January, 2023

article thumbnail

ChatGPT: Hopes, Dreams, Cheating and Cybersecurity

Lohrman on Security

ChatGPT is an AI-powered chatbot created by OpenAI. So what are the opportunities and risks with using this technology across different domains

article thumbnail

Breaking RSA with a Quantum Computer

Schneier on Security

A group of Chinese researchers have just published a paper claiming that they can—although they have not yet done so—break 2048-bit RSA. This is something to take seriously. It might not be correct, but it’s not obviously wrong.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

Identity thieves have been exploiting a glaring security weakness in the website of Experian , one of the big three consumer credit reporting bureaus.

Web Fraud 342
article thumbnail

Zero Trust Network Architecture vs Zero Trust: What Is the Difference?

Joseph Steinberg

Zero Trust is a term that is often misunderstood and misused, which is why I wrote an article not long ago entitled Zero Trust: What These Overused Cybersecurity Buzz Words Actually Mean – And Do Not Mean.

article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

This exclusive webinar with William Hord, Senior VP of Risk & Professional Services, will explore the foundational elements you need to start or validate your ERM program. He will also dive into topic definitions, governance structures, and framework components for success.

article thumbnail

Pwned or Bot

Troy Hunt

It's fascinating to see how creative people can get with breached data. Of course there's all the nasty stuff (phishing, identity theft, spam), but there are also some amazingly positive uses for data illegally taken from someone else's system.

article thumbnail

How hackers stole the personal data of 37 million T-Mobile customers

Tech Republic Security

The criminals took advantage of an API to grab personal details such as customer names, billing addresses, email addresses, phone numbers, dates of birth, and T-Mobile account numbers. The post How hackers stole the personal data of 37 million T-Mobile customers appeared first on TechRepublic.

Mobile 215

More Trending

article thumbnail

The FBI Identified a Tor User

Schneier on Security

No details , though: According to the complaint against him, Al-Azhari allegedly visited a dark web site that hosts “unofficial propaganda and photographs related to ISIS” multiple times on May 14, 2019.

article thumbnail

New T-Mobile Breach Affects 37 Million Accounts

Krebs on Security

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years.

Mobile 298
article thumbnail

Let The New Year And Its Blessings Begin

Joseph Steinberg

“May the present year’s curses end as it ends, and may the upcoming year’s blessings begin as it begins.”. This ancient aphorism from the Talmud is one of my favorite pieces of advice regarding the start of a new year.

article thumbnail

GUEST ESSAY: How I started a company to supply democratized pentests to immunize websites

The Last Watchdog

My name is Eden Zaraf. I’ve been driven by my passion for technology for as long as I can remember. Somewhere around the age of 13, I learned to code. I developed scripts, websites and got involved in security which led me to penetration testing. Related: Leveraging employees as detectors. Penetration Testing is a never-ending challenge. Five years ago, my friend Sahar Avitan began developing an automatic penetration testing tool for our own use.

article thumbnail

The Power of Storytelling in Risk Management

Speaker: Dr. Karen Hardy, CEO and Chief Risk Officer of Strategic Leadership Advisors LLC

Join this exclusive webinar with Dr. Karen Hardy, where she will explore the power of storytelling in risk communication as a core component of a resilient organization's management framework!

article thumbnail

FBI takes down Hive ransomware group

Tech Republic Security

Working with international law enforcement, the FBI said it has seized control of the servers the Hive group uses to communicate with members. The post FBI takes down Hive ransomware group appeared first on TechRepublic. Security fbi hive hive ransomware group ransomware

article thumbnail

Are Cyber Attacks at Risk of Becoming 'Uninsurable'?

Lohrman on Security

There are dark clouds on the horizon as well as conflicting forecasts regarding cyber insurance in 2023 and beyond. Where will the insurance market go from here on cybersecurity coverage

article thumbnail

Kevin Mitnick Hacked California Law in 1983

Schneier on Security

Early in his career, Kevin Mitnick successfully hacked California law. He told me the story when he heard about my new book , which he partially recounts his 2012 book, Ghost in the Wires.

Hacking 335
article thumbnail

Experian Glitch Exposing Credit Files Lasted 47 Days

Krebs on Security

On Dec.

Web Fraud 286
article thumbnail

Everything You Need to Know About Crypto

Speaker: Ryan McInerny, CAMS, FRM, MSBA - Principal, Product Strategy

This exclusive webinar with Ryan McInerny will teach you all about cryptocurrency and NFTs! Register to learn more about identifying crypto transactions, crypto asset market trends, managing risk and compliance, and supporting customers and partners using crypto-based payments.

article thumbnail

Cyber Security Expert Joseph Steinberg To Continue Serving On Newsweek Expert Forum In 2023

Joseph Steinberg

Cyber Security Expert, Joseph Steinberg, who joined Newsweek’s Expert Forum in 2021, will continue serving as a member of the premier news organization’s council in 2023.

article thumbnail

GUEST ESSAY — How threat detection services for SMBs are continuing to evolve and improve

