Sat.Jun 19, 2021 - Fri.Jun 25, 2021

How Can SMBs Fight Cyberattacks?

Security Boulevard

Even before the COVID-19 pandemic, small to mid-sized businesses (SMBs) faced unique challenges on the cybersecurity front. The massive disruption caused by the pandemic only exacerbated the challenges of protecting data, systems and business—not to mention customers and their data.

Does That Data Make Your Company a Cyber Attack Target?

CyberSecurity Insiders

By Matthew Meehan, chief operating officer at TokenEx. We have all heard the proverb that teaches, “slow and steady wins the race.” But what if slow isn’t an option? In the wake of COVID-19, many businesses sped through the digitization process to transform their businesses in record time.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Innovating Canada: Robert Herjavec Discusses the Looming Threat of Targeted Attacks

Herjavec Group

Our Founder and CEO, Robert Herjavec, spoke with MediaPlanet to contribute to Innovating Canada’s Business Resilience Campaign.

How Cyber Safe is Your Drinking Water Supply?

Krebs on Security

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

Banning Surveillance-Based Advertising

Schneier on Security

The Norwegian Consumer Council just published a fantastic new report: “ Time to Ban Surveillance-Based Advertising.

NATO Adds Cyber Commitments, Potential Ransomware Response

Lohrman on Security

The North Atlantic Treaty Organization (NATO) opened the door for cyber attacks to trigger “Article 5” actions. This is a big deal — here’s why

More Trending

How Cyber Sleuths Cracked an ATM Shimmer Gang

Krebs on Security

In 2015, police departments worldwide started finding ATMs compromised with advanced new “shimming” devices made to steal data from chip card transactions.

The Future of Machine Learning and Cybersecurity

Schneier on Security

The Center for Security and Emerging Technology has a new report: “ Machine Learning and Cybersecurity: Hype and Reality.” ” Here’s the bottom line: The report offers four conclusions: Machine learning can help defenders more accurately detect and triage potential attacks.

Welcoming the Jamaican Government to Have I Been Pwned

Troy Hunt

Recently, I've been providing a lot of additional government access to Have I Been Pwned. Today I'm happy to welcome the Jamaica Cyber Incident Response Team (JaCIRT), the 22nd national CERT on HIBP and 11th in the last 4 months.

Podcast: Eyes Wide Shut

Doctor Chaos

Click here to listen to the podcast. Ransom payments are tax-deductible, and no one cares. Should we? link]. North Korea exploits VPN vulnerabilities. Possibly gains nuclear research.

VPN 130

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.

Apple Will Offer Onion Routing for iCloud/Safari Users

Schneier on Security

At this year’s Apple Worldwide Developer Conference, Apple announced something called “iCloud Private Relay.” ” That’s basically its private version of onion routing , which is what Tor does.

DNS 189

Why Threat Model?

Adam Shostack

The second video in my 60 second series! threat modeling

130
130

What the Pentagon’s New UFO Report Reveals About Humankind

WIRED Threat Level

The document says less about the search for life in the universe, and more about our current cultural climate and distrust of expertise. Science Security Science / Space

113
113

Don’t name your Wi-Fi hotspot this, unless you want to crash your iPhone

Hot for Security

A bizarre bug has been discovered in iOS that can cause an iPhone to crash when it attempts to join a Wi-Fi network with a particular name. What’s the offending name?

Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer

Schneier on Security

Juneteenth: A New Federal Holiday

Adam Shostack

I’m thrilled that Juneteenth will be a Federal holiday. We need more holidays that celebrate freedom, and there’s few events that increase freedom as much as emancipating people who were enslaved.

130
130

Gaming industry under siege from cyberattacks during pandemic

We Live Security

Cyberattacks targeting the gaming industry skyrocket, with web attacks more than tripling year-on-year in 2020. The post Gaming industry under siege from cyberattacks during pandemic appeared first on WeLiveSecurity. Cybercrime

John McAfee Dies in Spanish Prison After Extradition Order

WIRED Threat Level

The antivirus pioneer and alleged cryptocurrency scammer was 75 years old. Security Security / Security News

AI-Piloted Fighter Jets

Schneier on Security

News from Georgetown’s Center for Security and Emerging Technology: China Claims Its AI Can Beat Human Pilots in Battle: Chinese state media reported that an AI system had successfully defeated human pilots during simulated dogfights.

