Tech Republic Security
JULY 19, 2022
CSRB has released a report saying that the Log4j exploit is here to stay long-term, meaning businesses should be ready in case of a cyber attack. The post Cyber Safety Review Board classifies Log4j as ‘endemic vulnerability’ appeared first on TechRepublic.
Bleeping Computer
JULY 19, 2022
An Israeli security researcher has demonstrated a novel attack against air-gapped systems by leveraging the SATA cables inside computers as a wireless antenna to emanate data via radio signals. [.].
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
JULY 19, 2022
Jack Wallen offers 5 tips for securing Linux that you can take care of in 5 minutes or less. The post 5 tips for securing SSH on your Linux servers appeared first on TechRepublic.
Javvad Malik
JULY 19, 2022
Some interesting research from Malwarebytes Labs. The first was around verified Twitter accounts receiving direct messages apparently from Twitter which claimed their accounts had been flagged for hate speech. They would then be redirected to a fake Twitter help centre to input their login credentials. The second was a Discord phishing campaign where people would recieve messages being accsed of sending explicit photos.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Tech Republic Security
JULY 19, 2022
The goal is to help alleviate the estimated 700,000 vacancies in cybersecurity jobs in the U.S. The post Tech companies pledge free cybersecurity training at White House summit Tuesday appeared first on TechRepublic.
CyberSecurity Insiders
JULY 19, 2022
Artificial Intelligence (AI) Scientists have devised a new tool that can detect respiratory illnesses like TB and COVID-19 by just analyzing the sound of the patient’s cough. It can sound over-exaggerated, but is true! A Government Hospital for Chest and Communicable Disease attached to the Andhra Medical College (AMC) has found the technique to detect Corona and Tuberculosis to aid doctors and patients termed in medication to cure it as early as possible.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
CSO Magazine
JULY 19, 2022
The last decade has seen its fair share of watershed moments that have had major implications on the cybersecurity landscape. Severe vulnerabilities, mass exploitations, and widespread cyberattacks have reshaped many aspects of modern security. To take stock of the past 10 years, cybersecurity vendor Trustwave has published the Decade Retrospective: The State of Vulnerabilitie s blog post featuring a list of what it considers to be the 10 most prominent and notable network security issues and br
Tech Republic Security
JULY 19, 2022
Cyber fusion centers provide advanced security capabilities. Learn how your organization can strengthen its cyberdefense mechanism through a cyber fusion center. The post How to leverage the power of cyber fusion centers for organizational security appeared first on TechRepublic.
Security Boulevard
JULY 19, 2022
Typosquatting is a form of cybersquatting or domain squatting in which the typo-squatter will register malicious website domain names that are typos or misspellings of popular websites. The post What is Typosquatting? Learn how to defend against it. appeared first on Cyphere | Securing Your Cyber Sphere. The post What is Typosquatting? Learn how to defend against it. appeared first on Security Boulevard.
CyberSecurity Insiders
JULY 19, 2022
Cybereason, the XDR company, has issued a global threat alert advisory, warning global organisations about a rise in ransomware attacks from the Black Basta gang. The Black Basta gang emerged in April 2022 and has victimised nearly 50 companies in the United States, United Kingdom, Australia, New Zealand and Canada. Organisations in English speaking countries appear to be targets.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Security Boulevard
JULY 19, 2022
The Cybersecurity and Infrastructure Security Agency (CISA) has established a post-quantum cryptography initiative that aims to unify agency efforts regarding the threats posed by quantum computing. The initiative builds on existing Department of Homeland Security (DHS) efforts and those that are underway to support critical infrastructure and government network owners and operators during the transition.
CSO Magazine
JULY 19, 2022
Darktrace has announced a new set of AI products designed to deliver proactive security to help organizations pre-empt cyberthreats. The PREVENT products are the latest additions to the firm’s artificial intelligence (AI)-driven portfolio, which it claimed works together autonomously to optimize an organization’s state of security through a continuous feedback loop.
Dark Reading
JULY 19, 2022
A GPS device from MiCODUS has six security bugs that could allow attackers to monitor 1.5 million vehicles that use the tracker, or even remotely disable vehicles.
Security Affairs
JULY 19, 2022
Google blocked dozens of malicious apps from the official Play Store that were spreading Joker, Facestealer, and Coper malware families. Google has removed dozens of malicious apps from the official Play Store that were distributing Joker, Facestealer, and Coper malware families. Researchers from security firms Pradeo discovered multiple apps spreading the Joker Android malware.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Approachable Cyber Threats
JULY 19, 2022
Category Awareness, Cybersecurity Fundamentals, Physical Security. Risk Level. “What is RFID and what is it used for?” Radio-Frequency Identification (RFID) is not a new technology. In fact, it’s been around since the 1940s. You’ve probably been using it for years and didn’t even realize it. So what is RFID? RFID uses electromagnetic fields in the form of radio waves to establish communication links between an RFID tag or transmitter and an RFID reader or receiver.
Bleeping Computer
JULY 19, 2022
Cybersecurity researchers have discovered three Android malware families infiltrating the Google Play Store, hiding their malicious payloads inside many seemingly innocuous applications. [.].
