Fri.Jul 16, 2021

REvil is Off-Line

Schneier on Security

This is an interesting development : Just days after President Biden demanded that President Vladimir V. Putin of Russia shut down ransomware groups attacking American targets, the most aggressive of the groups suddenly went off-line early Tuesday. […].

The 15 biggest data breaches of the 21st century

CSO Magazine

In today’s data-driven world, data breaches can affect hundreds of millions or even billions of people at a time. Digital transformation has increased the supply of data moving, and data breaches have scaled up with it as attackers exploit the data-dependencies of daily life.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Ransomware threat to SonicWall Customers

CyberSecurity Insiders

SonicWall that offers next generation firewalls and various Cybersecurity solutions has announced that its customers using certain products are at a risk of being cyber attacked with ransomware.

Ransomware is the New-age Atomic Bomb

Security Boulevard

Ransomware can start cyber warfare! This is why. What if you can’t drive to your office because the traffic lights are red everywhere? You were to travel somewhere but you can’t take a train because the train control systems are not working.

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

Israeli Firm Helped Governments Target Journalists, Activists with 0-Days and Spyware

The Hacker News

Two of the zero-day Windows flaws patched by Microsoft as part of its Patch Tuesday update earlier this week were weaponized by an Israel-based company called Candiru in a series of "precision attacks" to hack more than 100 journalists, academics, activists, and political dissidents globally.

Stalkers: ‘Ugly Truth’ of Facebook Staff Abusing Private Data

Security Boulevard

A new book exposes yet another Facebook failure for the social media firm to say sorry about. But nothing’s going to change. The post Stalkers: ‘Ugly Truth’ of Facebook Staff Abusing Private Data appeared first on Security Boulevard.

Media 106

More Trending

What is a PCI Audit? And How to Get Your Business Ready

Security Boulevard

Today, payment card fraud is a booming business with no signs of slowing—out of every hundred dollars spent. Read More. The post What is a PCI Audit? And How to Get Your Business Ready appeared first on Hyperproof. The post What is a PCI Audit?

Vacationing? How to avoid the cybersecurity blues

We Live Security

From securing your devices to avoiding public Wi-Fi hotspots for logging into apps we look at measures you can take to remain safe while this holiday season. The post Vacationing? How to avoid the cybersecurity blues appeared first on WeLiveSecurity. Cybersecurity

LogRhythm is a Nine-Time Gartner SIEM Magic Quadrant Leader

Security Boulevard

LogRhythm was named a Leader in the 2021 Gartner Magic Quadrant for Security Information and Event Management (SIEM) report for the ninth consecutive time. Once again, we are incredibly honored by this distinction and believe it is a testament to….

97

The Matt Hancock CCTV footage leak – why it’s right for the ICO to investigate

Graham Cluley

The ICO, the UK's data watchdog, has raided two properties while investigating the leak of CCTV footage from inside the Department of Health and Social Care. Data loss Privacy CCTV Coronavirus data breach Downing Street ico Matt Hancock UK government

What’s at Stake When the Transportation Sector Lags Behind in Cybersecurity

Security Boulevard

Our 40-minute commute to work in the morning can feel like an insular event. Whether it’s by bus, train, ferry, or car - it can be hard to place this single event within the vast network of transit that occurs every day.

The number of false positive security alerts is staggering. Here's what you can do to reduce yours

Tech Republic Security

Nearly half of all cybersecurity alerts are false positives, and 75% of companies spend an equal amount of time, or more, on them than on actual attacks, a Fastly/ESG report reveals

A Security Checklist for Your Startup

Security Boulevard

Use this actionable checklist tailored towards startups to secure your new and growing organization. The post A Security Checklist for Your Startup appeared first on JumpCloud. The post A Security Checklist for Your Startup appeared first on Security Boulevard.

Kaseya attack: "Yes, we can do something about this, and we should do something about this"

Tech Republic Security

The Kaseya attack is especially unique because it didn't begin with a password breach, and the companies were following cybersecurity best practices. So, how can we protect against this threat

Case Study: High Security Architecture for Healthcare Networks

Security Boulevard

Cyber attacks against the healthcare industry continue to rise. The recent cautionary tale of the University of Vermont Health Network’s ransomware scare is but one example of how attackers are ramping up to steal data and disrupt services.

Google patches Chrome zero?day vulnerability exploited in the wild

We Live Security

The newest update fixes a total of eight vulnerabilities affecting the desktop versions of the popular browser. The post Google patches Chrome zero‑day vulnerability exploited in the wild appeared first on WeLiveSecurity. Vulnerability

89

Cybersecurity News Round-Up: Week of July 16, 2021

Security Boulevard

Multiple REvil ransomware sites are down on the dark web, CISA orders federal agencies to disable the Microsoft Windows Print Spooler service in response to the so-called “PrintNightmare” and the White House announces a Ransomware taskforce to stop the wave of attacks.

