Troy Hunt

DECEMBER 7, 2021

I was having a coffee with a good mate the other day. He's not a techie (he runs a pizza restaurant), but somehow, we ended up talking about passwords. Because he's a normal person, he has the same 1 or 2 or 3 he uses everywhere and even without telling me what they were, I knew they were terrible. Actually, I'll rephrase that: because he was a normal guy; he's not normal anymore because yesterday I carved out some time to give him an early Christmas present: Today I spent an

Passwords 342

Passwords Password Management Banking Accountability 342

Schneier on Security

DECEMBER 7, 2021

Since 2017, someone is running about a thousand — 10% of the total — Tor servers in an attempt to deanonymize the network: Grouping these servers under the KAX17 umbrella, Nusenu says this threat actor has constantly added servers with no contact details to the Tor network in industrial quantities, operating servers in the realm of hundreds at any given point.

326

326

Joseph Steinberg

DECEMBER 7, 2021

CyberSecurity and Artificial Intelligence Expert, Joseph Steinberg, will lead a panel discussion on the intersection of CyberSecurity and Artificial Intelligence (AI), to take place on Thursday, December 9, 2021, the second and final day of the AI Summit being held in person in New York’s Javits Center. Steinberg’s session, entitled Key Challenges for Security Leaders Now and Beyond – Not Just Technical Competence , will feature a discussion with four other notable figures from the w

Artificial Intelligence 324

Artificial Intelligence Cybersecurity Technology 324

The Last Watchdog

DECEMBER 7, 2021

Without much fanfare, digital twins have established themselves as key cogs of modern technology. Related: Leveraging the full potential of data lakes. A digital twin is a virtual duplicate of a physical entity or a process — created by extrapolating data collected from live settings. Digital twins enable simulations to be run without risking harm to the physical entity; they help inform efficiency gains made in factories and assure the reliability of jet engines, for instance.

Engineering 230

Engineering Data collection Artificial Intelligence Technology 230

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

DECEMBER 7, 2021

The new service protects against current and future cyberattacks, according to Quantinuum CEO, and works with existing cybersecurity systems.

Cybersecurity 216

Cybersecurity 216

Security Boulevard

DECEMBER 7, 2021

The post An Open Source Approach for Cybersecurity Information Sharing appeared first on Nozomi Networks. The post An Open Source Approach for Cybersecurity Information Sharing appeared first on Security Boulevard.

Cybersecurity 143

Cybersecurity 143

We Live Security

DECEMBER 7, 2021

It often pays to look a gift horse in the mouth – recognizing these types of gift card fraud will go a long way toward helping you stay safe from this growing threat not just this holiday season. The post 5 common gift card scams and how to spot them appeared first on WeLiveSecurity.

Scams 139

Scams 139

CSO Magazine

DECEMBER 7, 2021

Much has been bantered about how advances in quantum computing will adversely affect the ability of companies and governments to keep secret information, well, secret. Jeffery Moore, chief of UK’s Secret Intelligence Service (MI-6), summed it up nicely when he spoke at the International Institute for Strategic Studies (IISS) on November 30, on Human Intelligence in a Digital Age : “We live in a world transformed by digital connectivity and stand on the cusp of revolutionary advances in technolog

Artificial Intelligence 139

Artificial Intelligence Engineering Technology Government 139

Malwarebytes

DECEMBER 7, 2021

In recent news, IT security researchers from Ruhr-Universität Bochum (RUB) and the Niederrhein University of Applied Sciences have disclosed 14 new cross-site leak (also known as XSLeak or XS-Leak) attacks that can affects modern browsers, such as Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple’s Safari. Although the news and press release regarding this haven’t mentioned other browsers that are Chromium-based and Firefox-based, we can make a cautious assumption that these, too,

Mobile 138

Mobile Internet Internet Risk 138

The Hacker News

DECEMBER 7, 2021

Microsoft on Monday announced the seizure of 42 domains used by a China-based cyber espionage group that set its sights on organizations in the U.S. and 28 other countries pursuant to a legal warrant issued by a federal court in the U.S. state of Virginia.

Cybersecurity 134

Cybersecurity 134

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Tech Republic Security

DECEMBER 7, 2021

With pandemic-induced pressures impacting many employees, burnout can easily lead to security risks, says 1Password.

Risk 154

Risk 154

Bleeping Computer

DECEMBER 7, 2021

Google announced today that it has taken action to disrupt the Glupteba botnet that now controls more than 1 million Windows PCs around the world, growing by thousands of new infected devices each day. [.].

133

133

Security Boulevard

DECEMBER 7, 2021

The magnitude of scale, scope and the corresponding costs of data breaches, denial-of-service attacks and ransomware have all been on the rise. Many of these crimes have been successful at shutting down entire companies for days while extorting millions of dollars as the affected companies struggled to get their systems back online. In 2021 alone: The post Cloud Protection Over Bifurcated Network Security appeared first on Security Boulevard.

Network Security 131

Network Security Data breaches Ransomware DDOS 131

Bleeping Computer

DECEMBER 7, 2021

Amazon AWS in the US-EAST-1 Region is suffering an outage that affected numerous online services, including Ring, Netflix, and Amazon Prime Video, and Roku. [.].

Technology 133

Technology 133

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Tech Republic Security

DECEMBER 7, 2021

Password managers provide a more effective way to stay secure online but are still underutilized, says Security.org.