InfoWorld on Security
JULY 19, 2022
Who owns software supply chain security? Developers? Or the platform and security engineering teams supporting them? In the past, the CIO, CISO, or CTO and their security team would decide which Linux distribution, operating system, and infrastructure platform the company would be getting its support contracts and security SLAs from. Today, developers do this all in Docker Files and GitHub Actions, and there isn’t the same kind of organizational oversight that existed before things shifted left
Security Boulevard
JULY 19, 2022
A survey of the post-Log4j landscape found few successful hacks linked to it. The bad news? Log4Shell will linger for years — so you need to prepare. The post CISA: Log4j threat will linger for years—so be prepared appeared first on Security Boulevard.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Bleeping Computer
JULY 19, 2022
Vulnerability researchers have found security issues in a GPS tracker that is advertised as being present in about 1.5 million vehicles in 169 countries. [.].
Heimadal Security
JULY 19, 2022
Following attacks on users of Android and iOS in the US, Taiwan, South Korea, Germany, Japan, and the UK, the Roaming Mantis campaign turned its attention to French users, possibly impacting tens of thousands of devices. Security experts think that Roaming Mantis is a financially-motivated Chinese cybercrime group that began attacking individuals living in Europe […].
eSecurity Planet
JULY 19, 2022
Discovered by malware hunter JAMESWT on Twitter, Lilith is ransomware designed to lock Windows machines. The malware exfiltrates data before encrypting the targeted devices to provide additional means of extortion. The ransom note contains the following ultimatum and instructions: Victims have three days to contact the threat actors on a hidden Onion website to pay the ransom.
PCI perspectives
JULY 19, 2022
Despite a lack of women in technology professions, Lizzie Noblecilla Piscoya believes that women have a promising future in cybersecurity. Lizzie believes that women, by their very nature, have an enormous capacity to adapt and to face new challenges, making them a perfect fit for a dynamic industry that is constantly evolving. In this edition of our blog, Lizzie describes the path that led to her own success, and how other women can develop a passion for this industry as she did.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Malwarebytes
JULY 19, 2022
A new phishing campaign targeting PayPal users aims to get extensive data from potential victims. The data it’s after includes government documents like passport, as well as selfie photos. In a nutshell, it’s an extensive form of information theft, the likes of which could result in someone’s identity being fully stolen and their financial and other online accounts being taken over.
TrustArc
JULY 19, 2022
Is navigating PIPL ambiguity making you feel uneasy? Are you wondering if your organization has done enough to comply with the Personal Information Protection Law of the People’s Republic of China? Here's new guidance to help you get your organization PIPL compliant.
Security Boulevard
JULY 19, 2022
A survey of 107 IT professionals suggested existing investments in data protection are doing little to minimize the impact of a ransomware scourge that has reached epidemic proportions. Approximately three-quarters of survey respondents (75%) reported their organizations had data security, prevention and detection and backup and recovery tools in place, yet 59% of those respondents.
CyberSecurity Insiders
JULY 19, 2022
More than 1.9 million patients have been exposed to a ransomware infection after a Colorado-based debt collection firm serving hundreds of medical facilities and hospitals across America was breached. The Professional Finance Company, PFC, suffered a ransomware attack on February 26 and on July 1 confirmed that over 650 healthcare providers were affected by the breach.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Security Boulevard
JULY 19, 2022
A new research has uncovered a unique attack tactic exploiting speculation execution to bypass the current defenses in the AMD and Intel CPUs. Harvesting Spectre-BTI attacks, the exploit initiates potential leakage of sensitive information from a system’s kernel memory. Entitled ‘Retbleed’ by ETH Zurich researchers Johannes Wikner and Kaveh Razavi, the vulnerability counteracts numerous AMD […].
Heimadal Security
JULY 19, 2022
Today I’m sharing insights on how Heimdal stays ahead of the curve in the cyberthreat landscape. We’ll also discuss what I believe is coming to the market, the threats and trends that I expect to see in 2023 and beyond, so keep reading and feel free to share your thoughts with us in the comments […]. The post How Heimdal’s Cybersecurity Strategy Stays Ahead of the Curve in the Cyberthreat Landscape appeared first on Heimdal Security Blog.
Security Boulevard
JULY 19, 2022
Ransomware is a specific type of malicious software (aka malware) that locks up your devices or an organization’s data in order to ransom that access back to you – sometimes to the tune of millions of dollars. Computers lock up, data disappears, or files become encrypted with no way to recover them. The hacker will then contact their victim to. Read More.
Security Affairs
JULY 19, 2022
The U.S. FBI has warned of crooks developing malicious cryptocurrency-themed apps to steal crypto assets from the users. The U.S. Federal Bureau of Investigation (FBI) has warned of crooks creating malicious cryptocurrency-themed apps to steal crypto assets from investors. Crooks contact US investors claiming to offer legitimate cryptocurrency investment services, and attempt to trick them into downloading fraudulent mobile apps that they have created.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
210 
Let's personalize your content