Sat.Oct 29, 2022 - Fri.Nov 04, 2022

A massive cyberattack hit Slovak and Polish Parliaments

Security Affairs

The Slovak and Polish parliaments were hit by a massive cyber attack, and the voting system in Slovakia’s legislature was brought down. A massive cyber attack hit the Slovak and Polish parliaments, reported the authorities.

Iran’s Digital Surveillance Tools Leaked

Schneier on Security

It’s Iran’s turn to have its digital surveillance tools leaked : According to these internal documents, SIAM is a computer system that works behind the scenes of Iranian cellular networks, providing its operators a broad menu of remote commands to alter, disrupt, and monitor how customers use their phones.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

Krebs on Security

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims.

Better Supporting the Have I Been Pwned API with Zendesk

Troy Hunt

I've been investing a heap of time into Have I Been Pwned (HIBP) lately, ranging from all the usual stuff (namely trawling through masses of data breaches) to all new stuff, in particular expanding and enhancing the public API.

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

2022 State Cyber Summit Recaps from Kansas and Michigan

Lohrman on Security

Cyber summits were held this past week in Michigan and Kansas, and hot topics ranged from workforce development to ransomware to growing global cyber threats. Here’s a rundown

Apple Only Commits to Patching Latest OS Version

Schneier on Security

People have suspected this for a while, but Apple has made it official. It only commits to fully patching the latest version of its OS, even though it claims to support older versions.

239
239

More Trending

GUEST ESSAY: A roadmap to achieve a better balance of network security and performance

The Last Watchdog

Here’s a frustrating reality about securing an enterprise network: the more closely you inspect network traffic, the more it deteriorates the user experience. Related: Taking a risk-assessment approach to vulnerabilities. Slow down application performance a little, and you’ve got frustrated users. Slow it down a lot, and most likely, whichever knob you just turned gets quickly turned back again—potentially leaving your business exposed. It’s a delicate balance.

Weekly Update 320

Troy Hunt

I feel like life is finally complete: I have beaches, sunshine and fast internet!

NSA on Supply Chain Security

Schneier on Security

The NSA (together with CISA) has published a long report on supply-chain security: “ Securing the Software Supply Chain: Recommended Practices Guide for Suppliers.

Hacker Charged With Extorting Online Psychotherapy Service

Krebs on Security

A 25-year-old Finnish man has been charged with extorting a once popular and now-bankrupt online psychotherapy company and its patients.

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

About $1 billion ransomware payments made in 2021 in United States

CyberSecurity Insiders

According to a finding of Treasury Department Data shared with world renowned news resource CNN, about $1 billion ransomware payments were made across the United States in the year 2021; probably the most ever reported in the history of cyber crime.

Weekly Update 319

Troy Hunt

Geez we've been getting hammered down here: Optus, MyDeal, Vinomofo, Medibank and now Australian Clinical Labs.

IoT 182

Dispelling Body Language Myths

Security Boulevard

Written by Christopher Hadnagy and Dr. Abbie Marono There is no denying the appeal of body-language focused blogs, particularly those […]. The post Dispelling Body Language Myths appeared first on Security Boulevard.

Cisco addressed several high-severity flaws in its products

Security Affairs

Cisco addressed multiple flaws impacting its products, including high-severity issues in identity, email, and web security solutions. Cisco addressed multiple vulnerabilities impacting some of its products, including high-severity flaws in identity, email, and web security products.

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Russia Killnet hacking group targets the US Treasury

CyberSecurity Insiders

US Treasury has released an official confirmation that Russia funded Killnet hacking group was constantly targeting US Financial systems to either disrupt or bring down the whole on a permanent note.

Open-source repository SourceHut to remove all cryptocurrency-related projects

Tech Republic Security

Also including blockchain-related projects in the ban, SourceHut's creator said the technology is associated with fraudulent activities and high-risk investments. The post Open-source repository SourceHut to remove all cryptocurrency-related projects appeared first on TechRepublic.

FBI/CISA Failed: Biden’s Ransomware Summit Convenes, Impotently

Security Boulevard

The International Counter Ransomware Summit is on in D.C., with 36 nations and blocs. But will it amount to anything of substance? The post FBI/CISA Failed: Biden’s Ransomware Summit Convenes, Impotently appeared first on Security Boulevard.

