Lohrman on Security
APRIL 16, 2023
As a keynote speaker and multiday attendee at Europe’s largest cybersecurity conference, here are some of my top takeaways from a thought-provoking, global event with a distinctly European flare.
CyberSecurity Insiders
APRIL 16, 2023
Email is a vital communication tool for organizations across industries but also serves as a primary attack vector for cybercriminals. To combat the evolving threats landscape, organizations must proactively address email security challenges. This e-guide offers an in-depth understanding of the email security landscape, actionable guidance on implementing and maintaining robust email security solutions, and an overview of top email security vendors.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Bleeping Computer
APRIL 16, 2023
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of a high-severity Android vulnerability believed to have been exploited by a Chinese e-commerce app Pinduoduo as a zero-day to spy on its users. [.
The Hacker News
APRIL 16, 2023
A novel credential-stealing malware called Zaraza bot is being offered for sale on Telegram while also using the popular messaging service as a command-and-control (C2). "Zaraza bot targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors," cybersecurity company Uptycs said in a report published last week.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Bleeping Computer
APRIL 16, 2023
The LockBit ransomware gang has created encryptors targeting Macs for the first time, likely becoming the first major ransomware operation to ever specifically target macOS. [.
Malwarebytes
APRIL 16, 2023
Compromised websites are causing big headaches for Chrome users. A campaign running since November 2022 is using hacked sites to push fake web browser updates to potential victims. Researcher Rintaro Koike says this campaign has now expanded to also target those who speak Korean, Spanish, and Japanese. Additionally, Bleeping Computer notes that some of the affected sites include news, stores, and adult portals.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Malwarebytes
APRIL 16, 2023
In a recent security advisory , Google says it patched a high-severity zero-day security flaw in its Chrome browser— the first in 2023 —currently being exploited in the wild by threat actors. The company urges all its Windows, Mac, and Linux users to update to version 112.0.5615.121 immediately, as this flaw is present in Chrome versions before this one.
Security Affairs
APRIL 16, 2023
Microsoft warns of a new Remcos RAT campaign targeting US accounting and tax return preparation firms ahead of Tax Day. Ahead of the U.S. Tax Day, Microsoft has observed a new Remcos RAT campaign targeting US accounting and tax return preparation firms. The phishing attacks began in February 2023, the IT giant reported. Remcos is a legitimate remote monitoring and surveillance software developed by the company BreakingSecurity.
Malwarebytes
APRIL 16, 2023
Last week, the IRS reminded taxpayers that Tax Day, April 18, is Tuesday this week. However, in some states like Alabama, California, and New York, the federal office extended the filing deadlines due to natural disasters. This is an excellent reason for scammers to keep launching tax scam campaigns even when tax is due tomorrow for most Americans. Just a few weeks ago, we wrote about a fake IRS tax email carrying a malware payload: Emotet.
Security Affairs
APRIL 16, 2023
NCR was the victim of the BlackCat/ALPHV ransomware gang, the attack caused an outage on the company’s Aloha PoS platform. NCR Corporation , previously known as National Cash Register, is an American software, consulting and technology company providing several professional services and electronic products. It manufactures self-service kiosks, point-of-sale terminals, automated teller machines, check processing systems, and barcode scanners.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Security Boulevard
APRIL 16, 2023
As a keynote speaker and multiday attendee at Europe’s largest cybersecurity conference, here are some of my top takeaways from a thought-provoking, global event with a distinctly European flare. The post Europe, Cyber and the Cloud: A View from the International Cybersecurity Forum appeared first on Security Boulevard.
Security Affairs
APRIL 16, 2023
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. New Android malicious library Goldoson found in 60 apps +100M downloads Siemens Metaverse exposes sensitive corporate data CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog Volvo retailer leaks sensitive files A cyberattack on the Cornwall Community Hospital in Ontario is causing treatment delays Googl
CyberSecurity Insiders
APRIL 16, 2023
WhatsApp, owned by Facebook, has introduced three new account protection features to enhance the security and privacy of its users, in line with current expectations. These features, which will be rolled out in a month, will help prevent users from being targeted with malware and unauthorized access. The “Account Protect” feature will add an extra layer of security to user accounts by requiring a PIN to enter the account.
Malwarebytes
APRIL 16, 2023
The internet is full of Airbnb scams and accounts told by victims. But there is a twist in this latest story-gone-viral that is usually lacking in most narratives: The victim evens the score. Airbnb host and scammer "Mr. Tyler" met his match when his would-be guest, TikTok user Olivia ( @livvoogus ), discovered his personal information after arriving at a property in Florida she could not get into.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
CyberSecurity Insiders
APRIL 16, 2023
Cloud-based security solutions have become increasingly popular in recent years, as more and more businesses are moving their operations to the cloud. Cloud-based security solutions are designed to provide businesses with a reliable and cost-effective way to secure their digital assets and protect against cyber attacks. However, there is still a lot of debate surrounding the reliability of these solutions.
Malwarebytes
APRIL 16, 2023
Last week on Malwarebytes Labs: How the cops buy a "God view" of your location data, with Bennett Cyphers: Lock and Code S04E09 Apple releases emergency updates for two known-to-be-exploited vulnerabilities Don't plug your phone into a free charging station, warns FBI KFC, Pizza Hut owner employee data stolen in ransomware attack Update now! April’s Patch Tuesday includes a fix for one zero-day Google Pay accidentally handed out free money, bug now fixed Sextortion "assistance" scammers co
Security Boulevard
APRIL 16, 2023
Securing a VPN with 2-factor Authentication (2FA) provides an additional layer of security to protect your online activities and data. Here are some reasons why you should consider using 2FA for your VPN:Prevents unauthorized access: 2FA ensures that only authorized users can access your VPN, as it requires a second layer of Authentication in addition [.
Security Boulevard
APRIL 16, 2023
Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Security ’22 – Alex Ozdemir, Dan Boneh – ‘Experimenting With Collaborative zk-SNARKs: Zero-Knowledge Proofs For Distributed Secrets ‘ appeared first on Security Boulevard.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Security Boulevard
APRIL 16, 2023
Law enforcement agencies across 17 countries have cracked down on Genesis Market, one of the largest criminal marketplaces, resulting in the arrests of 120 people globally. Popular family safety app, Life360, has been used by sex traffickers to monitor and control their victims, highlighting the increasing use of GPS technology by criminals. A recent news […] The post Genesis Market Crackdown, Life360 App Misuse, Tesla Customer Privacy Concerns appeared first on Shared Security Podcast.
Expert insights. Personalized for you.
280 
Let's personalize your content