Krebs on Security
MAY 22, 2023
Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What follows is an interview with a Russian hacker responsible for a series of aggressive crypto spam campaigns that recently prompted several large Mastodon communities to temporarily halt new registrations.
Schneier on Security
MAY 22, 2023
Google has backtracked on its plan to delete inactive YouTube videos—at least for now. Of course, it could change its mind anytime it wants. It would be nice if this would get people to think about the vulnerabilities inherent in letting a for-profit monopoly decide what of human creativity is worth saving.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
MAY 22, 2023
A new Linux Foundation report finds that the global focus is on cloud/containers, cybersecurity and AI/ML skills, and that upskilling is key. The post Report: More organizations still plan to increase their tech staff appeared first on TechRepublic.
Trend Micro
MAY 22, 2023
In this blog entry, we will examine the security risks related to file extension-related Top-Level Domains (TLDs) while also providing best practices and recommendations on how both individual users and organizations can protect themselves from these hazards.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Tech Republic Security
MAY 22, 2023
With NordLocker, you can store, manage and share individual files. Learn how with this step-by-step guide. The post How to manage and share files online using NordLocker appeared first on TechRepublic.
WIRED Threat Level
MAY 22, 2023
In response to an EU proposal to scan private messages for illegal material, the country's officials said it is “imperative that we have access to the data.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Bleeping Computer
MAY 22, 2023
The ALPHV ransomware group (aka BlackCat) was observed employing signed malicious Windows kernel drivers to evade detection by security software during attacks. [.
Tech Republic Security
MAY 22, 2023
There are a few reasons Apple users should sometimes employ a pair of Apple IDs on the same Mac. Here’s how to make it work. The post How and why to use multiple Apple IDs on the same Mac appeared first on TechRepublic.
CSO Magazine
MAY 22, 2023
Cybersecurity activity around business email compromise (BEC) spiked between April 2022 and April 2023, with over 150,000 daily attempts, on average, detected by the Microsoft Microsoft’s Digital Crimes Unit (DCU). The findings were highlighted in the latest edition of Microsoft’s Cyber Signals , a cyberthreat intelligence report that spotlights security trends and insights gathered from Microsoft’s 43 trillion security signals and 8,500 security experts.
Dark Reading
MAY 22, 2023
Techniques used in cyber warfare can be sold to anyone — irrespective of borders, authorities, or affiliations. We need to develop strategies to respond at scale.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
CyberSecurity Insiders
MAY 22, 2023
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. As a natural language processing model, ChatGPT – and other similar machine learning-based language models – is trained on huge amounts of textual data.
Bleeping Computer
MAY 22, 2023
The Irish Data Protection Commission (DPC) has announced a $1.3 billion fine on Facebook after claiming that the company violated Article 46(1) of the GDPR (General Data Protection Regulation). [.
CyberSecurity Insiders
MAY 22, 2023
Facebook parent company Meta has been slapped with a penalty of €1.2 billion for transferring data of European users to the servers operating in the United States. A move that is dead-against the GDPR rules that came into existence since May 2018. The Irish Data Protection Commission pronounced a penalty and imposed a $1.3 billion fine for transferring the generated data to computers operating on other country soil, a move that is been exploited under the Standard Contractual Clause (SCC) that c
Security Boulevard
MAY 22, 2023
The best-kept secret is the one that is never shared. In today’s technology environment, that is even more true. Where organizations used to build and maintain their own technology stacks, now they are often interacting with multiple cloud providers or even combining the cloud with on-premises systems for a distributed environment. According to a recent.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Bleeping Computer
MAY 22, 2023
Microsoft is investigating service issues preventing users from accessing their Microsoft 365 ccounts and blocking access to installed apps. [.
Security Boulevard
MAY 22, 2023
GDPR Move for Mark’s Money: No legal way to move Europeans’ data to the US since 2015. U.S. cloud industry better take note. The post Facebook Fined $1.3B — Zuckerberg Furious in GDPR Fight appeared first on Security Boulevard.
