Dark Reading

MARCH 16, 2023

The challenges are steep, but school districts can fight back with planning.

Ransomware 93

Ransomware 93

Krebs on Security

MARCH 17, 2023

The U.S. Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums , a popular English-language cybercrime forum where some of the world biggest hacked databases routinely show up for sale. The forum’s administrator “ Pompompurin ” has been a thorn in the side of the FBI for years, and BreachForums is widely considered a reincarnation of RaidForums , a remarkably similar crime forum that the FBI infiltrated and dismantled in 20

Data breaches 356

Data breaches Cybercrime Insurance Internet 356

Schneier on Security

MARCH 14, 2023

From Brian Krebs : A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of the NetWire sales website by the U.S. Federal Bureau of Investigation (FBI). While the defendant in this case hasn’t yet been named publicly, the NetWire website has been leaking information about the likely true identity and lo

Cybercrime 281

Cybercrime Marketing Passwords Spyware 281

Troy Hunt

MARCH 17, 2023

Why can't I audio right? It's my 339th video and I still make mistakes 🙂 But it came good and we got a decent show out of it with lots of interesting engagement even though doing this a lot later in the day than usual. I found the discussion around IoT door locks especially interesting as it's a real nexus of security, usability and a bit of critical thinking about real world risks.

IoT 54

IoT Financial Services Data breaches Risk 54

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

Joseph Steinberg

MARCH 13, 2023

As pretty much every professional knows, the cyber-threat landscape is constantly and rapidly evolving as hackers discover new techniques to breach organizations. While the introduction of artificial intelligence (AI) is certainly delivering many benefits to mankind, including in the realm of cybersecurity, it has also created all sorts of new risks as evildoers seek to harness AI for their illicit and harmful purposes.

Artificial Intelligence 246

Artificial Intelligence Cybersecurity Cyber threats Cybercrime 246

Krebs on Security

MARCH 15, 2023

Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially severe weakness in Microsoft Outlook that can be exploited without any user interaction. The Outlook vulnerability ( CVE-2023-23397 ) affects all versions of Microsoft Outlook from 2013 to the newest.

Passwords 282

Passwords Cyber threats Authentication Internet 282

Tech Republic Security

MARCH 15, 2023

AI-generated phishing emails, including ones created by ChatGPT, present a potential new threat for security professionals, says Hoxhunt. The post Humans are still better at creating phishing emails than AI — for now appeared first on TechRepublic.

Phishing 212

Phishing Artificial Intelligence Cybersecurity 212

Lohrman on Security

MARCH 12, 2023

The Center for Digital Government just released a new guide to help governments in their cloud journeys. Here’s why cybersecurity pros should pay close attention.

Government 208

Government Cybersecurity 208

The Last Watchdog

MARCH 13, 2023

This year has kicked off with a string of high-profile layoffs — particularly in high tech — prompting organizations across all sectors to both consider costs and plan for yet another uncertain 12 or more months. Related: Attack surface management takes center stage. So how will this affect chief information security officers (CISOs) and security programs?

CISO 203

CISO Insurance Cybersecurity Risk 203

Graham Cluley

MARCH 17, 2023

Well, this isn’t good. Google has issued a warning that some Android phones can be hacked remotely, without the intended victim having to click on anything.

Hacking 145

Hacking 145

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Tech Republic Security

MARCH 17, 2023

Some 12% of employees take customer details, health records, sales contracts and other confidential data when leaving a company, according to DTEX. The post How to prevent data theft by existing and departing employees appeared first on TechRepublic.

Risk 190

Risk Cybersecurity 190

We Live Security

MARCH 14, 2023

ESET Research uncovered a campaign by APT group Tick against a data-loss prevention company in East Asia and found a previously unreported tool used by the group The post The slow Tick‑ing time bomb: Tick APT group compromise of a DLP software developer in East Asia appeared first on WeLiveSecurity

Software 145

Software 145

DoublePulsar

MARCH 15, 2023

Yesterday Microsoft dropped a patch for a vulnerability found by @hexnomad.

Cybersecurity 144

Cybersecurity 144

Security Boulevard

MARCH 16, 2023

Ben is disappointed: FBI reports huge rise in cryptocurrency investment scams. Why am I not surprised? The post Scams Lost US $10 BILLION in 2022 — Crypto Fraud Grows Fast appeared first on Security Boulevard.

Scams 140

Scams Cryptocurrency Social Engineering Internet 140

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Tech Republic Security

MARCH 17, 2023

Whether you have one year or ten years of IT experience, you'll have an edge when applying to the best cybersecurity positions by preparing for certifications with this e-learning bundle. The post Turbocharge your IT career with cybersecurity training for just $50 appeared first on TechRepublic.

Cybersecurity 35

Cybersecurity 35

CyberSecurity Insiders

MARCH 17, 2023

After Rubrik, Hitachi Energy issued a public statement that some of its customer accounts might have been compromised, after a ransomware attack took place on a third-party software called Fortra GoAnywhere MFT. Clop ransomware gang is the company that managed to infiltrate the servers and siphon data and a portion of employee data might have been compromised.

