Schneier on Security
DECEMBER 6, 2021
From Ontario and not surprising : Since September 2021, officers have investigated five incidents where suspects have placed small tracking devices on high-end vehicles so they can later locate and steal them. Brand name “air tags” are placed in out-of-sight areas of the target vehicles when they are parked in public places like malls or parking lots.
The Last Watchdog
DECEMBER 6, 2021
For IT leaders, passwords no longer cut it. They’re expensive, difficult for employees to keep track of, and easy for hackers to utilize in cyberattacks. So why are they still around? Related: IT pros support passwordless access. This traditional authentication method is challenging to get rid of, mostly because it’s so common. Every new account you sign up for, application you download, or device you purchase requires a password.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
DECEMBER 6, 2021
From 5G transforming personal computing to better healthcare, technology in 2022 will do a lot of heavy lifting.
Security Boulevard
DECEMBER 6, 2021
The history of deep fake technology is surprisingly long. Researchers at academic institutions have been developing deep fake tech since the early 1990s. The idea is even older, as popular science fiction—like the 1987 film The Running Man—can attest. But deep fakes are no longer relegated to the realm of sci-fi; they are, in fact, The post Your CEO Isn’t Real: How to Deal With Deep Fakes appeared first on Security Boulevard.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Tech Republic Security
DECEMBER 6, 2021
YARA won't replace antivirus software, but it can help you detect problems more efficiently and allows more customization. Learn how to write YARA rules to improve security and incident response.
Security Boulevard
DECEMBER 6, 2021
Researchers running automated pentests against nine consumer routers discovered a bucketful of bugs. Vendors such as TP-Link and Linksys came off worst. The post Home Routers are Full of Security Bugs—Patch NOW appeared first on Security Boulevard.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Bleeping Computer
DECEMBER 6, 2021
The Nobelium hacking group continues to breach government and enterprise networks worldwide by targeting their cloud and managed service providers and using a new custom "Ceeloader" malware. [.].
CSO Magazine
DECEMBER 6, 2021
The recent unsealing of a grand jury multi-count indictment for Nikolas Sharp provides a unique and convoluted series of criminal events. It seems Sharp undertook to put approximately $2 million into his pocket via a data theft and extortion effort, with a twist of “whistleblower” claims thrown in to confuse investigators in an attempt at self-exoneration.
Bleeping Computer
DECEMBER 6, 2021
Microsoft seized today dozens of malicious sites used by the Nickel China-based hacking group to target organizations in the US and 28 other countries worldwide. [.].
Security Boulevard
DECEMBER 6, 2021
Networks are becoming increasingly complex as organizations adopt a raft of new technologies and services, including edge computing, automation, connected devices, sensors and 5G. These complex networks undergird the essential services of organizations across sectors. These architectures support efficiency and performance, but they also expand the organization’s attack surface.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
We Live Security
DECEMBER 6, 2021
Ever since the Morris worm, buffer overflows have become notorious fare in the world of vulnerabilities. The post What are buffer overflow attacks and how are they thwarted? appeared first on WeLiveSecurity.
CyberSecurity Insiders
DECEMBER 6, 2021
This blog was written by an independent guest blogger. Retailers around the world are preparing for a chaotic holiday season. Supply chain disruptions are causing issues , and the ongoing COVID-19 pandemic is something retailers need to keep in mind, especially when operating a brick-and-mortar location. Another pressing issue that retailers of all sizes need to address before the peak of the holiday season is the risk of facing a cybersecurity crisis.
Bleeping Computer
DECEMBER 6, 2021
Approximately 330 SPAR shops in North East England face severe operational problems following a weekend cyberattack, forcing many stores to close or switch to cash-only payments. [.].
CyberSecurity Insiders
DECEMBER 6, 2021
Spar, a supermarket chain in UK, has admitted that some of its digital services were disrupted, causing some of its stores to shut their doors since Sunday for the entire week. The attack that could be of ransomware variant has reportedly affected the businesses of over 2600 stores located across UK as they could not process card payments and digital payments made through e-wallets.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Bleeping Computer
DECEMBER 6, 2021
Nordic Choice Hotels has now confirmed a cyber attack on its systems from the Conti ransomware group. Although there is no indication of card or payment information being affected, information pertaining to guest bookings was potentially leaked. [.].
CSO Magazine
DECEMBER 6, 2021
Cybercriminal gangs from Eastern Europe have always followed a rule: Don't steal from Russians or their former Soviet allies. Groups like REvil or DarkSide put kill switches inside their malicious code, checking if the language on the machine it lands on is Russian, Ukrainian, Georgian, Armenian, or Romanian. If it is, the malware simply fails to install.
