Tech Republic Security
JULY 7, 2023
Read about penetration testing in cloud security and its importance, details about how it's done and the most common threats to cloud security. The post The Importance of Penetration Testing in Cloud Security appeared first on TechRepublic.
Schneier on Security
JULY 5, 2023
I have mixed feelings about this class-action lawsuit against OpenAI and Microsoft, claiming that it “scraped 300 billion words from the internet” without either registering as a data broker or obtaining consent. On the one hand, I want this to be a protected fair use of public data. On the other hand, I want us all to be compensated for our uniquely human ability to generate language.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
JULY 5, 2023
Learn about the benefits and use cases of quantum computing. Also, get details about quantum cryptography from an expert. The post Is Quantum Computing Right for Your Business? appeared first on TechRepublic.
Krebs on Security
JULY 3, 2023
If you’ve ever owned a domain name, the chances are good that at some point you’ve received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don’t need, and probably will never receive.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Troy Hunt
JULY 2, 2023
I'm in Thailand! It's spectacular here, and even more so since recording this video and getting out of Bangkok and into the sorts of natural beauty you see in all the videos. Speaking of which, rather than writing more here (whilst metres away from the most amazing scenery), I'm going to push the publish button on this week's video and go enjoy it.
Lohrman on Security
JULY 16, 2023
The White House just released the new National Cybersecurity Strategy Implementation Plan. Here are the details, selected media coverage and what you need to know moving forward.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Schneier on Security
JULY 3, 2023
Police are already using self-driving car footage as video evidence: While security cameras are commonplace in American cities, self-driving cars represent a new level of access for law enforcement and a new method for encroachment on privacy, advocates say. Crisscrossing the city on their routes, self-driving cars capture a wider swath of footage.
Joseph Steinberg
JULY 17, 2023
A simple, single-letter typo has caused perhaps as many as several million email messages sent by members of the US Military to be inappropriately delivered to the African country of Mali, an ally of Russia in which contractors from the infamous Russian military contractor, Wagner Group, have been assisting Mali’s armed forces. It appears that for as long as a decade, various users of military email systems sent messages to emails addresses using the top-level domain “.ML,” the domain for
Krebs on Security
JULY 11, 2023
Microsoft Corp. today released software updates to quash 130 security bugs in its Windows operating systems and related software, including at least five flaws that are already seeing active exploitation. Meanwhile, Apple customers have their own zero-day woes again this month: On Monday, Apple issued (and then quickly pulled) an emergency update to fix a zero-day vulnerability that is being exploited on MacOS and iOS devices.
Troy Hunt
JULY 7, 2023
Alrighty, "The Social Media" Without adding too much here as I think it's adequately covered in the video, since last week we've had another change at Twitter that has gotten some people cranky (rate limits) and another social media platform to jump onto (Threads). I do wonder how impactful the 1k tweet view limit per day is for most people (I have no idea how many I usually see, I just know I've never hit the limit yet), and as I say in the video, I find it increasingly h
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Lohrman on Security
JULY 2, 2023
The CL0P ransomware gang, reportedly based in Russia, has breached at least 122 organizations using MOVEit zero day exploits. Here’s what you need to know.
The Last Watchdog
JULY 10, 2023
To tap the full potential of massively interconnected, fully interoperable digital systems we must solve privacy and cybersecurity, to be sure. Related: Using ‘Big Data’ to improve health and well-being But there’s yet another towering technology mountain to climb: we must also overcome the limitations of Moore’s Law. After 30 years, we’ve reached the end of Moore’s Law , which states that the number of transistors on a silicon-based semiconductor chip doubles approximately eve
Schneier on Security
JULY 7, 2023
For four decades, Alaskans have opened their mailboxes to find checks waiting for them, their cut of the black gold beneath their feet. This is Alaska’s Permanent Fund, funded by the state’s oil revenues and paid to every Alaskan each year. We’re now in a different sort of resource rush, with companies peddling bits instead of oil: generative AI.
Tech Republic Security
JULY 14, 2023
Review your recent Gmail access, browser sign-in history and Google account activity to make sure no one other than you has used your account.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Krebs on Security
JULY 21, 2023
Many things have changed since 2018, such as the names of the companies in the Fortune 100 list. But one aspect of that vaunted list that hasn’t shifted much since is that very few of these companies list any security professionals within their top executive ranks. The next time you receive a breach notification letter that invariably says a company you trusted places a top priority on customer security and privacy, consider this: Only four of the Fortune 100 companies currently list a sec
Troy Hunt
JULY 13, 2023
Each year since 2011, Microsoft has sent me a lovely email around this time: I've been fortunate enough to find a passion in life that has allowed me to do what I love and make a great living out of it all whilst contributing to the community in a meaningful and impactful way. In last year's MVP announcement blog post , I talked about one of my favourite contributions of all that year being the Pwned Passwords ingestion pipeline for the FBI.
