Schneier on Security
JANUARY 6, 2023
This group has found a ton of remote vulnerabilities in all sorts of automobiles. It’s enough to make you want to buy a car that is not Internet-connected. Unfortunately, that seems to be impossible.
Tech Republic Security
JANUARY 6, 2023
A spate of zero-day exploits against Twitter, Rackspace and others late last year showed the limits of a cybersecurity workforce under duress, a step behind and understaffed with some 3.4 million vacant seats. The post Recent 2022 cyberattacks presage a rocky 2023 appeared first on TechRepublic.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
JANUARY 6, 2023
I’m not sure why, but Audiobooks.com is offering the audiobook version of Schneier on Security at 50% off until January 17.
Cisco Security
JANUARY 6, 2023
Speaking to many CISOs, it’s clear that many security executives view zero trust as a journey that can be difficult to start, and one that even makes identifying successful outcomes a challenge. Simultaneously, the topic of security resilience has risen up the C-level agenda and is now another focus for security teams. So, are these complementary?
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Dark Reading
JANUARY 6, 2023
The role of artificial intelligence in cybersecurity is growing. A new AI model highlights the opportunities and challenges.
CyberSecurity Insiders
JANUARY 6, 2023
By Tyler Reguly, senior manager, security R&D at cybersecurity software and services provider Fortra. The pandemic ushered in an unprecedented wave of online purchasing, as people around the world became far more comfortable with virtual shopping. In fact, the U.S. Census Bureau’s latest Annual Retail Trade Survey reports e-commerce expenditures rose from $571.2 billion in 2019 to $815.4 billion in 2020, a 43% increase.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
CyberSecurity Insiders
JANUARY 6, 2023
By Geert van der Linden, EVP & Head of Global Cybersecurity Practice at Capgemini. You might feel like we live in an age of permacrisis. The past year has brought about rising geopolitical tensions, mass digitalization, more hybrid working, and a skilled labor shortage. Adding to these challenges is the new era of almost limitless connectivity, which is changing the way we live and work, all the while causing havoc for cybersecurity teams.
Heimadal Security
JANUARY 6, 2023
Blind Eagle, a financially-motivated threat actor previously observed launching operations against organizations in Colombia and Ecuador, has reemerged with a sophisticated toolset and a complex infection chain. The latest findings from Check Point shed light on the group’s methods, such as the employment of upgraded tools and government-themed baits to trigger the kill chain.
CyberSecurity Insiders
JANUARY 6, 2023
By Doron Pinhas, Chief Technology Officer, Continuity. 2022 clearly demonstrated that attacks on data represent the greatest cyber-threat organizations face. The attack pace not only continued, it accelerated. Notable data breaches took place at Microsoft, News Corp., the Red Cross, FlexBooker, Cash App, GiveSendGo, and several crypto firms. Many of these attacks took advantage of known vulnerabilities and security misconfigurations in storage and backup systems.
Security Boulevard
JANUARY 6, 2023
Insight #1. ". If your source code is leaked, the first thing you need to do is make sure the malicious actors are not still in your environment, do not worry about what is in your code. Get them out first.". . Insight #2. ". Transparency is the key to incident response and communication with those affected. Be as transparent as possible even with many unknowns.". .
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
CyberSecurity Insiders
JANUARY 6, 2023
By Larry Goldman, Senior Manager of Product Marketing, Progress. To this point, many businesses have failed to look at application experience (AX) management holistically, as its own challenge with its own set of distinct––and interlocking––solutions. This oversight has been to their detriment. The fact is that every second of lag time on an online banking app risks alienating the consumer.
Security Boulevard
JANUARY 6, 2023
What’s the greatest cybersecurity threat businesses face today? If you answered ransomware, cryptojacking or phishing–which headlined lists of top cybersecurity risks in recent years–you’re stuck in the past. Although other types of attacks continue to occur, APIs have now become the top attack vector for enterprises to worry about, according to an October 2022 Gartner.
Bleeping Computer
JANUARY 6, 2023
American fast-food restaurant chain Chick-fil-A is investigating what it described as "suspicious activity" linked to some of its customers' accounts. [.].
