Joseph Steinberg

OCTOBER 6, 2022

A jury yesterday found former Uber security chief Joe Sullivan guilty of covering up a massive data breach; the conviction makes Sullivan likely to become the first executive to face prison time over the mishandling of a cyberattack. According to The New York Times , in 2016, while the Federal Trade Commission (FTC) was investigating an earlier breach of Uber’s computer systems, Sullivan learned of a subsequent compromise that affected more than 57 million Uber accounts.

CISO 242

CISO Artificial Intelligence Data breaches Cybersecurity 242

Tech Republic Security

OCTOBER 6, 2022

Targeting more than 21,000 users, the phishing email managed to bypass Microsoft Exchange email security, says Armorblox. The post Phishing attack spoofs Zoom to steal Microsoft user credentials appeared first on TechRepublic.

Phishing 165

Phishing 165

Quick Heal Antivirus

OCTOBER 6, 2022

SOVA is an Android banking Trojan with significant capabilities like credential theft, capturing keystrokes, taking screenshots, etc., The post Beware: SOVA Android Banking Trojan emerges more powerful with new capabilities appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

Banking 132

Banking Cybercrime Malware Cybersecurity 132

Tech Republic Security

OCTOBER 6, 2022

Find out the best practices for securely deploying applications and managing data in the cloud. The post Top 5 best practices for cloud security appeared first on TechRepublic.

149

149

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

CSO Magazine

OCTOBER 6, 2022

Recent ESG research reveals that 52% of security professionals believe security operations are more difficult today than they were two years ago. Why? Security operations center (SOC) teams point to issues such as: A rapidly evolving and changing threat landscape: Forty-one percent of security professionals find it difficult to understand and counteract modern threats like ransomware or supply chain attacks and then build this knowledge into a comprehensive security operations program.

Technology 130

Technology Marketing Internet Internet 130

Tech Republic Security

OCTOBER 6, 2022

Jack Wallen shows you how you can increase the security of Bitwarden vault items with a simple configuration. The post How to add an extra layer of protection in Bitwarden vault items appeared first on TechRepublic.

Password Management 136

Password Management Passwords Software 136

Tech Republic Security

OCTOBER 6, 2022

Joe Sullivan schemed to hide a 2016 breach of 57 million users’ information shortly after he was hired. The post Former Uber CSO found guilty of obstruction in attempted data breach cover-up appeared first on TechRepublic.

CSO 132

CSO Data breaches 132

Hacker Combat

OCTOBER 6, 2022

The Tucson Data Breach is a recent data breach that occurred in the city of Tucson, Arizona. The breach affected approximately 1.2 million individuals, who had their personal information exposed. This information included names, addresses, social security numbers, and date of birth. The Tucson Data Breach is one of the largest data breaches to ever occur in the United States.

Data breaches 121

Data breaches Identity Theft Cybersecurity 121

CyberSecurity Insiders

OCTOBER 6, 2022

Whatever assets you happen to control, you want to be sure that they’re secure. Even if your system is lucky enough to be based in Sweden – the country with the lowest malware infection rates in the world – it needs vigilant protection. . The uncomfortable truth is that there are innumerable threats out there, and more companies than ever are being targeted by cybercriminals. .

Risk 115

Risk Marketing Internet Internet 115

We Live Security

OCTOBER 6, 2022

Healthy habits that are instilled and nurtured at an early age bring lifelong benefits – the same applies to good cybersecurity habits. The post The need to change cybersecurity for the next generation appeared first on WeLiveSecurity.

Cybersecurity 114

Cybersecurity 114

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

CyberSecurity Insiders

OCTOBER 6, 2022

Cybersecurity is one of the fastest-growing industries and one that will likely see a lot of opportunities for career progression over the years. As a result, more people than ever are now looking to work in this field. However, there are a lot of challenges when it comes to working in cybersecurity, and you’ll need to understand how to make the most of your opportunities.

