Schneier on Security

JULY 26, 2021

Ransomware isn’t new; the idea dates back to 1986 with the “Brain” computer virus. Now, it’s become the criminal business model of the internet for two reasons.

Ransomware 285

Ransomware Banking Cryptocurrency Marketing 285

Troy Hunt

JULY 21, 2021

When the Ashley Madison data breach occurred in 2015, it made headline news around the world. Not just infosec headlines or tech headlines, but the headlines of major consumer media the likes my mum and dad would read.

Accountability 285

Accountability DNS Data breaches InfoSec 285

Lohrman on Security

JULY 18, 2021

Global leaders want to carve out specific areas of critical infrastructure to be protected under international agreements from cyber attacks. But where does that leave others

Government 280

Government Cyber Attacks Ransomware 280

Joseph Steinberg

JULY 8, 2021

Insurance 274

Insurance Cybersecurity Cyber Insurance Artificial Intelligence 274

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

Marketing

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals.

Passwords 244

Passwords Web Fraud Scams Phishing 244

The Last Watchdog

JULY 8, 2021

It was bound to happen: a supply-chain compromise, ala SolarWinds, has been combined with a ransomware assault, akin to Colonial Pipeline, with devasting implications. Related: The targeting of supply chains. Last Friday, July 2, in a matter of a few minutes, a Russian hacking collective, known as REvil, distributed leading-edge ransomware to thousands of small- and mid-sized businesses (SMBs) across the planet — and succeeded in locking out critical systems in at least 1,500 of them.

Hacking 199

Hacking Ransomware Architecture CSO 199

Troy Hunt

JULY 5, 2021

Today I'm very happy to welcome the Dutch government to HIBP, marking 24 national CERTs that now have full and free access to API level domain searches.

Government 285

Government Data breaches 285

Lohrman on Security

JULY 11, 2021

With a red-hot job market and great career prospects, more and more people want to know what they have to do to get a cybersecurity job — or better yet a career. Here’s my perspective

Marketing 280

Marketing Cybersecurity 280

Daniel Miessler

JULY 21, 2021

There’s a paradox in information security where the community wants two things at once: High quality research and talks, and. Unbiased research and talks. I’ve personally been one of these affiliated speakers countless times.

Marketing 273

Marketing Mobile Information Security 273

Krebs on Security

JULY 21, 2021

A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that led to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today.

Wireless 232

Wireless Accountability Media Passwords 232

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

Data privacy

The Last Watchdog

JULY 7, 2021

The video game industry saw massive growth in 2020; nothing like a global pandemic to drive people to spend more time than ever gaming. Related: Credential stuffers exploit Covid 19 pandemic. Now comes a report from Akamai detailing the extent to which cyber criminals preyed on this development. The video game industry withstood nearly 11 billion credential stuffing attacks in 2020, a 224 percent spike over 2019.

Accountability 198

Accountability Passwords Authentication Mobile 198

Schneier on Security

JULY 28, 2021

Data collection 283

Data collection Surveillance Mobile Advertising 283

Troy Hunt

JULY 13, 2021

I've spent more time IoT'ing my house over the last year than any sane person ever should. But hey, it's been strange times for all of us and it's kept me entertained whilst no longer travelling.

Internet 283

Internet Internet Firmware Manufacturing 283

Lohrman on Security

JULY 25, 2021

Vincent Hoang became the CISO in Hawaii in 2016. In this interview, Vince shares his journey and cyber priorities in protecting the Aloha State, particularly among the challenges presented by COVID-19

CISO 203

CISO Government Cybersecurity 203

Javvad Malik

JULY 7, 2021

Logan Paul and his brother Jake Paul are what you could call social media celebrities. They amassed over 20 million followers across YouTube, Vine, Instagram, and others over the years through different types of content, sketches, and pranks.

CISO 190

CISO Phishing Media Security Awareness 190

Krebs on Security

JULY 2, 2021

Some of Western Digital’s MyCloud-based data storage devices. Image: WD.

Firmware 234

Firmware Passwords Internet Internet 234

The Last Watchdog

JULY 21, 2021

Most of us, by now, take electronic signatures for granted. Related: Why PKI will endure as the Internet’s secure core. Popular services, like DocuSign and Adobe Sign, have established themselves as convenient, familiar tools to conduct daily commerce, exclusively online. Yet electronic signatures do have their security limitations.

Computers and Electronics 197

Computers and Electronics Digital transformation Authentication Encryption 197

Schneier on Security

JULY 6, 2021

A vulnerability (just patched) in the random number generator used in the Kaspersky Password Manager resulted in easily guessable passwords: The password generator included in Kaspersky Password Manager had several problems.