Lohrman on Security
JULY 9, 2023
Fake news, misinformation and online scams are growing at an alarming rate as generative AI explodes in usage. So what are the problems, and what are some potential solutions to consider?
The Last Watchdog
JULY 6, 2023
Hsinchu, Taiwan – July 6, 2023 – Nuvoton Technology, one of the world’s leading suppliers of microcontrollers, has proudly launched its MUG51 8-bit MCU series of low power microcontrollers designed for battery-free devices. Nuvoton is committed to sustainable 8-bit MCU production and product longevity to ensure a reliable supply, giving customers the confidence to commit to long-term products, platforms, and projects.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Schneier on Security
JULY 6, 2023
Here’s a fascinating tax hack from Belgium (listen to the details here , episode #484 of “No Such Thing as a Fish,” at 28:00). Basically, it’s about a music festival on the border between Belgium and Holland. The stage was in Holland, but the crowd was in Belgium. When the copyright collector came around, they argued that they didn’t have to pay any tax because the audience was in a different country.
Tech Republic Security
JULY 6, 2023
Learn how the Meduza Stealer malware works, what it targets and how to protect your company from this cybersecurity threat. The post New Malware Targets 97 Browser Variants, 76 Crypto Wallets & 19 Password Managers appeared first on TechRepublic.
Krebs on Security
JULY 25, 2023
Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online.
Troy Hunt
JULY 13, 2023
Today was a bit back-to-back having just wrapped up the British Airways Magecart attack webinar with Scott. That was actually a great session with loads of engagement and it's been recorded to so look out for that one soon if you missed it. Anyway, I filled this week's update with a bunch of random things from the week. I especially enjoyed discussing the HIBP domain search progress and as I say in the video, talking through it with other people really helps crystalise things so I thin
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Lohrman on Security
JULY 30, 2023
If you are looking for a deep-dive strategy book that looks into a wide range of cybersecurity topics in an updated fashion, this book is for you.
The Last Watchdog
JULY 24, 2023
Accessing vital information to complete day-to-day tasks at our jobs still requires using a password-based system at most companies. Related: Satya Nadella calls for facial recognition regulations Historically, this relationship has been effective from both the user experience and host perspectives; passwords unlocked a world of possibilities, acted as an effective security measure, and were simple to remember.
Schneier on Security
JULY 10, 2023
In my latest book, A Hacker’s Mind , I wrote about hacks as loophole exploiting. This is a great example: The Wisconsin governor used his line-item veto powers—supposedly unique in their specificity—to change a one-year funding increase into a 400-year funding increase. He took this wording: Section 402. 121.905 (3) (c) 9. of the statues is created to read: 121.903 (3) (c) 9.
Tech Republic Security
JULY 25, 2023
Want a custom security dashboard to bring together data from multiple places? Microsoft Power BI can do that and help you spot what's changing.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Krebs on Security
JULY 26, 2023
The Russian government today handed down a treason conviction and 14-year prison sentence on Iyla Sachkov , the former founder and CEO of one of Russia’s largest cybersecurity firms. Sachkov, 37, has been detained for nearly two years under charges that the Kremlin has kept classified and hidden from public view, and he joins a growing roster of former Russian cybercrime fighters who are now serving hard time for farcical treason convictions.
Troy Hunt
JULY 20, 2023
Sad news to wake up to today. Kevin was a friend and as I say in this week's video, probably the most well-known identity in infosec ever, and for good reason. He made a difference, and I have fun memories with him 😊 Felt really sad waking up and seeing “RIP Kevin” in my timeline. I doubt there is a more well known name in our industry but if he’s unfamiliar to you (or you haven’t read this book), go and grab “Ghost in the Wires” which is an
Lohrman on Security
JULY 23, 2023
Maine paused the use of ChatGPT and other generative AI apps for six months beginning in June. After hearing wide-ranging reactions, I decided to ask Nathan Willigar, the state CISO, about the move.
The Last Watchdog
JULY 19, 2023
Deepening interoperability of AI-infused systems – in our buildings, transportation grids, communications systems and medical equipment — portend amazing breakthroughs for humankind. Related: The coming of optical infrastructure But first businesses must come to grips with the quickening convergence of their internal and external computing resources.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Expert insights. Personalized for you.
202 
Let's personalize your content