Security Boulevard
JUNE 25, 2021
Even before the COVID-19 pandemic, small to mid-sized businesses (SMBs) faced unique challenges on the cybersecurity front. The massive disruption caused by the pandemic only exacerbated the challenges of protecting data, systems and business—not to mention customers and their data. Now that we’re starting to see signs of recovery, it’s important for SMBs to view.
CyberSecurity Insiders
JUNE 21, 2021
By Matthew Meehan, chief operating officer at TokenEx. We have all heard the proverb that teaches, “slow and steady wins the race.” But what if slow isn’t an option? In the wake of COVID-19, many businesses sped through the digitization process to transform their businesses in record time. In their haste, important data protection measures and security considerations were either undermined, or simply not considered.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Herjavec Group
JUNE 25, 2021
Our Founder and CEO, Robert Herjavec, spoke with MediaPlanet to contribute to Innovating Canada’s Business Resilience Campaign. Read the full interview to learn about Robert’s insights on the importance of cyber resilience and how the cybersecurity landscape has changed over the past year. What business priorities have the unprecedented disruptions caused by the pandemic brought to the forefront?
Krebs on Security
JUNE 21, 2021
Amid multiple recent reports of hackers breaking into and tampering with drinking water treatment systems comes a new industry survey with some sobering findings: A majority of the 52,000 separate drinking water systems in the United States still haven’t inventoried some or any of their information technology systems — a basic first step in protecting networks from cyberattacks.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Troy Hunt
JUNE 19, 2021
Thought I'd do a bit of AMA this week given the rest of the content was a bit lighter. If you like this sort of content then I'll try and be a bit more organised next time, give some notice and make more of an event out of it. Other than that, I'm screwing around with more IoT things, dealing with more breaches, onboarding new governments so yeah, same same 🙂 References Here's the iFixit kit I bought, it's the "Pro Tech Toolkit" (this is a really nice pie
Joseph Steinberg
JUNE 23, 2021
Cyber Security Expert, Joseph Steinberg, has joined Newsweek’s Expert Forum, the premier news outlet’s invitation-only community of pioneering thinkers and industry leaders. Steinberg was selected for the forum based on his proven expertise in the fields of cybersecurity, privacy, and artificial intelligence. Scott Gerber, founder of the Newsweek Expert Forum, noted: “We are honored to accept Joseph Steinberg into the Newsweek Expert Forum.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Krebs on Security
JUNE 23, 2021
In 2015, police departments worldwide started finding ATMs compromised with advanced new “shimming” devices made to steal data from chip card transactions. Authorities in the United States and abroad had seized many of these shimmers, but for years couldn’t decrypt the data on the devices. This is a story of ingenuity and happenstance, and how one former Secret Service agent helped crack a code that revealed the contours of a global organized crime ring.
Troy Hunt
JUNE 23, 2021
Recently, I've been providing a lot of additional government access to Have I Been Pwned. Today I'm happy to welcome the Jamaica Cyber Incident Response Team (JaCIRT), the 22nd national CERT on HIBP and 11th in the last 4 months. They now have full and free API level access to query all government domains belonging to the Caribbean nation.
Lohrman on Security
JUNE 20, 2021
The North Atlantic Treaty Organization (NATO) opened the door for cyber attacks to trigger “Article 5” actions. This is a big deal — here’s why.
Schneier on Security
JUNE 22, 2021
At this year’s Apple Worldwide Developer Conference, Apple announced something called “iCloud Private Relay.” That’s basically its private version of onion routing , which is what Tor does. Privacy Relay is built into both the forthcoming iOS and MacOS versions, but it will only work if you’re an iCloud Plus subscriber and you have it enabled from within your iCloud settings.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Krebs on Security
JUNE 25, 2021
Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device. One of many similar complaints on Western Digital’s user forum.
Troy Hunt
JUNE 25, 2021
A bit of a shorter work week this one as we escaped to a little getaway for a few days. That said, it gave me some nice downtime to continue writing the book and speaking of which, after today's video we had a regular catch up with Rob Conery and I think we made a bit of a breakthrough with how I intro it so hopefully we're one step closer again to a finished product now ( do sign up to be kept up to date with progress ).
Tech Republic Security
JUNE 23, 2021
The threat to people's lives is terrifying, so auto manufacturers need to change their old-school strategies to protect people.
