The Last Watchdog

MARCH 27, 2023

Organizations with strong cybersecurity cultures experience fewer cyberattacks and recover faster than others. Related: Deploying human sensors This results from emulating the culture building approaches of high-risk industries like construction that devote sustained attention to embedding safety throughout the organization. For most organizations, building a cybersecurity culture is a necessary evil rather than a cherished goal.

Cybersecurity 171

Cybersecurity Data breaches Ransomware Risk 171

Tech Republic Security

MARCH 27, 2023

GitHub wants you to protect your account with the right type of authentication. The post How to secure your GitHub account with two-factor authentication appeared first on TechRepublic.

Authentication 148

Authentication Accountability Cybersecurity 148

CSO Magazine

MARCH 27, 2023

The French government has banned TikTok and all other “recreational apps” from phones issued to its employees. The Minister of Transformation and the Public Service Stanislas Guerini, said in a statement that recreational applications do not have sufficient levels of cybersecurity and data protection to be deployed on government equipment. This prohibition applies immediately and uniformly, although exemptions may be granted on an exceptional basis for professional needs such as the institutiona

Government 140

Government Media Cybersecurity 140

Tech Republic Security

MARCH 27, 2023

PURPOSE Recruiting a cybersecurity engineer with the right combination of technical and industry experience will require a comprehensive screening process. This hiring kit from TechRepublic Premium provides a flexible framework your business can use to find, recruit and ultimately hire the right person for the job. From the hiring kit: DETERMINING FACTORS, DESIRABLE PERSONALITY TRAITS.

Cybersecurity 140

Cybersecurity Engineering 140

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

Banking

Bleeping Computer

MARCH 27, 2023

Microsoft is introducing a new Exchange Online security feature that will automatically start throttling and eventually block all emails sent from "persistently vulnerable Exchange servers" 90 days after the admins are pinged to secure them. [.

145

145

CyberSecurity Insiders

MARCH 27, 2023

Twitter issued a public statement stating that parts of its source code were leaked on GitHub and that its officials were trying their best to file a DMCA to take down the leaked content from the web and identify the user who submitted the content to the web-based software development platform. The leaked information includes proprietary source code of the social media platform’s internal tools, and the staff are busy tracing out the culprit.

Cybersecurity 135

Cybersecurity Media Software 135

Bleeping Computer

MARCH 27, 2023

A new info-stealing malware named MacStealer is targeting Mac users, stealing their credentials stored in the iCloud KeyChain and web browsers, cryptocurrency wallets, and potentially sensitive files. [.

Malware 143

Malware Passwords Cryptocurrency 143

CyberSecurity Insiders

MARCH 27, 2023

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In today’s digital world, it’s no surprise that cyberattacks are becoming more frequent and intense. Enterprises worldwide are trying to defend themselves against attacks such as ransomware, phishing, distributed denial of service and more.

Cybersecurity 132

Cybersecurity Phishing Ransomware Cyber Risk 132

Dark Reading

MARCH 27, 2023

Indicators point to Twitter's source code being publicly available for around 3 months, offering a developer security object lesson for businesses.

145

145

The Hacker News

MARCH 27, 2023

A new information-stealing malware has set its sights on Apple's macOS operating system to siphon sensitive information from compromised devices. Dubbed MacStealer, it's the latest example of a threat that uses Telegram as a command-and-control (C2) platform to exfiltrate data. It primarily affects devices running macOS versions Catalina and later running on M1 and M2 CPUs.

Malware 130

Malware Passwords 130

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

Risk

CSO Magazine

MARCH 27, 2023

Security researchers have seen attack campaigns using two new variants of IcedID, a banking Trojan program that has been used to deliver ransomware in recent years. The two new variants, one of which appears to be connected to the Emotet botnet, are lighter compared to the standard one because certain functionality has been stripped. "It is likely a cluster of threat actors is using modified variants to pivot the malware away from typical banking Trojan and banking fraud activity to focus on pay

Malware 135

Malware Ransomware Banking 135

Bleeping Computer

MARCH 27, 2023

Twitter has taken down internal source code for its platform and tools that was leaked on GitHub for months. Now it's using a subpoena to search for those who leaked and downloaded its code. [.

141

141

CSO Magazine

MARCH 27, 2023

Part of Twitter’s source code has been leaked and posted on GitHub by an unknown user. GitHub took down the post after the social media platform requested it to do so on Friday. Twitter has also filed a case in the US District Court for the Northern District of California seeking to order GitHub to identify the person who shared the code and any other individuals who downloaded it, according to The New York Times.

