022

Ho Ka Terrance Yung wanted to go to Georgetown University School of Law. He had good grades and good LSAT scores and arranged for an “alumni” interview—an interview with a former Hoya to accelerate his application process. The interview did not go well.

Risk 82

Risk Government Cybersecurity 82

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Ransomware

The Hacker News

JULY 1, 2022

A newly discovered malware has been put to use in the wild at least since March 2021 to backdoor Microsoft Exchange servers belonging to a wide range of entities worldwide, with infections lingering in 20 organizations as of June 2022.

Internet 79

Internet Internet Software Malware 79

Security Boulevard

JULY 1, 2022

Despite concerns from privacy advocates, Australia is currently the only democracy in the world that uses facial recognition technology to aid Covid-19 containment procedures.

Technology 82

Technology Network Security 82

Tech Republic Security

JULY 1, 2022

ClearVPN's Premium Plan offers advanced security and connectivity, allowing you to easily protect your devices at an affordable price. The post Get one year of this leading VPN for just $30 appeared first on TechRepublic. Security clearvpn clearvpn premium plan VPN

VPN 113

VPN 113

Security Boulevard

JULY 1, 2022

Realizing the Total Cost of Compliance Companies in the defense industrial base (DIB) have less than a year before the Interim Rule is in effect. We’ve spoken to many small to medium businesses (SMBs) in the DIB and one concern comes up over and over again. The cost of CMMC 2.0

81

81

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

Marketing

WIRED Threat Level

JULY 1, 2022

Putting sensor-packed Chinese cars on Western roads could be a privacy issue. Just ask Tesla. Security Security / National Security Security / Privacy

78

78

Security Affairs

JULY 1, 2022

A cyber attack forced the American publishing giant Macmillan to shut down its IT systems. The publishing giant Macmillan has been hit by a cyberattack that forced the company to shut down its IT infrastructure to prevent the threat from spreading within its network.

Data breaches 76

Data breaches Media Encryption Cyber Attacks 76

We Live Security

JULY 1, 2022

The lead-up to the Canada Day festivities has brought a tax scam with it. The post Phishing scam poses as Canadian tax agency before Canada Day appeared first on WeLiveSecurity. Scams

Scams 76

Scams Phishing 76

The Hacker News

JULY 1, 2022

Following heightened worries that U.S. users' data had been accessed by TikTok engineers in China between September 2021 and January 2022, the company sought to assuage U.S. lawmakers that it's taking steps to "strengthen data security."

Engineering 76

Engineering 76

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

Data privacy

Security Affairs

JULY 1, 2022

Researchers warn of a new ‘SessionManager’ Backdoor that was employed in attacks targeting Microsoft IIS Servers since March 2021.

Passwords 76

Passwords Government Information Security Malware 76

Bleeping Computer

JULY 1, 2022

On Thursday, the Jenkins security team announced 34 security vulnerabilities affecting 29 plugins for the Jenkins open source automation server, 29 of the bugs being zero-days still waiting to be patched. [.]. Security

107

107

Tech Republic Security

JULY 1, 2022

Hackers-for-hire specialize in compromising email boxes. Learn more about these cyber criminals and the threat they represent. The post The business of hackers-for-hire threat actors appeared first on TechRepublic. CXO Security google threat analysis group hackers-for-hire phishing

Phishing 105

Phishing 105

The Hacker News

JULY 1, 2022

Google on Thursday announced a slew of improvements to its password manager service aimed at creating a more consistent look and feel across different platforms.

Password Management 71

Password Management Passwords 71

Security Affairs

JULY 1, 2022

Microsoft spotted a cloud threat actor tracked as 8220 that is now targeting Linux servers in a long-running cryptomining campaign.

Security Intelligence 68

Security Intelligence Information Security Hacking Malware 68

The Hacker News

JULY 1, 2022

Microsoft has detailed the evolving capabilities of toll fraud malware apps on Android, pointing out its "complex multi-step attack flow" and an improved mechanism to evade security analysis.

Mobile 70

Mobile Malware 70

SecureBlitz

JULY 1, 2022

This post will show you 5 sectors that need critical infrastructure cybersecurity. The UK National Cyber Security Centre identifies a. Read more. The post 5 Sectors That Need Critical Infrastructure Cybersecurity appeared first on SecureBlitz Cybersecurity. Tips & Hacks Cybersecurity Plan

Cybersecurity 66

Cybersecurity Hacking 66

The Hacker News

JULY 1, 2022

Fixing indirect vulnerabilities is one of those complex, tedious and, quite frankly, boring tasks that no one really wants to touch. No one except for Debricked, it seems. Sure, there are lots of ways to do it manually, but can it be done automatically with minimal risk of breaking changes?

Risk 68

Risk 68

Dark Reading

JULY 1, 2022

Dark Reading's digest of the other don't-miss stories of the week, including YouTube account takeovers and a sad commentary on cyber-pro hopelessness

Accountability 61

Accountability 61

Bleeping Computer

JULY 1, 2022

Microsoft has reminded customers that Windows Server 2012/2012 R2 will reach its extended end-of-support (EOS) date next year, on October 10, 2023. [.]. Microsoft

83

83