Tech Republic Security
JULY 7, 2023
Read about penetration testing in cloud security and its importance, details about how it's done and the most common threats to cloud security. The post The Importance of Penetration Testing in Cloud Security appeared first on TechRepublic.
Tech Republic Security
JULY 5, 2023
Learn about the benefits and use cases of quantum computing. Also, get details about quantum cryptography from an expert. The post Is Quantum Computing Right for Your Business? appeared first on TechRepublic.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
JULY 3, 2023
Police are already using self-driving car footage as video evidence: While security cameras are commonplace in American cities, self-driving cars represent a new level of access for law enforcement and a new method for encroachment on privacy, advocates say. Crisscrossing the city on their routes, self-driving cars capture a wider swath of footage.
Troy Hunt
JULY 2, 2023
I'm in Thailand! It's spectacular here, and even more so since recording this video and getting out of Bangkok and into the sorts of natural beauty you see in all the videos. Speaking of which, rather than writing more here (whilst metres away from the most amazing scenery), I'm going to push the publish button on this week's video and go enjoy it.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Krebs on Security
JULY 3, 2023
If you’ve ever owned a domain name, the chances are good that at some point you’ve received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don’t need, and probably will never receive.
Bleeping Computer
JULY 2, 2023
Cybersecurity researchers have released a new tool called 'Snappy' that can help detect fake or rogue WiFi access points that attempts to steal data from unsuspecting people. [.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Tech Republic Security
JULY 6, 2023
Learn how the Meduza Stealer malware works, what it targets and how to protect your company from this cybersecurity threat. The post New Malware Targets 97 Browser Variants, 76 Crypto Wallets & 19 Password Managers appeared first on TechRepublic.
Graham Cluley
JULY 6, 2023
There's good news for any business that has fallen victim to the Akira ransomware. Security researchers have developed a free decryption tool for files that have been encrypted since the Akira ransomware first emerged in March 2023. Read more in my article on the Tripwire State of Security blog.
Security Boulevard
JULY 7, 2023
To get ahead of the adversaries in this new AI age, cybersecurity research into new generative AI attacks and defenses must be further along. The post How to Strengthen Cybersecurity in the Age of AI appeared first on Security Boulevard.
We Live Security
JULY 11, 2023
A view of the H1 2023 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts The post ESET Threat Report H1 2023 appeared first on WeLiveSecurity
Speaker: William Hord, Vice President of ERM Services
A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.
Bleeping Computer
JULY 3, 2023
Hundreds of thousands of FortiGate firewalls are vulnerable to a critical security issue identified as CVE-2023-27997, almost a month after Fortinet released an update that addresses the problem. [.
Dark Reading
JULY 10, 2023
An attack involves a multi-stage infection chain with custom malware hosted on Amazon EC2 that ultimately steals critical system and browser data; so far, targets have been located in Latin America.
Tech Republic Security
JULY 14, 2023
Review your recent Gmail access, browser sign-in history and Google account activity to make sure no one other than you has used your account.
Trend Micro
JULY 6, 2023
We analyze the technical details of a new ransomware family named Big Head. In this entry, we discuss the Big Head ransomware’s similarities and distinct markers that add more technical details to initial reports on the ransomware.
Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster
So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.
CompTIA on Cybersecurity
JULY 31, 2023
Words matter. Especially when we’re using them to communicate with others. That said, how are you using IT security and cybersecurity?
We Live Security
JULY 4, 2023
Criminals increasingly create deepfake nudes from people’s benign public photos in order to extort money from them, the FBI warns The post Deepfaking it: What to know about deepfake‑driven sextortion schemes appeared first on WeLiveSecurity
Bleeping Computer
JULY 3, 2023
Microsoft has denied the claims of the so-called hacktivists "Anonymous Sudan" that they breached the company's servers and stole credentials for 30 million customer accounts. [.
Dark Reading
JULY 6, 2023
Attackers are leveraging well-executed brand impersonation in a Google ads malvertising effort that collects both credit card and bank details from victims.
Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP
Did you know that 2021 was a record-breaking year for ransomware? The days of a “once in a while” attack against businesses and organizations are over. Cyberthreats have become a serious issue. With 495.1 million attacks, the threat marked a 148% increase compared to 2020 and was the most expensive year on record! As a result, data protection needs to be a concern for most banks, businesses, and information technology specialists.
Tech Republic Security
JULY 5, 2023
Thales cloud security study shows that 79% of organizations have more than one cloud provider and 75% of companies said they store at least 40% of their sensitive data in the cloud. The post Thales: For Data Breaches, Cloud Assets are Biggest Cybersecurity Headache appeared first on TechRepublic.
SecureList
JULY 5, 2023
The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. Scammers tailor the complexity of technology they use and the thoroughness of their efforts to imitate legitimate websites to how well the target is protected and how large the amount is that they can steal if successful.
The Hacker News
JULY 6, 2023
Details have emerged about a newly identified security flaw in the Linux kernel that could allow a user to gain elevated privileges on a target host. Dubbed StackRot (CVE-2023-3269, CVSS score: 7.8), the flaw impacts Linux versions 6.1 through 6.4. There is no evidence that the shortcoming has been exploited in the wild to date.
Security Boulevard
JULY 6, 2023
On June 23, 2023, SolarWinds revealed via an SEC Form 8-K filing that the U.S. Securities and Exchange Commission (SEC) notified the company that “certain current and former executive officers and employees of the company, including the company’s chief financial officer and chief information security officer,” had received Wells Notices. What is a Wells Notice, The post SEC Sends Wells Notice to SolarWinds Executives appeared first on Security Boulevard.
Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association
PCI compliance can feel challenging and sometimes the result feels like you are optimizing more for security and compliance than you are for business outcomes. The key is to take the right strategy to PCI compliance that gets you both. In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization.
Bleeping Computer
JULY 6, 2023
Cisco warned customers today of a high-severity vulnerability impacting some data center switch models and allowing attackers to tamper with encrypted traffic. [.
Dark Reading
JULY 3, 2023
Some 340,000 FortiGate SSL VPN appliances remain exposed to the threat more than three weeks after Fortinet released firmware updates to address the issue.
Tech Republic Security
JULY 25, 2023
Want a custom security dashboard to bring together data from multiple places? Microsoft Power BI can do that and help you spot what's changing.
Naked Security
JULY 4, 2023
Even if you’ve never heard of the venerable Ghostscript project, you may have it installed without knowing.
Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies
The COVID-19 pandemic forced many people into working remotely, opening the floodgates for a host of digital compliance issues. Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. This is especially vital if your workers were (and still are!) using company equipment from home, or are still working remotely.
The Hacker News
JULY 8, 2023
Two file management apps on the Google Play Store have been discovered to be spyware, putting the privacy and security of up to 1.5 million Android users at risk. These apps engage in deceptive behaviour and secretly send sensitive user data to malicious servers in China. Pradeo, a leading mobile security company, has uncovered this alarming infiltration.
Security Boulevard
JULY 3, 2023
This blog shows another case of GitHub Actions environment injection vulnerability in a Google repository. The previous case where we found vulnerabilities in Firebase repositories can be found here with a detailed explanation of the underline mechanism that allows this type of vulnerabilities. By exploiting this vulnerability an attack could put Google’s Orbit users and maintainers at risk by injecting malicious code, conducting phishing attacks and more, depending on the project specific confi
Bleeping Computer
JULY 6, 2023
Security researchers discovered two malicious file management applications on Google Play with a collective installation count of over 1.5 million that collected excessive user data that goes well beyond what's needed to offer the promised functionality. [.
Dark Reading
JULY 11, 2023
Fixes for more than 100 vulnerabilities affect numerous products, including Windows, Office,Net, and Azure Active Directory, among others.
Speaker: William Hord, Senior VP of Risk & Professional Services
Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?
Expert insights. Personalized for you.
195 
Let's personalize your content