Media 131

Media 131

Security Boulevard

MARCH 27, 2023

A survey of 250 senior cybersecurity and IT professionals found well over half of respondents (57%) reported that security operations (SecOps) are more chaotic today than two years ago, with 96% planning to reevaluate their priorities. Conducted by Enterprise Strategy Group on behalf of Anvilogic, a provider of a platform for automating threat detection, the.

Threat Detection 121

Threat Detection Cybersecurity CISO Network Security 121

Speaker: Dr. Karen Hardy, CEO and Chief Risk Officer of Strategic Leadership Advisors LLC

Communication is a core component of a resilient organization's risk management framework. However, risk communication involves more than just reporting information and populating dashboards, and we may be limiting our skillset. Storytelling is the ability to express ideas and convey messages to others, including stakeholders. When done effectively, it can help interpret complex risk environments for leaders and inform their decision-making.

Risk

CSO Magazine

MARCH 27, 2023

In a significant signal to spyware vendors, the Biden administration issued an executive order (EO) prohibiting federal government agencies from using commercial spyware "that poses significant counterintelligence or security risks to the United States Government." The spyware covered by the EO is predominately malware designed to track and collect data from mobile phones that can be easily installed by one or several clicks on specially crafted links.

Spyware 136

Spyware Malware Government Marketing 136

Dark Reading

MARCH 27, 2023

Don't assume stakeholders outside security understand your goals and priorities, but consider how you'll communicate with them to gain their support.

Cybersecurity 137

Cybersecurity 137

The Hacker News

MARCH 27, 2023

Apple on Monday backported fixes for an actively exploited security flaw to older iPhone and iPad models. The issue, tracked as CVE-2023-23529, concerns a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution. It was originally addressed by the tech giant with improved checks as part of updates released on February 13, 2023.

Engineering 116

Engineering 116

Security Boulevard

MARCH 27, 2023

Malware targeting developers is a major concern that the industry is struggling to catch up with. We know open source software supply chain attacks are a problem with an estimated 700% increase in 2022. Gartner suggests that in the next two years “60% of organizations will use cybersecurity risk as a primary determinant in conducting third-party transactions and business engagements ( source ).

Malware 114

Malware Risk Cybersecurity Software 114

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.

Risk

CSO Magazine

MARCH 27, 2023

Cyberattacks are on the rise, and so are the chances that your organization will fall victim to a breach. More than 84% of organizations experienced at least one cyberattack last year. While many widely recognized attack vectors like phishing emails are here to stay, we’re observing enterprising cybercriminals evolving their methods and relying on increasingly sophisticated and complex attack tactics to infiltrate networks.

Phishing 132

Phishing Cybersecurity 132

Graham Cluley

MARCH 27, 2023

Graham Cluley Security News is sponsored this week by the folks at Kolide. Thanks to the great team there for their support! Right now, “Zero Trust” is in serious danger of becoming an empty buzzword. The problem isn’t just that marketers have slapped the Zero Trust label on everything short of breakfast cereal–it’s that for … Continue reading "Can zero trust be saved?

Marketing 114

Marketing 114

Security Boulevard

MARCH 27, 2023

Okta and Zoom today announced an integration through which cybersecurity administrators will be able to centrally manage end-to-end encryption across the Zoom videoconferencing platform. The Okta Authentication for End-to-End Encryption (E2EE) makes use of the Okta identity and access management platform to authenticate an attendee’s identity via email to enable organizations to ensure zero-trust policies.

Cybersecurity 111

Cybersecurity Encryption Authentication Social Engineering 111

CyberSecurity Insiders

MARCH 27, 2023

This March, Women’s History Month, we shared the legacy of Grace Hopper and her trailblazing innovations in software development and computing, highlighted the must-watch webinars by in cybersecurity and met with cyber newcomer and (ISC)² Candidate Nidhi Kannoujia on the (ISC)² Blog. We also asked a group of volunteer members to share their experiences working in cyber and to offer some insights into their careers so far, along with their aspirations.