Schneier on Security
JUNE 21, 2021
The Center for Security and Emerging Technology has a new report: “ Machine Learning and Cybersecurity: Hype and Reality.” Here’s the bottom line: The report offers four conclusions: Machine learning can help defenders more accurately detect and triage potential attacks. However, in many cases these technologies are elaborations on long-standing methods — not fundamentally new approaches — that bring new attack surfaces of their own.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
The Last Watchdog
JUNE 23, 2021
The challenge of embracing digital transformation while also quelling the accompanying cyber risks has never been greater for small- and mid-sized businesses. Related: How ‘PAM’ improves authentication. SMBs today face a daunting balancing act. To boost productivity, they must leverage cloud infrastructure and participate in agile software development.
SecureList
JUNE 23, 2021
Introduction. Nowadays, cybersecurity companies implement a variety of methods to discover new, previously unknown malware files. Machine learning (ML) is a powerful and widely used approach for this task. At Kaspersky we have a number of complex ML models based on different file features, including models for static and dynamic detection, for processing sandbox logs and system events, etc.
Tech Republic Security
JUNE 22, 2021
Expert says ransomware attacks will happen, and your company has to be prepared long before the attack hits.
Schneier on Security
JUNE 23, 2021
Wired is reporting on a company called Mollitiam Industries: Marketing materials left exposed online by a third-party claim Mollitiam’s interception products, dubbed “Invisible Man” and “Night Crawler,” are capable of remotely accessing a target’s files, location, and covertly turning on a device’s camera and microphone.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
We Live Security
JUNE 24, 2021
Cyberattacks targeting the gaming industry skyrocket, with web attacks more than tripling year-on-year in 2020. The post Gaming industry under siege from cyberattacks during pandemic appeared first on WeLiveSecurity.
Hot for Security
JUNE 22, 2021
A bizarre bug has been discovered in iOS that can cause an iPhone to crash when it attempts to join a Wi-Fi network with a particular name. What’s the offending name? Well, I don’t want to put it in the text of this article in case some readers are curious enough to try it out for themselves. So, here it is as an image: Security researcher Carl Schou stumbled across the problem, and tweeted a vido of his iPhone getting in a mighty muddle when trying to connect to a Wi-Fi hotspot with
Tech Republic Security
JUNE 22, 2021
The new offerings are aimed at integrating security data across multiple on-prem and cloud environments and vendors to improve cybersecurity decision-making, the company says.
Schneier on Security
JUNE 25, 2021
News from Georgetown’s Center for Security and Emerging Technology: China Claims Its AI Can Beat Human Pilots in Battle: Chinese state media reported that an AI system had successfully defeated human pilots during simulated dogfights. According to the Global Times report , the system had shot down several PLA pilots during a handful of virtual exercises in recent years.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Security Affairs
JUNE 22, 2021
DirtyMoe is a Windows botnet that is rapidly growing, it passed from 10,000 infected systems in 2020 to more than 100,000 in the first half of 2021. Researchers from Avast are warning of the rapid growth of the DirtyMoe botnet ( PurpleFox , Perkiler , and NuggetPhantom ), which passed from 10,000 infected systems in 2020 to more than 100,000 in the first half of 2021.
SecureList
JUNE 24, 2021
In mid-March 2021, we observed two new spam campaigns. The messages in both cases were written in English and contained ZIP attachments or links to ZIP files. Further research revealed that both campaigns ultimately aimed to distribute banking Trojans. The payload in most cases was IcedID (Trojan-Banker.Win32.IcedID), but we have also seen a few QBot (Backdoor.Win32.Qbot, also known as QakBot) samples.
Tech Republic Security
JUNE 23, 2021
Manufacturers want to pack cars and trucks full of technology, but they need to remember the dangers to those who drive or ride in them.
We Live Security
JUNE 23, 2021
The Brave Search engine takes on Google, promising to let users surf the web without leaving a trace. The post Brave launches its own, privacy‑focused search engine appeared first on WeLiveSecurity.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Zero Day
JUNE 24, 2021
A critical bug chain allows attackers to impersonate the vendor and impact code at the root level.
Security Affairs
JUNE 24, 2021
A new Trojan written in the Go programming language, tracked as ChaChi, was involved in ransomware attacks against government agencies and US schools. Researchers from BlackBerry Threat Research and Intelligence spotted a new RAT written in the Go programming language, dubbed ChaChi, which has been used by PYSA (aka Mespinoza ) operators to target victims globally.
Tech Republic Security
JUNE 25, 2021
If you need to gather information on user logins for your Linux servers, Jack Wallen has just the tool for you.
We Live Security
JUNE 23, 2021
It can be difficult to tell a legitimate website apart from an unsafe one – follow these steps to identify and protect yourself from bad websites. The post How to tell if a website is safe appeared first on WeLiveSecurity.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
136 
Let's personalize your content