Password Management 145

Password Management Passwords 145

Bleeping Computer

DECEMBER 7, 2021

US universities are being targeted in multiple phishing attacks designed to impersonate college login portals to steal valuable Office 365 credentials. [.].

Phishing 134

Phishing 134

CSO Magazine

DECEMBER 7, 2021

Over the weekend, Gen. Paul M. Nakasone, the head of U.S. Cyber Command and the National Security Agency (NSA), confirmed what most cybersecurity specialists already knew: The U.S. military has engaged in offensive measures against ransomware groups. These actions were undertaken to stem the alarming and growing tide of ransomware attacks that have hit U.S. industry, notably Colonial Pipeline in May, and have afflicted hundreds of healthcare and educational institutions.

Ransomware 123

Ransomware Healthcare Education Cybersecurity 123

Graham Cluley

DECEMBER 7, 2021

Supermarket chain Spar has had more than 300 of its convenience stores in the UK affected by a ransomware attack, which has forced some to close their doors or only accept cash payments.

Ransomware 121

Ransomware Malware 121

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Boulevard

DECEMBER 7, 2021

The biggest cybersecurity threats all have one thing in common: Users. Ransomware attacks. Misconfigurations. Insecure credentials. Phishing scams. Vulnerabilities due to unpatched or outdated software. All of these threats can be traced back to poor user behaviors. There is a serious user problem out there, and whether the user makes a mistake or is intentionally.

Cybersecurity 120

Cybersecurity Scams Phishing Ransomware 120

Tech Republic Security

DECEMBER 7, 2021

Get access to certification trainings, tech classes, art lessons and much more. You'll get lifetime access, so you can learn whenever you have the time.

Cybersecurity 118

Cybersecurity 118

Bleeping Computer

DECEMBER 7, 2021

Scammers monitor every tweet containing requests for support on MetaMask, TrustWallet, and other popular crypto wallets, and respond to them with scam links in just seconds. [.].

Cryptocurrency 118

Cryptocurrency Scams 118

Security Boulevard

DECEMBER 7, 2021

The reason you don't really understand NFTs is because the journalists describing them to you don't understand them, either. We can see that when they attempt to sell an NFT as part of their stories (e.g. AP and NYTimes ). They get important details wrong. The latest is Reason.com magazine selling an NFT. As libertarians, you'd think at least they'd get the technical details right.

Scams 117

Scams Cryptocurrency Government Internet 117

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Bleeping Computer

DECEMBER 7, 2021

A 31-year old Canadian national has been charged in connection to ransomware attacks against organizations in the United States and Canada, a federal indictment unsealed today shows. [.].

Healthcare 116

Healthcare Ransomware 116

CSO Magazine

DECEMBER 7, 2021

It’s hard to pinpoint when the concept of DevOps entered the mainstream. As late as 2017 , implementation was still relatively sparse, with many skeptics questioning the approach or simply wondering what the fuss was all about. Today, DevSecOps is following that upward curve, with adopters trying to educate mainstreamers on the benefits, while the yet-to-be convinced often struggle to make sense of common misconceptions.

Education 115

Education Engineering Technology 115

CyberSecurity Insiders

DECEMBER 7, 2021

As soon as cryptocurrency exchanging firm BadgerDAO learnt that a threat actor has stolen more than $100m funds from user accounts, the company somehow passed on a compensation proposal to the hacker against the cyber heist he/she conducted. A few weeks back, a threat actor exploited a vulnerability on the crypto financing platform to steal more than $100 million in user funds.

Cryptocurrency 114

Cryptocurrency Cyber Attacks Accountability Cybersecurity 114

Security Affairs

DECEMBER 7, 2021

The Emotet malware continues to evolve, in the latest attacks, it directly installs Cobalt Strike beacons to give the attackers access to the target network. Emotet malware now directly installs Cobalt Strike beacons to give the attackers immediate access to the target network and allow them to carry out malicious activities, such as launching ransonware attacks.

Ransomware 113

Ransomware Malware Banking Cybercrime 113

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Security Boulevard

DECEMBER 7, 2021

Microsoft issued another of its “look how clever we are” press releases, claiming to have thwarted Chinese hackers it codenames NICKEL. The post Microsoft Whac-A-Moles Websites of Chinese Hackers APT15 (‘NICKEL’) appeared first on Security Boulevard.

Risk 109

Risk Government Malware Cybersecurity 109

Security Affairs

DECEMBER 7, 2021

Microsoft seized dozens of malicious domains used by the China-linked APT15 group to target organizations worldwide. Microsoft announced to have obtained a court warrant that allowed it to seize 42 domains used by a China-linked APT15 group (aka Nickel, Ke3chang , Mirage , Vixen Panda , Royal APT and Playful Dragon) in recent operations that targeted organizations in the US and 28 other countries.

VPN 113

VPN Manufacturing Government Hacking 113

Security Boulevard

DECEMBER 7, 2021

Without much fanfare, digital twins have established themselves as key cogs of modern technology. Related: Leveraging the full potential of data lakes. A digital twin is a virtual duplicate of a physical entity or a process — created by extrapolating … (more…). The post NEW TECH: How a ‘bio digital twin’ that helps stop fatal heart attacks could revolutionize medicine appeared first on Security Boulevard.

Technology 109

Technology Security Awareness 109

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. On December 2, the Microsoft Digital Crimes Unit (DCU) filed pleadings with the US District Court for the Eastern District of Virginia seeking authority to take control of the sites that it discovered belonged to a China-based group it calls Nickel.

Hacking 108

Hacking Malware Surveillance Data collection 108

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.