New enhanced Joker Malware samples appear in the threat landscape

Security Affairs

The Joker malware is back, experts spotted multiple malicious apps on the official Google Play store that were able to evade scanners. Experts reported an uptick in malicious Android apps on the official Google Play store laced with the Joker mobile trojan.

Ask Chloé: Returning to the Office

Security Boulevard

Welcome to the Ask Chloé column on Security Boulevard! Each week, Chloé provides answers to readers’ questions to help guide them as they navigate the technology industry. This week, Chloé discusses cybersecurity companies’ push to return workers to physical offices.

Serious Privacy Podcast – Fast Privacy: Updates and Fan Questions

TrustArc

On this week of Serious Privacy, Paul Breitbarth and K Royal covered a broad range of privacy developments along with responding to questions from listeners. New developments includ the new Colorado Privacy Act, SB21-190.

87

Top 4 Ways Behavioral Biometrics Boosts Privacy & Compliance

Security Boulevard

The pandemic has introduced completely new challenges, as entire workforces began working remotely with little or no time to prepare.

Kaseya ransomware attack should be a wake-up call to all of us, expert says

Tech Republic Security

Thousands of small- and medium-sized businesses were affected, just because they trusted their suppliers. How can companies protect against this sort of breach

Intel Enables Better Data Security with Crypto Acceleration

Security Boulevard

Data is essentially the “oil” or “gold” of the Internet Era. Data is crucial for both businesses and individuals—and has significant value for cybercriminals. Data needs to be protected, but that is often easier said than done.

Popular Fashion Seller Guess Alerts Its Clients Over Possible Data Breach

Hacker Combat

World-renowned fashion retailer; Guess confirmed over the course of the past week that some of its clients had their confidential data compromised in a brutal ransomware attack that the fashion giant first noted in February of this year.

This npm Package Could Have Brought Down Cloudflare’s Entire CDN and Millions of Websites

Security Boulevard

Cloudflare has patched a critical vulnerability in its open source content delivery network, CDNJS. The issue threatened the security, integrity, and availability of the wider supply chain.

86

Hackers Got Past Windows Hello by Tricking a Webcam

WIRED Threat Level

The security researchers used an infrared photos and third-party hardware to best Microsoft's facial recognition tech. Security Security / Security News

85

Facebook Suspends Accounts Used by Iranian Hackers to Target US Military Personnel

The Hacker News

Facebook on Thursday disclosed it dismantled a "sophisticated" online cyber espionage campaign conducted by Iranian hackers targeting about 200 military personnel and companies in the defense and aerospace sectors in the U.S., and Europe using fake online personas on its platform.

Media 81

Biden Administration announces flurry of new anti-ransomware efforts

CSO Magazine

Under pressure to halt ongoing and highly damaging ransomware attacks from Russian criminal groups, the Biden administration yesterday announced a flurry of defensive initiatives to deal with the crisis.

CSO 78

How to install SELinux on Ubuntu Server 20.04

Tech Republic Security

If you've already spent the time learning SELinux, but have to deploy Ubuntu as a server operating system, you can install SELinux and be on familiar ground. Jack Wallen shows you how

111
111

How purple team operations helped defend the Pentagon — and can help your security team today.

Security Boulevard

The purple team construct is changing cybersecurity for the better. Here is how you build, lead, and manage effective purple team operations. The post How purple team operations helped defend the Pentagon — and can help your security team today. appeared first on AttackIQ.

Researchers Create New Approach to Detect Brand Impersonation

Dark Reading

A team of Microsoft researchers developed and trained a Siamese Neural Network to detect brand impersonation attacks

76

Instagram Security Check hopes to make life harder for account hackers

Graham Cluley

Instagram has rolled out a new feature in the hope of better securing its one billion monthly active users' accounts. Is your account properly protected? Read more in my article on the Hot for Security blog. Guest blog Phishing Social networks Instagram phishing

US offers huge reward in fight against state-sponsored cybercriminals

Malwarebytes

The US Department of State has announced that its Rewards for Justice (RFJ) program is now offering: …up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S.

Google Chrome 91.0.4472.164 fixes a new zero-day exploited in the wild

Security Affairs

Google Chrome 91.0.4472.164 addresses seven security vulnerabilities, including a high severity zero-day flaw exploited in the wild.

Want to earn $10 million? Snitch on a cybercrook!

Naked Security

Will going after the big guns help to discourage and disrupt the rest of the cybercrime ecosystem? Have your say. Law & order Malware bust Cybercrime Department of State reward

Top XDR Solutions for 2021

eSecurity Planet

Extended detection and response (XDR) has emerged in the last few years as a new approach by cybersecurity vendors to unify their products into a comprehensive security offering.