Cybersecurity 112

Cybersecurity Information Security Education 112

Heimadal Security

OCTOBER 6, 2022

RatMilad, a new Android malware that masquerades as a VPN and phone number spoofing app, has been observed to target a Middle Eastern enterprise mobile device. The mobile trojan acts as advanced spyware, receiving and executing commands to collect and exfiltrate a wide range of data from the infected mobile endpoint, according to a report published by […].

Spyware 102

Spyware Mobile VPN Malware 102

Security Affairs

OCTOBER 6, 2022

Researchers at cybersecurity firm Resecurity spotted a new group of hacktivists targeting financial institutions in Egypt, Resecurity, a California-based cybersecurity company protecting Fortune 500 corporations globally, has noticed a new group of hacktivists targeting financial institutions in Egypt. The bad actors go under the campaign “EG Leaks” (also known as “Egypt Leaks”), they started leaking large volumes of compromised payment data belonging to the customers of major Egyptian banks on

Banking 101

Banking Identity Theft Engineering Hacking 101

Bleeping Computer

OCTOBER 6, 2022

Linux users have reported seeing weird white flashes and rapid blinking on their Intel laptop displays after upgrading to Linux kernel version 5.19.12, leading to warnings that the bug may damage displays. [.].

98

98

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Security Boulevard

OCTOBER 6, 2022

Cybersecurity teams know that any technology is not only vulnerable to a cyberattack but also that threat actors will eventually use that technology to launch attacks. Take the cloud, for example. Cybercriminals are using cloud services to their advantage with ransomware-as-a-service (RaaS). In a recent report from Venafi, the authors found that “In addition to.

Ransomware 98

Ransomware Technology Cybersecurity Malware 98

Security Affairs

OCTOBER 6, 2022

A bug in Linux Kernel 5.19.12 that was released at the end of September 2022 can potentially damage the displays of Intel laptops. Linux users reported the displays of their Intel laptops rapidly blinking, flickering, and showing white flashes after upgrading to Linux kernel version 5.19.12. Linux expert Ville Syrjäl pointed out that the anomalous issue may damage displays. “After looking at some logs we do end up with potentially bogus panel power sequencing delays, which may harm the LCD

Hacking 98

Hacking Information Security 98

Security Boulevard

OCTOBER 6, 2022

We are thrilled to announce that DTEX’s Workforce Cyber Intelligence & Security platform was named User Behavior Analytics Platform of the Year in the 2022 CyberSecurity Breakthrough Awards, an industry awards program that recognizes the world’s best information security companies, products, and people. Receiving this honor for the second consecutive year is a testament to the success … Continued.

Cybersecurity 98

Cybersecurity Information Security 98

Mitnick Security

OCTOBER 6, 2022

Whether your organization has been the victim of a recent data breach or your organization has never had expert penetration testing done before, it’s probably time to call in cybersecurity experts. The right cybersecurity company can help you identify the strengths and weaknesses of your networks and systems so you can improve the security posture of your organization and stay one step ahead of threat actors.

Penetration Testing 98

Penetration Testing Data breaches Cybersecurity 98

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Boulevard

OCTOBER 6, 2022

DataDome won the “e-Commerce Security Solution of the Year” award in the CyberSecurity Breakthrough Awards for the second year in a row! The post For Second Consecutive Year, DataDome Wins “e-Commerce Security Solution of the Year” Award in CyberSecurity Breakthrough Awards Program appeared first on Security Boulevard.

Cybersecurity 98

Cybersecurity 98

Security Affairs

OCTOBER 6, 2022

Cisco fixed high-severity flaws in some of its networking and communications products, including Enterprise NFV, Expressway and TelePresence. Cisco announced it has addressed high-severity vulnerabilities affecting some of its networking and communications products, including Enterprise NFV, Expressway and TelePresence. “Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS) S

Software 98

Software Hacking Information Security Malware 98

Security Boulevard

OCTOBER 6, 2022

Microsoft finally issued CVEs—CVE-2022–41040 and CVE-2022–41082—for two new zero-day vulnerabilities in Exchange, ending a few days of speculation that the duo were, in fact, ProxyShell flaws uncovered in 2021. “I am calling this ProxyNotShell, as it is the same path and SSRF/RCE pair from back then … but with authentication,” security researcher Kevin Beaumont wrote.