Bleeping Computer
MAY 22, 2023
Today, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) ordered federal agencies to address three recently patched zero-day flaws affecting iPhones, Macs, and iPads known to be exploited in attacks. [.
CSO Magazine
MAY 22, 2023
Meta has been fined $1.3 billion (€1.2 billion) by the Irish Data Protection Commission (DPC) for violating the terms of the EU’s GDPR by continuing to transfer EU users’ data to the US without adequate safeguards. Meta has failed to “address the risks to the fundamental rights and freedoms" of Facebook's European users, the DPC said in a statement.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Bleeping Computer
MAY 22, 2023
Google has launched the Mobile Vulnerability Rewards Program (Mobile VRP), a new bug bounty program that will pay security researchers for flaws found in the company's Android applications. [.
Security Boulevard
MAY 22, 2023
Is DevOps really dead? Learn about the rise of platform engineering and how it differs from DevOps in terms of self-service capabilities and automation. Discover how security fits into this new paradigm and the benefits of platform engineering for software development teams of various sizes. The post Platform Engineering and Security: A Very Short Introduction appeared first on Security Boulevard.
Naked Security
MAY 22, 2023
Site marketing video promised total anonymity, but that was a lie. 170 arrested already. Potentially 1000s more to follow.
Dark Reading
MAY 22, 2023
The climate of concern around open source security and supply chain attacks may have caused a small story to become a big one.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Heimadal Security
MAY 22, 2023
Chinese researchers discovered a new type of attack targeting smartphones. BrutePrint is a brute-force attack that can bypass fingerprint authentication. They managed to breach security measures enabled for brute-force attacks like attempt limits and liveness detection. Brute-force attacks use numerous trial-and-error attempts to decipher a key, or password in order to obtain access to accounts […] The post New Type of Attack: BrutePrint Can Breach Your Smartphone’s Fingerprint Security ap
Dark Reading
MAY 22, 2023
Security vendors, businesses, and US government agencies need to work together to fight ransomware and protect critical infrastructure.
eSecurity Planet
MAY 22, 2023
Security researchers recently published a paper detailing an attack they say can be used to bypass smartphone fingerprint authentication. Yiling He of China’s Zhejiang University and Yu Chen of Tencent Security’s Xuanwu Lab are calling the attack BrutePrint , which they say can be used to hijack fingerprint images. An attack like BrutePrint could present a significant threat to passkeys , an increasingly popular way to replace passwords with authentication methods like fingerprint au
Security Boulevard
MAY 22, 2023
Cloud computing has become a game-changer for many industries, and healthcare is no exception. Healthcare providers are starting to recognize the potential of cloud technology to improve patient outcomes, streamline operations, and reduce costs. In this blog post, we’ll explore in detail how cloud computing is transforming healthcare, its benefits and challenges, and how healthcare […] The post Cloud Computing The Prescription for Modern Healthcare Challenges appeared first on PeoplActive.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
The Hacker News
MAY 22, 2023
New findings about a hacker group linked to cyber attacks targeting companies in the Russo-Ukrainian conflict area reveal that it may have been around for much longer than previously thought. The threat actor, tracked as Bad Magic (aka Red Stinger), has not only been linked to a fresh sophisticated campaign, but also to an activity cluster that first came to light in May 2016.
Dark Reading
MAY 22, 2023
The technology conglomerate has until later this year to end its transfer of European user's data across the Atlantic.
The Hacker News
MAY 22, 2023
Facebook's parent company Meta has been fined a record $1.3 billion by European Union data protection regulators for transferring the personal data of users in the region to the U.S.
Security Boulevard
MAY 22, 2023
More and more enterprises are becoming multi-cloud. And when evaluating cloud service providers (CSPs) for different needs, one important factor is security. Yet, CSPs aren’t responsible for securing everything—depending on the component in question, you may be left on your own to ensure it’s adequately safeguarded in the cloud. Thus, it helps to understand where.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
229 
Let's personalize your content