Schneier on Security

FEBRUARY 25, 2021

I am a co-author on a report published by the Hoover Institution: “ Chinese Technology Platforms Operating in the United States.” From a blog post : The report suggests a comprehensive framework for understanding and assessing the risks posed by Chinese technology platforms in the United States and developing tailored responses. It starts from the common view of the signatories — one reflected in numerous publicly available threat assessments — that China’s power is

Technology 282

Technology Risk 282

Tech Republic Security

FEBRUARY 25, 2021

The Stanford Internet Observatory alleged that the Chinese government may have had access to audio data from Clubhouse. Here's what users should know.

Internet 192

Internet Internet Government 192

The Hacker News

FEBRUARY 25, 2021

Cybersecurity researchers today unwrapped a new campaign aimed at spying on vulnerable Tibetan communities globally by deploying a malicious Firefox extension on target systems.

Accountability 145

Accountability Cybersecurity 145

Tech Republic Security

FEBRUARY 25, 2021

The now-patched vulnerability could have allowed attackers to scan a company's internal network and gain access to sensitive data, says Positive Technologies.

Risk 135

Risk Technology 135

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Boulevard

FEBRUARY 25, 2021

The rise of smart devices and changing customer preferences have kicked global digital transformation into full gear. As a result, businesses are increasingly uncovering opportunities and high-end capabilities for competitive advantage and growth. The post How Digital Transformation Impacts IT And Cyber Risk Programs appeared first on Security Boulevard.

Digital transformation 134

Digital transformation Cyber Risk Risk 134

Tech Republic Security

FEBRUARY 25, 2021

The Lazarus group had a busy 2020, and 2021 is shaping up to be another devastatingly productive year for one of the most dangerous hacking groups on the planet.

Hacking 129

Hacking 129

Quick Heal Antivirus

FEBRUARY 25, 2021

If there was one silver lining to the COVID-19 pandemic, it was the effect it had on India’s. The post Five tips to stay away from UPI frauds appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

130

130

SC Magazine

FEBRUARY 25, 2021

Some good news, for once: Health care and government organizations started 2021 with ransomware incidents at their lowest point in more than a year. Recorded Future reports that there were just two ransomware attacks on healthcare organizations in January, a fourfold decrease from the monthly average in 2020. In addition, state and local governments reported four ransomware incidents in January, compared to 14 attacks in December 2020 and 15 in December 2019.

Ransomware 121

Ransomware Healthcare Government Education 121

CSO Magazine

FEBRUARY 25, 2021

According to ESG research on The Impact of XDR in the Modern SOC , improving detection of advanced cyberthreats is the highest priority for enterprise security operations, with 83% of organizations planning to increase threat detection and response spending over the next 12 to 18 months. This is no surprise: threat detection and response is always a high priority.

CISO 121

CISO Threat Detection 121

CyberSecurity Insiders

FEBRUARY 25, 2021

Oxford University is back in news for being attacked on a digital note. Confirmed sources report that its Division of Structural Biology division dubbed Strubi was hit by a cyber attack leaking some vital information to hackers. The only good news is that no classical data was compromised, and the hack has been totally contained- all thanks to the IT staff of the internationally renowned educational institute.

Cyber Attacks 117

Cyber Attacks Healthcare Education Hacking 117

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Tech Republic Security

FEBRUARY 25, 2021

Two developers, sponsored by Google, will dedicate their time to addressing vulnerabilities in the Linux kernel as part of a wider effort to improve the security of open-source software.

Software 104

Software 104

Bleeping Computer

FEBRUARY 25, 2021

After security researchers have developed and published proof-of-concept (PoC) exploit code targeting a critical vCenter remote code execution (RCE) vulnerability, attackers are now actively scanning for vulnerable Internet-exposed VMware servers. [.].

Internet 114

Internet Internet 114

Malwarebytes

FEBRUARY 25, 2021

US tax season is upon us, a time of the year when a special kind of vermin comes crawling out of the woodwork: tax scammers! Not that their goals are any different from any other scammers. They want your hard-earned dollars in their pockets. Most of the tax-related attacks follow a few tried and true methods: A phishing email or scam call from someone purporting to be from the IRS, or an accountant offering to help you get a big refund.

Identity Theft 114

Identity Theft Adware Scams VPN 114

Security Boulevard

FEBRUARY 25, 2021

Last year saw a tremendous shift in security priorities following enterprises’ response to the pandemic. The good news is, business leadership is now paying more attention to information security. The bad news is, enterprise security teams have a lot of work ahead. According to a survey conducted by IDG on behalf of integration services provider.

