Thu.Jan 19, 2023

article thumbnail

Security Analysis of Threema

Schneier on Security

A group of Swiss researchers have published an impressive security analysis of Threema. We provide an extensive cryptographic analysis of Threema, a Swiss-based encrypted messaging application with more than 10 million users and 7000 corporate customers.

article thumbnail

New T-Mobile Breach Affects 37 Million Accounts

Krebs on Security

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years.

Mobile 227
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Pwned or Bot

Troy Hunt

It's fascinating to see how creative people can get with breached data. Of course there's all the nasty stuff (phishing, identity theft, spam), but there are also some amazingly positive uses for data illegally taken from someone else's system.

article thumbnail

As a cybersecurity blade, ChatGPT can cut both ways

Tech Republic Security

The cybersecurity implications of ChatGPT are vast, especially for email exploits, but putting up guardrails, flagging elements of phishing emails that it doesn’t touch and using it to train itself could help boost defense.

Phishing 156
article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

article thumbnail

EmojiDeploy Attack Chain Targets Misconfigured Azure Service

Dark Reading

Multiple misconfigurations in a service that underpins many Azure features could have allowed an attacker to remotely compromise a cloud user's system

114
114
article thumbnail

Secure your email with this top-rated backup service

Tech Republic Security

Mail Backup X is the ultimate solution to protect your email from corruptions and crashes. The post Secure your email with this top-rated backup service appeared first on TechRepublic. Security Tech & Work email email backup mail backup x

Backups 110

More Trending

article thumbnail

Understanding Malware-as-a-Service (MaaS): The future Of cyber attack accessibility

CyberSecurity Insiders

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. With the explosive growth of technology, businesses are more vulnerable than ever to malicious cyber attacks.

article thumbnail

Attackers Crafted Custom Malware for Fortinet Zero-Day

Dark Reading

The "BoldMove" backdoor demonstrates a high level of knowledge of FortiOS, according to Mandiant researchers, who said the attacker appears to be based out of China

Malware 110
article thumbnail

New T-Mobile Breach Affects 37 Million Accounts

Security Boulevard

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years.

Mobile 105
article thumbnail

Ransomware attack on Yum Brands Inc closes 300 restaurants in the UK

CyberSecurity Insiders

Yum Brands Inc, officially the owner of top food chain restaurants KFC, Taco Bell and Pizza Hut, was reportedly hit by a ransomware attack, forcing the IT staff to close about 300 eatery outlets across the United Kingdom.

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

article thumbnail

Tech support scammers are still at it: Here’s what to look out for in 2023

We Live Security

Hello, is it me you’re looking for? Fraudsters still want to help you fix a computer problem you never had in the first place. The post Tech support scammers are still at it: Here’s what to look out for in 2023 appeared first on WeLiveSecurity Scams

Scams 88
article thumbnail

Cyber Attack news headlines trending on Google

CyberSecurity Insiders

The first news that is trending is associated with financial service provider PayPal. News is out that social security numbers of nearly 35,000 users were leaked in a cyber attack that could have emerged from a credential stuffing campaign launched by a state funded actor.

article thumbnail

Cybersecurity in the Metaverse Will Require New Approaches

eSecurity Planet

Despite challenges faced by Meta and others, there remains optimism for the metaverse. The PwC 2022 U.S. Business and Consumer Metaverse Survey highlights this. The survey, which included over 5,000 consumers and 1,000 U.S.

article thumbnail

Massive Adware Campaign Shuttered

Dark Reading

Mainly Apple iOS in-app ads were targeted, injecting malicious JavaScript code to rack up phony views

Adware 84
article thumbnail

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

article thumbnail

Securing Digital Identities in 2023 and Beyond

Security Boulevard

The need to secure digital identities remains one of the most urgent tasks facing modern enterprises. Stolen or compromised credentials continue to be not only the most common cause of a data breach but also the most difficult to identify and most expensive.