Software 136

Software Ransomware Data breaches Financial Services 136

SecureWorld News

MARCH 15, 2023

Alright, how many of you saw a cryptocurrency ad on TV in 2022? Oh, yeah, everyone did. How many of you acted on those ads and actually purchased crypto? Probably some of you. Now the important question: how many of you got scammed in some sort of way by cryptocurrency or another type of investment? According to the U.S. Federal Bureau of Investigations (FBI), the answer is a lot of people did.

Cybercrime 136

Cybercrime Scams Cryptocurrency Identity Theft 136

Bleeping Computer

MARCH 17, 2023

U.S. law enforcement arrested on Wednesday a New York man believed to be Pompompurin, the owner of the BreachForums hacking forum. [.

Cybercrime 135

Cybercrime Hacking 135

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Tech Republic Security

MARCH 13, 2023

By exploiting webcams and other IoT devices, hackers can spy on private and professional conversations, potentially giving them access to sensitive information, says BitSight. The post How internet-facing webcams could put your organization at risk appeared first on TechRepublic.

Internet 174

Internet Internet Risk IoT 174

Security Boulevard

MARCH 14, 2023

Growing interconnectedness makes it harder to detect ransomware before it causes harm. Whether data is processed locally or in the cloud, the risk of a breach is the same. But edge computing also makes it easier for hackers to break in because sensitive data is stored and processed on a wider range of systems. As. The post Using AI Cybersecurity Solutions to Stop Ransomware appeared first on Security Boulevard.

Ransomware 134

Ransomware Cybersecurity Risk IoT 134

CSO Magazine

MARCH 13, 2023

Phishing attempts are typically like fishing in a barrel — given enough time, a bad actor is 100% likely to reel in a victim. Once they recognize organizations as habitually vulnerable, they will continue to target them and the barrel-fishing cycle goes on and on. “Bad actors are highly motivated and funded with the sole attempt to be successful at attracting only one victim,” says Johanna Baum, CEO and founder of Strategic Security Solutions Consulting.

Phishing 131

Phishing 131

Bleeping Computer

MARCH 17, 2023

Microsoft is working on a non-custodial built-in Ethereum crypto wallet for Microsoft Edge to allow users to send and receive cryptocurrency and NFTs. [.

Cryptocurrency 133

Cryptocurrency 133

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

Tech Republic Security

MARCH 14, 2023

A possible Chinese attack campaign on compromised unpatched SonicWall SMA edge devices stayed undetected since 2021 and could persist even through firmware updates. The post Attack campaign on edge appliance: undetected since 2021 and resists firmware update appeared first on TechRepublic.

Firmware 173

Firmware Cybersecurity 173

Security Boulevard

MARCH 17, 2023

Federal Communications Commission rules to block illegal text messages. What took you so long? The post FINALLY! FCC Acts on SMS Scam-Spam — But Will It Work? appeared first on Security Boulevard.

Scams 131

Scams Social Engineering IoT Engineering 131

Jane Frankland

MARCH 16, 2023

Last week, on March 8, many of us celebrated International Women’s Day (IWD). As many people know, it’s an important day which is used as a focal point in the women’s rights movement, bringing attention to issues such as gender equality, reproductive rights, and violence and abuse against women. All people are encouraged to participate, and in some countries people even celebrate it as a national holiday.

Education 130

Education Technology Engineering Architecture 130

Bleeping Computer

MARCH 16, 2023

Microsoft has released a script to make it easier to patch a BitLocker bypass security vulnerability in the Windows Recovery Environment (WinRE). [.

131

131

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Tech Republic Security

MARCH 15, 2023

PURPOSE The purpose of this policy is to provide guidelines for the appropriate disposal of information and the destruction of electronic media, which is defined as any storage device used to hold company information including, but not limited to, hard disks, magnetic tapes, compact discs, audio or videotapes, and removable storage devices such as USB.

Media 165

Media 165

CSO Magazine

MARCH 14, 2023

During every quarter last year, between 10% and 16% of organizations had DNS traffic originating on their networks towards command-and-control (C2) servers associated with known botnets and various other malware threats, according to a report from cloud and content delivery network provider Akamai. More than a quarter of that traffic went to servers belonging to initial access brokers, attackers who sell access into corporate networks to other cybercriminals, the report stated.

DNS 128

DNS Malware Ransomware 128

Dark Reading

MARCH 17, 2023

DDoS cyberattack campaigns from the pro-Russian group have spiked significantly.

DDOS 126

DDOS Healthcare 126

Bleeping Computer

MARCH 17, 2023

The NBA (National Basketball Association) is notifying fans of a data breach after some of their personal information, "held" by a third-party newsletter service, was stolen. [.

Data breaches 125

Data breaches 125

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!