Information Security 113

Information Security CISO Security Awareness Cybersecurity 113

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Bleeping Computer

FEBRUARY 25, 2021

Intel has addressed Wi-Fi and Wireless Bluetooth drivers issues causing Windows 10 blue screen of death (BSOD) errors and Bluetooth devices to lose connection or stop working. [.].

Wireless 110

Wireless Software 110

Threatpost

FEBRUARY 25, 2021

Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches.

134

134

Security Affairs

FEBRUARY 25, 2021

Google Project Zero team disclosed the details of a recently patched remote code execution vulnerability (CVE-2021-24093) in Windows Operating system. White hat hacker at Google Project Zero disclosed the details of a recently patched Windows vulnerability, tracked as CVE-2021-24093 , that can be exploited for remote code execution in the context of the DirectWrite client.

Hacking 111

Hacking Information Security Malware 111

We Live Security

FEBRUARY 25, 2021

Two new tools will warn users about the risks of searching for and sharing content that exploits children, including the potential legal consequences of doing so. The post Facebook ramps up fight against child abuse content appeared first on WeLiveSecurity.

Risk 127

Risk Media 127

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

The Hacker News

FEBRUARY 25, 2021

Ukraine is formally pointing fingers at Russian hackers for hacking into one of its government systems and attempting to plant and distribute malicious documents that would install malware on target systems of public authorities.

Malware 107

Malware Government Hacking 107

CyberSecurity Insiders

FEBRUARY 25, 2021

France Minister Cedric O has cleared the air that local mafia type organizations were behind cyber attacks on two of the healthcare organizations of France and no state funded organizations were involved in the incident. Condemning some reports published in a certain section of media, Cedric O stated that some hacking groups based in Eastern Europe were involved in the attack- as per the preliminary inquiry.

Cyber Attacks 107

Cyber Attacks Healthcare Cryptocurrency Ransomware 107

Bleeping Computer

FEBRUARY 25, 2021

The recent cyberattack that forced the Dutch Research Council (NWO) to take its servers offline and suspend grant allocation processes was caused by the DoppelPaymer ransomware gang. [.].

Ransomware 106

Ransomware 106

Threatpost

FEBRUARY 25, 2021

A teenaged ethical hacker discovered a flawed endpoint associated with a health-department website in the state of Bengal, which exposed personally identifiable information related to test results.

Mobile 105

Mobile 105

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Bleeping Computer

FEBRUARY 25, 2021

A North Korean-backed hacking group has targeted the defense industry with custom backdoor malware dubbed ThreatNeedle since early 2020 with the end goal of collecting highly sensitive information. [.].

Malware 106

Malware Hacking 106

CSO Magazine

FEBRUARY 25, 2021

Security team members are the principal defenders of enterprise cyber assets. It makes sense, then, to verify that current staffers and potential new hires aren't hiding secrets that could place essential systems and data at risk.

Risk 105

Risk 105

Tech Republic Security

FEBRUARY 25, 2021

Jack Wallen tries out the Firewalla Gold to see if it's worthy of serving as your work-from-home security device.

119

119

SC Magazine

FEBRUARY 25, 2021

On Wednesday – just Wednesday – news stories emerged about an airplane maker, information technology giant and computer game company all having operations disrupted by ransomware. In the last year, such attacks have swept through every sector, affected schools, hospitals, critical infrastructure, transportation and governments. Many argue that policymakers need to do something about the problem.

Ransomware 104

Ransomware Insurance Government Cryptocurrency 104

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Zero Day

FEBRUARY 25, 2021

The Chinese hacking group used the malicious add-on to collect Gmail and Firefox data from their victims.

Hacking 136

Hacking 136

Security Boulevard

FEBRUARY 25, 2021

The healthcare sector is undergoing digitalization and adopts new technologies to improve patient care, offer new services for remote patients and reach operational excellence. The integration of new technologies in the complex healthcare IT infrastructure creates new challenges regarding data protection and cybersecurity. On the one hand, the COVID-19 pandemic has been a driver for […]… Read More.

Healthcare 101

Healthcare Technology Cybersecurity 101

Veracode Security

FEBRUARY 25, 2021

???Destroying things is much easier than making them.??? This quote from The Hunger Games rings true in software; developers spend months perfecting their innovative applications only to see it all crumble at the nimble fingers of a speedy cyberattacker. So how do you beat them? Improve your secure coding know-how early on and keep it sharp. ?? More than half of organizations in North America provide developers with some level of security training annually, or less often.

Education 98

Education Software 98

Zero Day

FEBRUARY 25, 2021

CrowdStrike puts together a list of connections and how cybercrime groups cooperate with each other.

Cybercrime 131

Cybercrime 131

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.