Authentication 98

Authentication Malware Cybersecurity Network Security 98

Security Affairs

OCTOBER 6, 2022

Researchers linked the threat actor behind the Eternity malware-as-a-service (MaaS) to a new malware strain called LilithBot. Zscaler researchers linked a recently discovered sample of a new malware called LilithBot to the Eternity group (aka EternityTeam; Eternity Project). The Eternity group operates a homonymous malware-as-a-service (MaaS), it is linked to the Russian “Jester Group,” which is active since at least January 2022.

Malware 98

Malware DDOS Ransomware Cryptocurrency 98

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Security Boulevard

OCTOBER 6, 2022

What if you could instantly prevent 95%* of the vulnerabilities in your running applications from being exploited? With runtime protection, you can quickly and efficiently inoculate your applications and application programming interfaces (APIs) from entire classes of common vulnerabilities and dramatically improve the efficiency and focus of your Application Security (AppSec) program.

Software 98

Software 98

Bleeping Computer

OCTOBER 6, 2022

The Federal Bureau of Investigation (FBI) warned today of foreign influence operations that might spread disinformation to affect the results of this year's midterm elections. [.].

94

94

Security Boulevard

OCTOBER 6, 2022

Data breaches are in the news nearly every day, making data loss prevention (DLP) top-of-mind for security professionals. While DLP software has been the default answer since the 1990s for preventing data loss, it’s no longer optimal since company data lives increasingly in the cloud instead of on-premises. In this guide, you’ll get a refresher […].

Data breaches 98

Data breaches Software 98

Bleeping Computer

OCTOBER 6, 2022

Meta has sued several Chinese companies doing business as HeyMods, Highlight Mobi, and HeyWhatsApp for developing and allegedly using "unofficial" WhatsApp Android apps to steal over one million WhatsApp accounts starting May 2022. [.].

Accountability 95

Accountability 95

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Security Boulevard

OCTOBER 6, 2022

The healthcare sector is a compelling target for ruthless cybercriminals with a wealth of incredibly sensitive data to protect from ransomware. The post How to Protect the Healthcare Supply Chain from Ransomware appeared first on Security Boulevard.

Healthcare 98

Healthcare Ransomware 98

Security Affairs

OCTOBER 6, 2022

The City of Tucson, Arizona disclosed a data breach, the incident was discovered in May 2022 and impacted 123,500 individuals. The security breach was discovered at the end of May 2022 and concluded the investigation in September. According to the notification letter sample provided to the Maine Attorney General’s Office, over 123,500 were impacted have been impacted by the incident. “On August 4, 2022, the City learned that certain files may have been copied and taken from the City’s ne

Data breaches 95

Data breaches Identity Theft Cyber Attacks Hacking 95

Security Boulevard

OCTOBER 6, 2022

What is ERP Security (and Why Does it Matter?). maaya.alagappan. Thu, 10/06/2022 - 16:38. This month marks CISA’s 19th Cybersecurity Awareness Month , a joint effort between the government and public to raise awareness of the importance of cybersecurity. This year's theme, "See Yourself in Cyber," demonstrates that while cybersecurity may seem like a complex subject, it comes down to people playing their part in the security of their home and organization. .

Risk 97

Risk Manufacturing Threat Detection Cybersecurity 97

Heimadal Security

OCTOBER 6, 2022

Exchange Online users are warned about the increasing number of password spray attacks that use Microsoft’s Exchange Basic Authentication feature. The warning from Microsoft’s Exchange team comes as the Basic Authentication (Basic Auth), “an outdated industry standard”, is gradually being deprecated for Exchange Online, beginning October 1, 2022.

Passwords 93

Passwords Authentication Cybersecurity 93

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.