Password Management 284

Password Management Passwords 284

Troy Hunt

JULY 12, 2021

Marking the 25th national CERT to have full and free API level access to in HIBP, I'm very happy to welcome CERT-IL in the Israel National Cyber Directorate (INCD) on board.

Government 271

Government 271

Lohrman on Security

JULY 4, 2021

Guy Perelmuter offers an insightful, easy to read, helpful guide to present and future technology in business areas ranging from the future of jobs to AI and from cryptocurrencies to quantum computing.

Cryptocurrency 165

Cryptocurrency Technology 165

Daniel Miessler

JULY 23, 2021

There’s massive confusion in the security community around Security Through Obscurity. In general, most people know it’s bad, but they can’t say exactly why.

Encryption 213

Encryption Information Security 213

Krebs on Security

JULY 19, 2021

Browse the comments on virtually any story about a ransomware attack and you will almost surely encounter the view that the victim organization could have avoided paying their extortionists if only they’d had proper data backups.

Backups 232

Backups Encryption Insurance Internet 232

The Last Watchdog

JULY 26, 2021

Google’s addition to Gmail of something called Verified Mark Certificates (VMCs) is a very big deal in the arcane world of online marketing. Related: Dangers of weaponized email. This happened rather quietly as Google announced the official launch of VMCs in a blog post on July 12. Henceforth companies will be able to insert their trademarked logos in Gmail’s avatar slot; many marketers can’t wait to distribute email carrying certified logos to billions of inboxes.

Marketing 184

Marketing Cybersecurity Phishing Authentication 184

Schneier on Security

JULY 30, 2021

New paper: “ Encrypted Cloud Photo Storage Using Google Photos “: Abstract: Cloud photo services are widely used for persistent, convenient, and often free photo storage, which is especially useful for mobile devices.

Encryption 272

Encryption Architecture Mobile 272

Troy Hunt

JULY 23, 2021

This week, by popular demand, it's Charlotte! Oh - and Scott. People had been asking for Charlotte for a while, so we finally decided to do a weekly update together on how she's been transitioning from Mac to PC.

IoT 248

IoT 248

Anton on Security

JULY 30, 2021

I keep coming to the same topic over and over? —?why why are we still bad at detecting threats? I’ve lamented on this a few times, either touching on general difficulties with detection , its uncertainty or highlighting the fragile detections people write.

Threat Detection 130

Threat Detection Authentication Engineering Cybersecurity 130

Adam Shostack

JULY 13, 2021

It’s the latest in the World’s Shortest Threat Modeling videos! Also, I set up [link] to make it easy to find my Youtube channel. threat modeling videos

130

130

Krebs on Security

JULY 1, 2021

Financial services giant Intuit this week informed 1.4

Small Business 230

Small Business Financial Services Government Authentication 230

The Last Watchdog

JULY 29, 2021

Modern civilization revolves around inextricably intertwined relationships. This is why our financial markets rise and fall in lock step; why climate change is accelerating; and why a novel virus can so swiftly and pervasively encircle the planet. Related: What it will take to truly secure data lakes. Complex relationships also come into play when it comes to operating modern business networks. A lack of understanding of these relationships is a big reason why cloud breaches happen.

Cloud Migration 168

Cloud Migration Digital transformation Risk CISO 168

Schneier on Security

JULY 2, 2021

Two reports this week.

Hacking 274

Hacking Passwords Accountability Cybersecurity 274

Troy Hunt

JULY 11, 2021

Between school holidays and a house full of tradies repairing things, there wasn't a lot a free time this week.

IoT 227

IoT Encryption Government 227

Tech Republic Security

JULY 27, 2021

To ward off the attack known as PetitPotam, Microsoft advises you to disable NTLM authentication on your Windows domain controller

Authentication 171

Authentication 171

Adam Shostack

JULY 7, 2021

The latest in the World’s Shortest Threat Modeling Videos: podcasts threat modeling videos

130

130

Krebs on Security

JULY 7, 2021

Microsoft on Tuesday issued an emergency software update to quash a security bug that’s been dubbed “ PrintNightmare ,” a critical vulnerability in all supported versions of Windows that is actively being exploited.

Backups 225

Backups Engineering Software 225

The Last Watchdog

JULY 27, 2021

The ethical hackers at WizCase recently disclosed another stunning example of sensitive consumer data left out in the open in the public cloud — for one and all to access. Related: How stolen data gets leveraged in full-stack attacks. This latest high-profile example of security sloppiness was uncovered by a team of white hat hackers led by Ata Hakçil.

Scams 161

Scams Encryption Passwords Government 161