Troy Hunt

DECEMBER 24, 2021

I'd say this is probably the most epic scene I've ever done one of these videos from and equally, the main topic of the day around Pwned Passwords and the work done with the FBI and NCA is the most epic thing I've done for a very long time. On reflection, I feel like this is the first major step towards HIBP growing up and becoming self-sufficient; that Pwned Passwords piece is now owned by the community, supported by the community, contributed to by 2 of the world's foremost

Passwords 233

Passwords 233

Tech Republic Security

DECEMBER 24, 2021

Training for a lucrative tech career is easier and less expensive than you might think. Check out these online courses on programming, cybersecurity, project management and more.

Cybersecurity 199

Cybersecurity 199

Bleeping Computer

DECEMBER 24, 2021

An Android banking trojan targeting Itaú Unibanco, a large financial services provider in Brazil with 55 million customers globally, is using a fake Google Play store to spread to devices. [.].

Banking 145

Banking Financial Services Mobile 145

The Hacker News

DECEMBER 24, 2021

Apple recently fixed a security vulnerability in the macOS operating system that could be potentially exploited by a threat actor to "trivially and reliably" bypass a "myriad of foundational macOS security mechanisms" and run arbitrary code. Security researcher Patrick Wardle detailed the discovery in a series of tweets on Thursday. Tracked as CVE-2021-30853 (CVSS score: 5.

Malware 143

Malware 143

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

DECEMBER 24, 2021

Less than a week before the Christmas holiday, French IT services company Inetum Group was hit by a ransomware attack that had a limited impact on the business and its customers. [.].

Ransomware 143

Ransomware 143

Security Boulevard

DECEMBER 24, 2021

Familiarising With The Term Cyber Security You must have heard of the word cyber security, making headlines in the news, internet, social media, The post 5 Major Reasons for “Why is Cyber Security Important?” appeared first on Kratikal Blog. The post Best of 2021 – 5 Major Reasons Why Cybersecurity is Important appeared first on Security Boulevard.

Cybersecurity 134

Cybersecurity Internet Internet Media 134

The Hacker News

DECEMBER 24, 2021

Cybersecurity researchers have disclosed details of an evasive malware campaign that makes use of valid code signing certificates to sneak past security defenses and stay under the radar with the goal of deploying Cobalt Strike and BitRAT payloads on compromised systems.

Malware 117

Malware Security Defenses Cybersecurity 117

Bleeping Computer

DECEMBER 24, 2021

The holiday season is here, but there is no rest for our weary admins as ransomware gangs are still conducting attacks over the Christmas and New Years breaks. [.].

Ransomware 135

Ransomware 135

The Hacker News

DECEMBER 24, 2021

Ransomware groups continue to evolve their tactics and techniques to deploy file-encrypting malware on compromised systems, notwithstanding law enforcement's disruptive actions against the cybercrime gangs to prevent them from victimizing additional companies.

Ransomware 111

Ransomware Cybercrime Encryption Malware 111

Bleeping Computer

DECEMBER 24, 2021

A malware distributor for the Dridex banking malware has been toying with victims and researchers over the last few weeks. The latest example is a phishing campaign that taunts victims with a COVID-19 funeral assistance helpline number. [.].

Phishing 119

Phishing Banking Malware 119

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

CyberSecurity Insiders

DECEMBER 24, 2021

2022 Predictions for the Cybersecurity Industry and Advice for Newcomers or Those Working for Small to Medium-Sized Businesses. By Diana-Lynn Contesti, CISSP-ISSAP, ISSMP, CSSLP, SSCP, John Martin, CISSP-ISSAP, CISM, BCS CITP, and Richard Nealon, CISSP-ISSMP, SSCP, SCF, CISM, CISA. As long-time information security professionals and (ISC)² Community Champions, we have experienced the way cybersecurity employees engage and work with one another continue to adapt in response to changes in the work

Cybersecurity 98

Cybersecurity Ransomware VPN Architecture 98

Bleeping Computer

DECEMBER 24, 2021

Blackmagic Software has recently addressed two security vulnerabilities in the highly popular DaVinci Resolve software that would allow attackers to gain code execution on unpatched systems. [.].

Software 106

Software 106

Security Affairs

DECEMBER 24, 2021

Security researchers spotted a campaign that is employing a new stealthy malware tracked as BLISTER that targets windows systems. Elastic Security researchers uncovered a malware campaign that leverages a new malware and a stealthy loader tracked as BLISTER, that uses a valid code signing certificate issued by Sectigo to evade detection. BLISTER loads second-stage payloads that are executed directly in the memory of the Windows system and maintain persistence.

Malware 92

Malware Hacking Cybercrime Information Security 92

Dark Reading

DECEMBER 24, 2021

Working together is going to make getting through this problem a lot easier.