Cybersecurity 111

Cybersecurity Accountability Education Software 111

Speaker: Ryan McInerny, CAMS, FRM, MSBA - Principal, Product Strategy

Cryptocurrency and non-fungible tokens (NFTs) - what are they and why should you care? With 20% of Americans owning cryptocurrencies, speaking "fluent crypto" in the financial sector ensures you are prepared to discuss growth and risk management strategies when the topic arises. Join this exclusive webinar with Ryan McInerny to learn: Cryptocurrency asset market trends How to manage risk and compliance to serve customers safely Best practices for identifying crypto transactions and companies Rev

Cryptocurrency

PCI perspectives

MARCH 27, 2023

From 27 March to 27 April 2023, eligible stakeholders are invited to review and provide feedback on the PCI Token Service Provider (TSP) Security Requirements v1.0 during a 30-day request for comments (RFC) period.

110

110

Security Boulevard

MARCH 27, 2023

The popularity of streaming platforms and apps have exploded in recent years. Streaming services have now become the norm, rather than the exception, as more households “cut the cord” with their cable providers. Streaming services provide almost an endless array of content that cater to the preferences of their viewers. The rapid growth of streaming […] The post Streaming Services and Cybersecurity appeared first on Security Boulevard.

Cybersecurity 109

Cybersecurity Account Security Accountability 109

CyberSecurity Insiders

MARCH 27, 2023

A report compiled by Barclays states that the amount of money lost in romance scams has reached an average of £10k in the UK in the last 6-8 months. This amount is what fraudsters earn on average, and the actual number might be much higher than what is estimated now. The survey also revealed that one in three Britons have experienced a scam or know at least one or two people who have gone through this negative experience in the past year or so.

Scams 111

Scams Cybersecurity Cyber threats 111

CSO Magazine

MARCH 27, 2023

Internet-of-Things (IoT) and Operational Technology (OT) devices represent a rapidly expanding, often unchecked risk surface that is largely driven by the technology’s pervasiveness, vulnerability, and cloud connectivity. This has left a wider array of industries and organizations vulnerable and opened the door for damaging infrastructure attacks. OT systems include almost everything supporting physical operations, spanning dozens of vertical industries.

Risk 134

Risk IoT Internet Internet 134

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Did you know that 2021 was a record-breaking year for ransomware? The days of a “once in a while” attack against businesses and organizations are over. Cyberthreats have become a serious issue. With 495.1 million attacks, the threat marked a 148% increase compared to 2020 and was the most expensive year on record! As a result, data protection needs to be a concern for most banks, businesses, and information technology specialists.

Ransomware

Security Boulevard

MARCH 27, 2023

The risk of business email compromise (BEC) is increasing annually and is estimated to be twice as severe as the overall threat of phishing, according to an Osterman Research/IronScales survey of 249 U.S.-based IT and security professionals. In the past 12 months, more than 93% of organizations encountered one or multiple forms of BEC attacks, The post Business Email Compromise Threats Soar Past Phishing Risks appeared first on Security Boulevard.

Phishing 105

Phishing Risk Cybersecurity 105

Identity IQ

MARCH 27, 2023

5 Common Hotel Scams and How to Avoid Them IdentityIQ Staying at a hotel should be an enjoyable experience. But unfortunately, there are many scams out there that can make it a nightmare. To help protect your personal information and money, it is important to be aware of the most common hotel scams and how to help avoid them. 5 Common Hotel Scams Hotels are a popular target for scammers due to the high volume of guests and transactions that take place.

Scams 104

Scams Identity Theft Antivirus VPN 104

Dark Reading

MARCH 27, 2023

Without proof that it was collected legally, purchased data can threaten an enterprise's security compliance and may expose the company to litigation.

CISO 119

CISO 119

Security Boulevard

MARCH 27, 2023

Organizations with strong cybersecurity cultures experience fewer cyberattacks and recover faster than others. Related: Deploying human sensors This results from emulating the culture building approaches of high-risk industries like construction that devote sustained attention to embedding safety throughout the organization.… (more…) The post GUEST ESSAY — The rationale for pursuing a culture of cybersecurity– and a roadmap to get there appeared first on Security Boulevard.

Cybersecurity 103

Cybersecurity Risk Security Awareness 103

Speaker: Alex Jiménez, Managing Principal, Financial Service Consulting for EPAM

Global economic conditions are soft at best. From a budget standpoint, US banks are feeling the pinch. Many US banks are bracing for increased defaults and lower demand for mortgages and other loans as interest rates have increased. The largest banks have increased reserves to protect against deteriorating economic conditions. Should banks delay their digital transformation investments and focus on cost reductions?

Digital transformation