article thumbnail

Critical Microsoft Azure RCE flaw impacted multiple services

Security Affairs

Researchers found a new critical remote code execution (RCE) flaw impacting multiple services related to Microsoft Azure.

article thumbnail

ManageEngine CVE-2022-47966 Technical Deep Dive

Security Boulevard

Introduction On January 10, 2023, ManageEngine released a security advisory for CVE-2022-47966 (discovered by Khoadha of Viettel Cyber Security) affecting a wide range of products.

article thumbnail

PayPal accounts breached in large-scale credential stuffing attack

Bleeping Computer

PayPal is sending out notices of a data breach to thousands of users who had their accounts accessed by credential stuffing actors, resulting in the compromise of some personal data. [.] Security

article thumbnail

How to Avoid the Pain and Cost of PCI Compliance While Optimizing Payments

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

article thumbnail

Former Uber CISO Conviction Affirmed by Trial Court

Security Boulevard

On January 11, 2023, presiding United States District Judge William Orrick in San Francisco denied the motion of Joe Sullivan, the former CISO of Uber, for a judgment of acquittal.

CISO 82
article thumbnail

Name That Toon: Poker Hand

Dark Reading

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card

78
article thumbnail

T-Mobile hacked to steal data of 37 million accounts in API data breach

Bleeping Computer

T-Mobile disclosed a new data breach after a threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts through one of its Application Programming Interfaces (APIs). [.] Security

article thumbnail

Cisco fixes SQL Injection flaw in Unified CM

Security Affairs

A high-severity flaw (CVE-2023-20010) was found in Cisco Unified Communications Manager and Unified Communications Manager Session Management Edition.

article thumbnail

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

article thumbnail

New 'Hook' Android malware lets hackers remotely control your phone

Bleeping Computer

A new Android malware named 'Hook' is being sold by cybercriminals, boasting it can remotely take over mobile devices in real-time using VNC (virtual network computing). [.] Security Mobile

Malware 111
article thumbnail

As Social Engineering Tactics Change, So Must Your Security Training

Dark Reading

Craft specific awareness training for high-exposure teams like finance, and reinforce other critical awareness training across the organization

article thumbnail

Ransom-what? Learning from Hacked Hackers

SecureWorld News

Did you hear the one about how the hacker got away from the FBI? He ran-some-where.

Backups 75
article thumbnail

Remote Leadership: How To Lead And Manage a Remote Team

SecureBlitz

In this post, I will talk about remote leadership and how to lead and manage a remote team. Being a good leader is hard enough in an office. But when you have to deal with remote teams, the process becomes much more complicated.

article thumbnail

2023: Perspectives from the ForgeRock C-Suite

Security Boulevard

Predictions on insider threats, passwordless authentication, artificial intelligence, and more Few industries move as quickly as cybersecurity, broadly, and the identity and access management (IAM) segment, specifically.

Retail 72
article thumbnail

Just How Critical Is Customer Onboarding?

SecureBlitz

ssSometimes many businesses fall short with the customer journey regarding customer onboarding. They feel that enough resources have been allocated to get the customer to sign the contract deal, install the product, follow the instructions, and that’s it. Money collected and time to move on.

article thumbnail

Roaming Mantis Uses DNS Changers to Target Users via Compromised Public Routers

Dark Reading

DNS 72
article thumbnail

How To Unblock New Netflix Shows

SecureBlitz

This post will show you how to unblock new Netflix shows… Netflix has quickly become one of the most popular streaming platforms in the world. Its ease of access, cost-effective, all-in-one solution is ideal for a modern world where instant gratification thrives.

article thumbnail

Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware

The Hacker News

A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a European government entity and a managed service provider (MSP) located in Africa.

VPN 102
article thumbnail

Ethically Exploiting Vulnerabilities: A Play-by-Play

Dark Reading

There's a fine line between a hacker and an attacker, but it pays to be proactive. Consider tests by ethical hackers, a red team, or pen testers, and then bolster your company's defenses against malicious attacks

70