The Last Watchdog

Small and medium-sized businesses are facing immense security challenges and these are the same as those of mid-size or larger enterprises. Related: Myths about safe browsing Clearly, SMBs need to be alert for cyberattacks, but they also need to stay focused on their business and not sacrifice productivity. Organizations are confronted with a severe security threats landscape, and it is critical that they have the ability to prevent, detect and respond to these threats in a timely manner.

article thumbnail

Ransomware attacks are decreasing, but companies remain vulnerable

Tech Republic Security

Only 25% of the organizations surveyed by Delinea were hit by ransomware attacks in 2022, but fewer companies are taking proactive steps to prevent such attacks. The post Ransomware attacks are decreasing, but companies remain vulnerable appeared first on TechRepublic.

article thumbnail

Most Popular Cybersecurity Blog Posts from 2022

Lohrman on Security

What were the top government technology and security blogs in 2022? The metrics don’t lie, and they tell us what cybersecurity and technology infrastructure topics were most popular

article thumbnail

Exploring the Overlap: Cost Optimization and Digital Transformation

Speaker: Alex Jiménez, Managing Principal, Financial Service Consulting for EPAM

The largest banks have increased reserves for protection against deteriorating economic conditions. Should banks delay their digital transformation investments and focus on cost reductions? In this webinar, Alex Jiménez will walk us through that question and examine the prudent course of action.

article thumbnail

Security Analysis of Threema

Schneier on Security

A group of Swiss researchers have published an impressive security analysis of Threema. We provide an extensive cryptographic analysis of Threema, a Swiss-based encrypted messaging application with more than 10 million users and 7000 corporate customers.

article thumbnail

Microsoft Patch Tuesday, January 2023 Edition

Krebs on Security

Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S.

article thumbnail

Weekly Update 329

Troy Hunt

Strap yourself in, this is a big one! Big video, big breach (scrape?), and a big audience today.

article thumbnail

FIRESIDE CHAT: Can ‘MLSecOps’ do for MLOps, what DevSecOps is doing for DevOps?

The Last Watchdog

Massively interconnected digital services could someday soon save the planet and improve the lives of one and all. Related: Focusing on security leading indicators But first, enterprises and small businesses, alike, must come to grips with software vulnerabilities that are cropping up – and being exploited – at a blistering pace. Innovative vulnerability management solutions are taking shape to meet this challenge.

article thumbnail

The Anti-Money Laundering Act of 2020: Initial Catalysts, Current Implications, and Future Impacts

Speaker: Elizabeth "Paige" Baumann, Founder and CEO of Paige Baumann Advisory, LLC

In this session, Elizabeth “Paige” Baumann will cover the Anti-Money Laundering Act of 2020, which also includes the Corporate Transparency Act. She'll take a deep dive into the catalysts that brought on the act, the current implications of the act, and what impacts the act has on the future of banking and finance.

article thumbnail

As a cybersecurity blade, ChatGPT can cut both ways

Tech Republic Security

The cybersecurity implications of ChatGPT are vast, especially for email exploits, but putting up guardrails, flagging elements of phishing emails that it doesn’t touch and using it to train itself could help boost defense.

Phishing 201
article thumbnail

3 Ways ChatGPT Will Change Infosec in 2023

Dark Reading

OpenAI's chatbot has the promise to revolutionize how security practitioners work

InfoSec 145
article thumbnail

AI and Political Lobbying

Schneier on Security

Launched just weeks ago, ChatGPT is already threatening to upend how we draft everyday communications like emails , college essays and myriad other forms of writing.

article thumbnail

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

Denis Emelyantsev , a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

article thumbnail

Weekly Update 332

Troy Hunt

Breaches all over the place today! Well, this past week, and there's some debate as to whether one of them is a breach, a scrape or if the term just doesn't matter anyway.

214
214
article thumbnail

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

The Last Watchdog

In golf there’s a popular saying: play the course, not your opponent. Related: How ‘CAASM’ closes gaps. In an enterprise, it’s the same rule. All areas of an organization need to be free to “play their own game.”. And when malware, ransomware, or other cyber threats get in the way, the focus shifts from forward progress to focused co-operation. A security strategy should clear obstacles and enable every part of a business operation to run smoothly.

Risk 178
article thumbnail

Recent 2022 cyberattacks presage a rocky 2023

Tech Republic Security

A spate of zero-day exploits against Twitter, Rackspace and others late last year showed the limits of a cybersecurity workforce under duress, a step behind and understaffed with some 3.4 million vacant seats. The post Recent 2022 cyberattacks presage a rocky 2023 appeared first on TechRepublic.

article thumbnail

‘Hive’ Russian Ransomware Gang Shut Down by FBI, DoJ, Europol, Bundeskriminalamt, et al

Security Boulevard

Law enforcement agencies from several countries got together and took down the site. They also worked to decrypt victims’ data. The post ‘Hive’ Russian Ransomware Gang Shut Down by FBI, DoJ, Europol, Bundeskriminalamt, et al appeared first on Security Boulevard.

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.