Dark Reading

MARCH 16, 2023

The challenges are steep, but school districts can fight back with planning.

Ransomware 93

Ransomware 93

Krebs on Security

MARCH 17, 2023

The U.S. Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums , a popular English-language cybercrime forum where some of the world biggest hacked databases routinely show up for sale. The forum’s administrator “ Pompompurin ” has been a thorn in the side of the FBI for years, and BreachForums is widely considered a reincarnation of RaidForums , a remarkably similar crime forum that the FBI infiltrated and dismantled in 20

Data breaches 357

Data breaches Cybercrime Insurance Internet 357

Troy Hunt

MARCH 17, 2023

Why can't I audio right? It's my 339th video and I still make mistakes 🙂 But it came good and we got a decent show out of it with lots of interesting engagement even though doing this a lot later in the day than usual. I found the discussion around IoT door locks especially interesting as it's a real nexus of security, usability and a bit of critical thinking about real world risks.

IoT 55

IoT Financial Services Data breaches Risk 55

Schneier on Security

MARCH 14, 2023

From Brian Krebs : A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of the NetWire sales website by the U.S. Federal Bureau of Investigation (FBI). While the defendant in this case hasn’t yet been named publicly, the NetWire website has been leaking information about the likely true identity and lo

Cybercrime 271

Cybercrime Marketing Passwords Spyware 271

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

Joseph Steinberg

MARCH 13, 2023

As pretty much every professional knows, the cyber-threat landscape is constantly and rapidly evolving as hackers discover new techniques to breach organizations. While the introduction of artificial intelligence (AI) is certainly delivering many benefits to mankind, including in the realm of cybersecurity, it has also created all sorts of new risks as evildoers seek to harness AI for their illicit and harmful purposes.

Artificial Intelligence 246

Artificial Intelligence Cybersecurity Cyber threats Cybercrime 246

Krebs on Security

MARCH 15, 2023

Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially severe weakness in Microsoft Outlook that can be exploited without any user interaction. The Outlook vulnerability ( CVE-2023-23397 ) affects all versions of Microsoft Outlook from 2013 to the newest.

Passwords 283

Passwords Cyber threats Authentication Internet 283

Schneier on Security

MARCH 14, 2023

This is a current list of where and when I am scheduled to speak: I’m speaking on “ How to Reclaim Power in the Digital World ” at EPFL in Lausanne, Switzerland, on Thursday, March 16, 2023, at 5:30 PM CET. I’ll be discussing my new book A Hacker’s Mind: How the Powerful Bend Society’s Rules at Harvard Science Center in Cambridge, Massachusetts, USA, on Friday, March 31, 2023 at 6:00 PM EDT.

255

255

Lohrman on Security

MARCH 12, 2023

The Center for Digital Government just released a new guide to help governments in their cloud journeys. Here’s why cybersecurity pros should pay close attention.

Government 209

Government Cybersecurity 209

The Last Watchdog

MARCH 13, 2023

This year has kicked off with a string of high-profile layoffs — particularly in high tech — prompting organizations across all sectors to both consider costs and plan for yet another uncertain 12 or more months. Related: Attack surface management takes center stage. So how will this affect chief information security officers (CISOs) and security programs?

CISO 203

CISO Insurance Cybersecurity Risk 203

Tech Republic Security

MARCH 17, 2023

Some 12% of employees take customer details, health records, sales contracts and other confidential data when leaving a company, according to DTEX. The post How to prevent data theft by existing and departing employees appeared first on TechRepublic.

Risk 190

Risk Cybersecurity 190

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Graham Cluley

MARCH 17, 2023

Well, this isn’t good. Google has issued a warning that some Android phones can be hacked remotely, without the intended victim having to click on anything.

Hacking 145

Hacking 145

We Live Security

MARCH 14, 2023

ESET Research uncovered a campaign by APT group Tick against a data-loss prevention company in East Asia and found a previously unreported tool used by the group The post The slow Tick‑ing time bomb: Tick APT group compromise of a DLP software developer in East Asia appeared first on WeLiveSecurity

Software 145

Software 145

DoublePulsar

MARCH 15, 2023

Yesterday Microsoft dropped a patch for a vulnerability found by @hexnomad.

Cybersecurity 144

Cybersecurity 144

Tech Republic Security

MARCH 17, 2023

Whether you have one year or ten years of IT experience, you'll have an edge when applying to the best cybersecurity positions by preparing for certifications with this e-learning bundle. The post Turbocharge your IT career with cybersecurity training for just $50 appeared first on TechRepublic.

Cybersecurity 35

Cybersecurity 35

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Security Boulevard

MARCH 16, 2023

Ben is disappointed: FBI reports huge rise in cryptocurrency investment scams. Why am I not surprised? The post Scams Lost US $10 BILLION in 2022 — Crypto Fraud Grows Fast appeared first on Security Boulevard.