Security Boulevard
DECEMBER 6, 2021
In light of a recent Cybereason research report, Organizations at Risk: Ransomware Attackers Don’t Take Holidays , regarding the prevalence of ransomware attacks that occur during off-hours, it’s imperative that we look towards robust AI security solutions, such that you can know your organization is protected even when none of your staff is online.
Security Affairs
DECEMBER 6, 2021
A cyber attack hit the international supermarket franchise SPAR forcing 330 shops in North East England to shut down. A cyberattack hit the international supermarket franchise SPAR impacting the operations at 330 shops in North East England. Many stores were forced to close or switch to cash-only payments after the attack. SPAR operates 13,320 stores in 48 countries as of 2019, but the cyberattack hit only stores in Lancashire county.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Graham Cluley
DECEMBER 6, 2021
Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Ransomware attacks dominate the cybersecurity news headlines, with businesses all over the world wondering if they will be the next victim. It’s a legitimate, and growing fear, as the attackers get more … Continue reading "Ransomware – how to stop it, and how to survive an attack.
Threatpost
DECEMBER 6, 2021
Tony Lauro, director of Security Technology & Strategy at Akamai, discusses VPNs, RDP, flat networks, BYOD and other network-security bugbears.
Security Boulevard
DECEMBER 6, 2021
The concept of network-based zero-trust is a popular commodity across the cybersecurity sector, but as surprising as it may sound, most approaches to the concept are a byproduct of an outdated legacy mindset. A simple Google search for zero-trust will produce countless articles detailing the vast benefits of access control, two-factor authentication and zero-trust network.
Cisco Security
DECEMBER 6, 2021
Digital attacks grew in both volume and sophistication in 2020. As reported by PR Newswire , the number of complaints received by the FBI’s Cyber Division numbered as many as 4,000 a day during the first half of 2020—400% more than it was in the first few months of that year. (Interpol warned of an “alarming rate of cyberattacks aimed at major corporations, governments, and critical infrastructure” around that same time, as noted by ABC News.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Security Boulevard
DECEMBER 6, 2021
State-sponsored cyberattacks against Federal Agencies are here to stay. There are simply too many ways. The post How Federal Agencies Can Thwart Nation-State Attacks appeared first on Gurucul. The post How Federal Agencies Can Thwart Nation-State Attacks appeared first on Security Boulevard.
CyberSecurity Insiders
DECEMBER 6, 2021
The end of the year is a good time to reflect on the past 12 months and create a plan to improve in 2022. Like years past, 2021 revealed more of the same for the cybersecurity industry—more breaches, bigger ransomware attacks, higher stakes. Some of the most disruptive cyberattacks occurred this year, such as JBS Foods, Kaseya and Colonial Pipeline.
The Hacker News
DECEMBER 6, 2021
Mozilla is beginning to roll out Firefox 95 with a new sandboxing technology called RLBox that prevents untrusted code and other security vulnerabilities from causing "accidental defects as well as supply-chain attacks.
CyberSecurity Insiders
DECEMBER 6, 2021
Microsoft has shut down 42 websites that were related to Chinese intelligence and were indulging in espionage and intelligence gathering. The tech giant has made it official that the websites that were pulled down were found targeting politicians, think tanks, individuals linked to human right organizations from US and across the world. The Satya Nadella led company said in a statement that all the websites were linked to a hacking group named Nickel that was also known with the names such as Ro
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Security Boulevard
DECEMBER 6, 2021
From Ontario and not surprising : Since September 2021, officers have investigated five incidents where suspects have placed small tracking devices on high-end vehicles so they can later locate and steal them. Brand name “air tags” are placed in out-of-sight areas of the target vehicles when they are parked in public places like malls or parking lots.
Bleeping Computer
DECEMBER 6, 2021
Microsoft is offering discounts of up to 50% on Microsoft 365 subscriptions to those using pirated versions of Microsoft Office willing to switch to a genuine version. [.].
Security Boulevard
DECEMBER 6, 2021
For IT leaders, passwords no longer cut it. They’re expensive, difficult for employees to keep track of, and easy for hackers to utilize in cyberattacks. So why are they still around? Related: IT pros support passwordless access. This traditional authentication … (more…). The post GUEST ESSAY: How the FIDO Alliance helps drive the move to passwordless authentication appeared first on Security Boulevard.
CyberSecurity Insiders
DECEMBER 6, 2021
As internet is becoming a part of everyday lives, some criminals are using it to satiate their vengeance needs and to gain monetary benefits. Online frauds, KYC related frauds, ransomware spread, identity thefts, crypto jacking and mining, social media stalking, job frauds, cyber terrorism, distribution and spread of X rated stuff are some crimes that are surging because of extensive usage of internet related services with no legal boundaries and barriers.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
312 
Let's personalize your content