CISO 139

CISO 139

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

SecureBlitz

DECEMBER 24, 2021

Do you want to know how to complete an essay about yourself effectively? Read the guide provided on this site and create original paper in a short time! The essay about yourself has a large number of definitions. However, we will provide the definition, which is actively used in many works of domestic and foreign. The post How To Write An Essay About Yourself: Follow A Simple Guide appeared first on SecureBlitz Cybersecurity.

Cybersecurity 87

Cybersecurity 87

Security Affairs

DECEMBER 24, 2021

Experts found serious privacy issues affecting Fisher Price Chatter Bluetooth Telephone, a Bluetooth headset that appears like a classic kids toy. Fisher Price Chatter Bluetooth Telephone has the appearance of a classic kids toy, but it was designed for adults and allows to make and receive calls over Bluetooth using a nearby smartphone. The device is a Bluetooth headset that accepts the connections from a smartphone and could be used to take calls or as a speakerphone, unfortunately, serious pr

Hacking 82

Hacking Information Security Cybersecurity 82

WIRED Threat Level

DECEMBER 24, 2021

It was a year of ransomware, surveillance, data breaches, and yes, more ransomware.

Surveillance 105

Surveillance Hacking Data breaches Ransomware 105

Security Boulevard

DECEMBER 24, 2021

As we close out 2021, we at Security Boulevard wanted to highlight the most popular articles of the year. Following is the next in our series of the Best of 2021. The security world was rocked this weekend when word came out that one of the best of us, Dan Kaminsky, passed away. Dan was. The post Best of 2021 – Take a Moment to Hug Your Friends & Family: RIP Dan Kaminsky appeared first on Security Boulevard.

DNS 70

DNS Cybersecurity 70

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Naked Security

DECEMBER 24, 2021

Happy Holidays! Our Top N stories, all totally SFW!

Cybercrime 121

Cybercrime Cybersecurity 121

Security Boulevard

DECEMBER 24, 2021

via the comic artistry and dry wit of Randall Munroe , resident at XKCD ! Permalink. The post XKCD ‘Turing Complete’ appeared first on Security Boulevard.

67

67

SecureWorld News

DECEMBER 24, 2021

The Vatican Apostolic Library is home to more than 80,000 irreplaceable documents, as well as the oldest copy of the Bible in the world. To preserve and protect their artifacts—which include drawings and writings from the likes of Michelangelo and Galileo—the library is making the transition to digitize anything of importance. This move began in 2012 and is still an ongoing process.

Digital transformation 52

Digital transformation Cyber threats Education Internet 52

Security Boulevard

DECEMBER 24, 2021

Our thanks to Security BSides Delaware for publishing their well-crafted videos from the Security BSides Delaware 2021 conference on the Organization’s’ YouTube channel. Permalink. The post Security BSides Delaware 2021 – Joshua Marpet’s ‘SBOM’s And CBOM’s – Why Bills Of Materials Matter To Hackers?’ appeared first on Security Boulevard.

Education 62

Education InfoSec Information Security Cybersecurity 62

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Hacker Combat

DECEMBER 24, 2021

The ministry of information technology in China has opted to pull back from its collaboration with Alibaba temporarily. The ministry deals with industry and issues involving IT and has collaborated with Alibaba in the past. However, the ministry issued a statement that stated that they will be pulling back from the partnership for a while. . Alibaba Cloud is an intelligence firm that deals with cyber threats.

Government 52

Government Malware Media Cyber threats 52

Security Boulevard

DECEMBER 24, 2021

Permalink. The post Shaun The Sheep: ‘We Wish Ewe A Merry Christmas’ appeared first on Security Boulevard.

62

62

Schneier on Security

DECEMBER 24, 2021

Someone left it in a cemetery. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

239

239

Security Boulevard

DECEMBER 24, 2021

Our thanks to Security BSides Delaware for publishing their well-crafted videos from the Security BSides Delaware 2021 conference on the Organization’s’ YouTube channel. Permalink. The post Security BSides Delaware 2021 – Rob Slade’s ‘BCP And Privacy Lessons From CoVID-19’ appeared first on Security Boulevard.

Education 48

Education InfoSec Information Security Cybersecurity 48

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

CyberSecurity Insiders

DECEMBER 24, 2021

1.) REVIL ransomware spreading gang targeted Kaseya software company through a vulnerability and disrupted their business operations in July 2021. The notorious gang of threat actors reportedly demanded a $70 million ransom. However, the company did not bow down to the demands of hackers and recovered their data by other means. 2.) Accenture was hit by Lockbit ransomware attack in August this year and stole around 6TB of data to indulge in double extortion tactics.

Ransomware 94

Ransomware Encryption Malware Cryptocurrency 94