Dropbox discloses unauthorized access to 130 GitHub source code repositories

Security Affairs

Dropbox disclosed a security breach, threat actors gained unauthorized access to 130 of its source code repositories on GitHub. File hosting service Dropbox announced that threat actors gained unauthorized access to 130 of its source code repositories on GitHub.

How to Avoid the Pain and Cost of PCI Compliance While Optimizing Payments

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

Cybersecurity news headlines trending on Google

CyberSecurity Insiders

First news that is trending on the Google search engine is related to a ransomware attack that took place on Germany’s Copper producer ‘Aurubis’. News is out that the world’s second largest producer’s IT systems were hit by a ransomware attack disrupting the digital infrastructure to the core.

The Sky Is Not Falling: Disclosed OpenSSL Bugs Are Serious but Not Critical

Dark Reading

Organizations should update to the latest encryption (version 3.0.7) as soon as possible, but there's no need for Heartbleed-like panic, security experts say

Password Attacks – Saving Time for the Fun Stuff

Security Boulevard

Pentesters love passwords. It’s great for us that the keys to the kingdom lie in something the user usually chooses and most often chooses insecurely.

LockBit 3.0 gang claims to have stolen data from Thales

Security Affairs

The ransomware group LockBit 3.0 claimed to have stolen data from the French defence and technology group Thales. Thales is a global high-tech leader with more than 81,000 employees worldwide.

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

New ransomware tries to corner cybersecurity researchers

CyberSecurity Insiders

A new ransomware named ‘Azov Ransomware’ is found framing cybersecurity researchers as it doesn’t demand any ransom from its victims, instead it is asking them to contact forensic experts from a firm in the vicinity and do as per their instructions.

RomCom Malware Woos Victims With 'Wrapped' SolarWinds, KeePass Software

Dark Reading

An analysis of the RomCom APT shows the group is expanding its efforts beyond the Ukrainian military into the UK and other English-speaking countries

Cybersecurity Insights with Contrast SVP of Cyber Strategy Tom Kellermann | 11/4

Security Boulevard

Insight #1. ". The game has changed, today's cybercrime cartels want to hijack your digital transformation and use it to launch attacks against your customers. Cybersecurity has become a brand protection imperative. It’s time for you to discuss cybersecurity with your CMO and GC.”. . Insight #2. ".

Former British Prime Minister Liz Truss ‘s phone was allegedly hacked by Russian spies

Security Affairs

According to the Daily Mail, Former British Prime Minister Liz Truss ‘s personal phone was hacked by Russian spies. The personal mobile phone of British Prime Minister Liz Truss was hacked by cyber spies suspected of working for the Kremlin, the Daily Mail reported.

The State of Endpoint Security Management in 2022: It’s Worse Than You Suspect

CyberSecurity Insiders

How important is endpoint security management for organizations? If you ask security managers, not that much. A recent poll shows that it is not a concern for 60 percent of organizations.

Microsoft Warns on Zero-Day Spike as Nation-State Groups Shift Tactics

Dark Reading

The software giant also recorded an increase in attacks on IT services companies as state-backed threat actors have adapted to better enterprise defenses and cast a wider net, Microsoft says

Preventing Hyperjacking in a virtual environment

Security Boulevard

In the rapidly evolving world of information security, attack vectors, and cyberattacks, there is a. The post Preventing Hyperjacking in a virtual environment appeared first on Entrust Blog. The post Preventing Hyperjacking in a virtual environment appeared first on Security Boulevard.

VMware warns of the public availability of CVE-2021-39144 exploit code

Security Affairs

VMware warned of the availability of a public exploit for a recently addressed critical remote code execution flaw in NSX Data Center for vSphere (NSX-V).

FTC issues cybersecurity warning to Chegg

CyberSecurity Insiders

Chegg, the American company that offers textbook rental and homework related online services to school and college students, has been asked to revamp its security practices. Failing which it will be eligible to go through harsh legal practices and hefty financial implications.

Still Using Passwords? Get Started with Phishing-Resistant, Passwordless Authentication Now!

Cisco CSR

Going beyond the hype, passwordless authentication is now a reality. Cisco Duo’s passwordless authentication is now generally available across all Duo Editions.