Security Boulevard
JANUARY 6, 2023
Seceon’s comprehensive platform includes more than 15 tools like ai, ml, vulnerability assessment, SIEM, SOAR, UEBA, NBAD, NTA, EDR, TI, but our focus for today is an area that frequently comes up in conversation with customers and partners alike. The post Seceon’s Comprehensive Cybersecurity Platform appeared first on Seceon. The post Seceon’s Comprehensive Cybersecurity Platform appeared first on Security Boulevard.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
eSecurity Planet
JANUARY 6, 2023
Rackspace has acknowledged that it was hit by the Play ransomware a month ago in an attack that compromised customers’ Microsoft Exchange accounts. The attackers apparently leveraged a zero-day vulnerability called OWASSRF that was recently analyzed by CrowdStrike. In an interview with the San Antonio Express-News , Rackspace chief product officer John Prewitt said the company hadn’t implemented Microsoft’s November 2022 patches for the ProxyNotShell flaws in Exchange because o
Security Boulevard
JANUARY 6, 2023
2023 is in full swing, and we couldn’t be more excited. This past year has been monumental for Swimlane, thanks to our $70 million in growth funding, regional expansion into APJ and META and the launch of our newest solution, Swimane Turbine. It’s one thing to hear about Swimlane’s success from us. What’s more telling of our growth is the. The post 2022 Wrap-Up: A Winning Year for Swimlane appeared first on Security Boulevard.
The Hacker News
JANUARY 6, 2023
A South Africa-based threat actor known as Automated Libra has been observed employing CAPTCHA bypass techniques to create GitHub accounts in a programmatic fashion as part of a freejacking campaign dubbed PURPLEURCHIN.
Security Boulevard
JANUARY 6, 2023
Last fall, California drew first blood when it agreed to a $1.2 million settlement with Sephora over the cosmetics company’s violations of the California Consumer Privacy Act (CCPA). Attorney General Rob Bonta announced that the French firm sold consumer data without notification, failed to process opt-out requests and failed to put things right within 30.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
CyberSecurity Insiders
JANUARY 6, 2023
Richard Bird, Chief Security Officer, Traceable AI. This year will be the year that many business and security leaders will wake up to truly understand the scope of their API security issues. For the past three years, organizations have prioritized flexibility and growth over security and navigating extremely challenging business conditions. They’ve aggregated large data sets and deployed more cloud services to digitize business models, products, and services.
CSO Magazine
JANUARY 6, 2023
More than a dozen schools in the UK have suffered a cyberattack which has led to highly confidential documents being leaked online by cybercriminals. That’s according to a report from the BBC which claimed that children’s SEN information, child passport scans, staff pay scales and contract details have been stolen by notorious cybercrime group Vice Society, known for disproportionately targeting the education sector with ransomware attacks in the UK and other countries.
CyberSecurity Insiders
JANUARY 6, 2023
In what appears as a serious threat to students from 14 schools based in UK, a hacking group named Vice Society posted about 550 GB of data online belonging to school pupil that includes sensitive info like pupil passport scams, pay scales of staff, their contract details and Children’s Special Educational Needs(SEN) info. It’s believed that the hackers got hold of the data from a ransomware attack that was launched on educational institutions in UK and US last year and as the victims failed to
Naked Security
JANUARY 6, 2023
Stand down from blue alert, it seems. but why not plan your cryptographic agility anyway?
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Security Boulevard
JANUARY 6, 2023
Do more with less. That’s not an uncommon catchphrase in business. But the reality is many organizations, especially those in technology and similar industries, haven’t really had to focus much on cost-cutting and savings measures since the financial crisis of 2007. . The post 5 Ways to Increase Security and Compliance Efficiencies in 2023 appeared first on Security Boulevard.
CSO Magazine
JANUARY 6, 2023
Since Elon Musk purchased Twitter in late October, non-stop turmoil and controversy have dogged the company, from massive staff firings and resignations to reputational damage from Musk's careless and often bizarre tweets. Now, mushrooming concern around a possible data breach stemming from a now-fixed Twitter flaw is poised to drive the company further down unless Twitter takes quick action.
The Hacker News
JANUARY 6, 2023
A variant of the infamous Dridex banking malware has set its sights on Apple's macOS operating system using a previously undocumented infection method, according to latest research.
Dark Reading
JANUARY 6, 2023
Security vulnerabilities plague automakers, and as vehicles become more connected, a more proactive stance on cybersecurity will be required — alongside regulations.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Bleeping Computer
JANUARY 6, 2023
Air France and KLM have informed Flying Blue customers that some of their personal information was exposed after their accounts were breached. [.].
The Hacker News
JANUARY 6, 2023
Microsoft has shed light on four different ransomware families – KeRanger, FileCoder, MacRansom, and EvilQuest – that are known to impact Apple macOS systems. "While these malware families are old, they exemplify the range of capabilities and malicious behavior possible on the platform," the tech giant's Security Threat Intelligence team said in a Thursday report.
Dark Reading
JANUARY 6, 2023
The Automated Libra group is deploying all components of its campaign in an automated manner via containers, stealing free trial resources for cryptomining, but the threat could get larger.
The Hacker News
JANUARY 6, 2023
Popular instant messaging service WhatsApp has launched support for proxy servers in the latest version of its Android and iOS apps, letting users circumvent government-imposed censorship and internet shutdowns.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
323 
Let's personalize your content