MY TAKE: A path for SMBs to achieve security maturity: start small controlling privileged accounts

The Last Watchdog

The challenge of embracing digital transformation while also quelling the accompanying cyber risks has never been greater for small- and mid-sized businesses. Related: How ‘PAM’ improves authentication. SMBs today face a daunting balancing act. To boost productivity, they must leverage cloud infrastructure and participate in agile software development. But this also opens up a sprawling array of fresh security gaps that threat actors are proactively probing and exploiting.

How to tell if a website is safe

We Live Security

It can be difficult to tell a legitimate website apart from an unsafe one – follow these steps to identify and protect yourself from bad websites. The post How to tell if a website is safe appeared first on WeLiveSecurity. Cybersecurity

Wormable DarkRadiation Ransomware Targets Linux and Docker Instances

The Hacker News

Cybersecurity researchers have disclosed a new ransomware strain called "DarkRadiation" that's implemented entirely in Bash and targets Linux and Docker cloud containers, while banking on messaging service Telegram for command-and-control (C2) communications.

Anton’s Security Blog Quarterly Q2 2021

Anton on Security

Sometimes great old blog posts are hard to find (especially on Medium …), so I decided to do a periodic list blog with my favorite posts of the past quarter or so. Here is my third. The posts below are ranked by lifetime views. This covers both Anton on Security and my posts from Google Cloud blog , and now our Cloud Security Podcast too! Top 3 most popular posts of all times : “Security Correlation Then and Now: A Sad Truth About SIEM” “Can We Have “Detection as Code”?” “New

MY TAKE: Equipping SOCs for the long haul – automation, edge security solidify network defenses

The Last Watchdog

Network security is in the throes of a metamorphosis. Advanced technologies and fresh security frameworks are being implemented to deter cyber attacks out at the services edge, where all the action is. Related: Automating security-by-design in SecOps. This means Security Operations Centers are in a transition. SOCs came on the scene some 20 years ago as the focal point for defending on-premises datacenters of large enterprises.

State?sponsored or financially motivated: Is there any difference anymore?

We Live Security

What does the increasingly fuzzy line between traditional cybercrime and attacks attributed to state-backed groups mean for the future of the threat landscape? The post State‑sponsored or financially motivated: Is there any difference anymore? appeared first on WeLiveSecurity. Cybersecurity

Crackonosh virus mined $2 million of Monero from 222,000 hacked computers

The Hacker News

A previously undocumented Windows malware has infected over 222,000 systems worldwide since at least June 2018, yielding its developer no less than 9,000 Moneros ($2 million) in illegal profits.

How to Keep Your Devices and Personal Data Safe on Summer Vacation

Hot for Security

The ongoing vaccination campaigns and easing of travel restrictions have encouraged millions of people to prepare for a relaxing vacation after months of lockdown and social distancing.

VPN 97

NFC Flaws Let Researchers Hack ATMs by Waving a Phone

WIRED Threat Level

Flaws in card reader technology let a security firm consultant wreak havoc with point-of-sale systems and more. Security Security / Cyberattacks and Hacks

Cars are packed with technology, but they can still be hacked

Tech Republic Security

The threat to people's lives is terrifying, so auto manufacturers need to change their old-school strategies to protect people

BIOS Disconnect: New High-Severity Bugs Affect 128 Dell PC and Tablet Models

The Hacker News

Cybersecurity researchers on Thursday disclosed a chain of vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS that could be abused by a privileged network adversary to gain arbitrary code execution at the BIOS/UEFI level of the affected device. "As

FIN7 hacking gang’s “pen tester” jailed for seven years by US court

Hot for Security

The Western District of Washington has sentenced a Ukrainian man to seven years in prison for his role in a hacking gang that are estimated to have caused more than one billion dollars worth of damage.

A Bug in the Android Google App Put Privacy at Risk

WIRED Threat Level

Plus: Airbnb's safety squad, a fake pharmacy crackdown, and more of the week's top security news. Security Security / Security News

Risk 87

How to be prepared for a ransomware attack: Check your data and backups

Tech Republic Security

Expert says ransomware attacks will happen, and your company has to be prepared long before the attack hits

Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack

The Hacker News

Taiwanese networking equipment company Zyxel is warning customers of an ongoing attack targeting a "small subset" of its security products such as firewall and VPN servers.

Disconnect your WD My Book Live from the internet or face data deletion, says Western Digital

Graham Cluley

Storage drive maker Western Digital is telling owners of its WD My Book Live device to disconnect it from the internet, after reports that some have had their data erased by malicious software. Read more in my article on the Tripwire State of Security blog.