Scams 140

Scams Cryptocurrency Social Engineering Internet 140

Graham Cluley

MARCH 17, 2023

Security researchers have released a new decryption tool which should come to the rescue of some victims of a modified version of the Conti ransomware, helping them to recover their encrypted data for free. Read more in my article on the Tripwire State of Security blog.

Ransomware 138

Ransomware Encryption Malware 138

SecureWorld News

MARCH 15, 2023

Alright, how many of you saw a cryptocurrency ad on TV in 2022? Oh, yeah, everyone did. How many of you acted on those ads and actually purchased crypto? Probably some of you. Now the important question: how many of you got scammed in some sort of way by cryptocurrency or another type of investment? According to the U.S. Federal Bureau of Investigations (FBI), the answer is a lot of people did.

Cybercrime 136

Cybercrime Scams Cryptocurrency Identity Theft 136

Tech Republic Security

MARCH 13, 2023

By exploiting webcams and other IoT devices, hackers can spy on private and professional conversations, potentially giving them access to sensitive information, says BitSight. The post How internet-facing webcams could put your organization at risk appeared first on TechRepublic.

Internet 173

Internet Internet Risk IoT 173

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

CyberSecurity Insiders

MARCH 17, 2023

After Rubrik, Hitachi Energy issued a public statement that some of its customer accounts might have been compromised, after a ransomware attack took place on a third-party software called Fortra GoAnywhere MFT. Clop ransomware gang is the company that managed to infiltrate the servers and siphon data and a portion of employee data might have been compromised.

Software 136

Software Ransomware Data breaches Financial Services 136

Bleeping Computer

MARCH 17, 2023

U.S. law enforcement arrested on Wednesday a New York man believed to be Pompompurin, the owner of the BreachForums hacking forum. [.

Cybercrime 135

Cybercrime Hacking 135

Security Boulevard

MARCH 14, 2023

Growing interconnectedness makes it harder to detect ransomware before it causes harm. Whether data is processed locally or in the cloud, the risk of a breach is the same. But edge computing also makes it easier for hackers to break in because sensitive data is stored and processed on a wider range of systems. As. The post Using AI Cybersecurity Solutions to Stop Ransomware appeared first on Security Boulevard.

Ransomware 134

Ransomware Cybersecurity Risk IoT 134

Tech Republic Security

MARCH 14, 2023

A possible Chinese attack campaign on compromised unpatched SonicWall SMA edge devices stayed undetected since 2021 and could persist even through firmware updates. The post Attack campaign on edge appliance: undetected since 2021 and resists firmware update appeared first on TechRepublic.

Firmware 172

Firmware Cybersecurity 172

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

CSO Magazine

MARCH 13, 2023

Phishing attempts are typically like fishing in a barrel — given enough time, a bad actor is 100% likely to reel in a victim. Once they recognize organizations as habitually vulnerable, they will continue to target them and the barrel-fishing cycle goes on and on. “Bad actors are highly motivated and funded with the sole attempt to be successful at attracting only one victim,” says Johanna Baum, CEO and founder of Strategic Security Solutions Consulting.

Phishing 131

Phishing 131

Bleeping Computer

MARCH 17, 2023

Microsoft is working on a non-custodial built-in Ethereum crypto wallet for Microsoft Edge to allow users to send and receive cryptocurrency and NFTs. [.

Cryptocurrency 133

Cryptocurrency 133

Security Boulevard

MARCH 17, 2023

Federal Communications Commission rules to block illegal text messages. What took you so long? The post FINALLY! FCC Acts on SMS Scam-Spam — But Will It Work? appeared first on Security Boulevard.

Scams 131

Scams Social Engineering IoT Engineering 131

Tech Republic Security

MARCH 13, 2023

A new malware dubbed HiatusRAT infects routers to spy on its targets, mostly in Europe and in the U.S. Learn which router models are primarily targeted and how to protect from this security threat. The post New Hiatus malware campaign targets routers appeared first on TechRepublic.

Malware 158

Malware Cybersecurity Network Security 158

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Jane Frankland

MARCH 16, 2023

Last week, on March 8, many of us celebrated International Women’s Day (IWD). As many people know, it’s an important day which is used as a focal point in the women’s rights movement, bringing attention to issues such as gender equality, reproductive rights, and violence and abuse against women. All people are encouraged to participate, and in some countries people even celebrate it as a national holiday.

Education 130

Education Technology Engineering Architecture 130

Bleeping Computer

MARCH 16, 2023

Microsoft has released a script to make it easier to patch a BitLocker bypass security vulnerability in the Windows Recovery Environment (WinRE). [.

131

131

Graham Cluley

MARCH 15, 2023

The twisted tale of the two Teslas, and a deepfake sandwich. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

128

128

Tech Republic Security

MARCH 15, 2023

With backing from major firms, credential security company Beyond Identity has launched the Zero Trust Authentication initiative for organizations to hack-proof user credentials. The post For credentials, these are the new Seven Commandments for zero trust appeared first on TechRepublic.

Authentication 157

Authentication Hacking Phishing Ransomware 157

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!