Schneier on Security

APRIL 13, 2022

A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used.

Malware 262

Malware 262

Troy Hunt

APRIL 10, 2022

In my ongoing bid to make more useful information on data breaches available to impacted national governments , today I'm very happy to welcome the 32nd national CERT to Have I Been Pwned, the Republic of North Macedonia!

Government 256

Government Data breaches 256

Krebs on Security

APRIL 13, 2022

Microsoft on Tuesday released updates to fix roughly 120 security vulnerabilities in its Windows operating systems and other software. Two of the flaws have been publicly detailed prior to this week, and one is already seeing active exploitation, according to a report from the U.S.

DNS 213

DNS Firewall Internet Internet 213

The Last Watchdog

APRIL 14, 2022

It’s no secret that cyberattacks can happen to any business, and we should all be suspicious of messages from unfamiliar senders appearing in our email inboxes. Related: Deploying human sensors. But surely, we can feel confident in email communications and requests from our organization’s executives and fellow coworkers, right? The short answer: Not always. The reason is the rise in business email compromise (BEC) schemes.

Scams 175

Scams Phishing Social Engineering Accountability 175

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Ransomware

Schneier on Security

APRIL 12, 2022

John Oliver has an excellent segment on data brokers and surveillance capitalism. Uncategorized data collection national security policy privacy video

Surveillance 242

Surveillance Data collection 242

Troy Hunt

APRIL 14, 2022

For many years now, I've lamented about how much of my time is spent attempting to disclose data breaches to impacted companies.

Data breaches 249

Data breaches Scams Passwords Accountability 249

The Last Watchdog

APRIL 11, 2022

From financial institutions to meat producers, it seems every industry has been impacted by ransomware in the past year — maybe even the past week. The world’s largest enterprises to the smallest mom-and-pop shops have been devastated by cybercriminals who are looking to hold assets hostage for a big pay day. Related: Tech solutions alone can’t stop ransomware. Why the stark increase? Put simply, ransomware attacks are on the rise because of profits.

Social Engineering 150

Social Engineering Passwords Engineering Ransomware 150

Schneier on Security

APRIL 14, 2022

The Department of Energy, CISA, the FBI, and the NSA jointly issued an advisory describing a sophisticated piece of malware called Pipedream that’s designed to attack a wide range of industrial control systems. This is clearly from a government, but no attribution is given.

Malware 237

Malware Government 237

Troy Hunt

APRIL 14, 2022

Bit of a long one this week, just due to a bunch of stuff all coinciding at the same time. The drone is obviously the coolest one and it was interesting to hear other people's experiences with theirs.

Passwords 200

Passwords Government 200

Krebs on Security

APRIL 11, 2022

Online scams that try to separate the unwary from their cryptocurrency are a dime a dozen, but a great many seemingly disparate crypto scam websites tend to rely on the same dodgy infrastructure providers to remain online in the face of massive fraud and abuse complaints from their erstwhile customers.

Scams 164

Scams Cryptocurrency Web Fraud DNS 164

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

Cybersecurity

Lohrman on Security

APRIL 15, 2022

What do hackers really do? How do they do it? To answer these questions, many people turn to movies to learn and be entertained. Hacker’ s Movie Guide by Steve Morgan and Connor Morgan can help explore your options

147

147

Schneier on Security

APRIL 14, 2022

This is a current list of where and when I am scheduled to speak: I’m speaking at Future Summits in Antwerp, Belgium on May 18, 2022. I’m speaking at IT-S Now 2022 in Vienna on June 2, 2022.

194

194

The Last Watchdog

APRIL 13, 2022

Cyberattacks preceded Russia’s invasion of Ukraine, and these attacks continue today as the war unfolds. As the United States and other nations condemn Russia’s actions, the odds of Russian cyber actors targeting the U.S., allied countries, and businesses steadily increases. Related: Cyber espionage is in a Golden Age.

Cybercrime 137

Cybercrime Telecommunications Education Passwords 137

Anton on Security

APRIL 14, 2022

For many years, security practitioners imagined a security operations center (SOC) as a big room, full of expensive monitors and chairs. In these minds, rows of analysts sitting in those chairs and watching those monitors for blinking alerts made SOC, well, a SOC. This vision of the security operations center is derived from the original vision of the network operation center (NOC) that predates SOC by perhaps another decade or two.

Cloud Migration 130

Cloud Migration Digital transformation Engineering 130

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

Marketing

Lohrman on Security

APRIL 10, 2022

How can public-sector CISOs navigate the complicated issues surrounding budgets? Through good times and bad, these ideas can help

CISO 127

CISO Government 127

WIRED Threat Level

APRIL 13, 2022

The malware toolkit, known as Pipedream, is perhaps the most versatile tool ever made to target critical infrastructure like power grids and oil refineries. Security / Cyberattacks and Hacks Security / National Security

Hacking 114

Hacking Malware 114

Security Boulevard

APRIL 14, 2022

More than a year after the SolarWinds Sunburst attack and most companies are still exposed to software supply chain attacks.

Software 113

Software Risk Cybersecurity 113

Dark Reading

APRIL 12, 2022

"Go patch your systems before" the exploit spreads more widely, ZDI warns

113

113

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

Data privacy

CyberSecurity Insiders

APRIL 11, 2022

SuperCare Health, a California based healthcare firm that deals with patients suffering from respiratory ailments, has posted a data breach notice on its website.

Data breaches 113

Data breaches Identity Theft Cybersecurity Healthcare 113

WIRED Threat Level

APRIL 13, 2022

Ukraine claims to have doxed Russian troops and spies, while hacktivists are regularly leaking private information from Russian organizations. Security Security / Privacy

114

114

Security Boulevard

APRIL 14, 2022

An analysis of more than 680,000 identities across 18,000 cloud accounts from 200 different organizations published this week by Palo Alto Networks found nearly all (99%) cloud users, roles, services and resources were granted excessive permissions that were unused for 60 days or more.

Accountability 112

Accountability Cybersecurity 112

The Hacker News

APRIL 12, 2022

Microsoft's Patch Tuesday updates for the month of April have addressed a total of 128 security vulnerabilities spanning across its software product portfolio, including Windows, Defender, Office, Exchange Server, Visual Studio, and Print Spooler, among others.

Software 112

Software 112

We Live Security

APRIL 12, 2022

This ICS-capable malware targets a Ukrainian energy company. The post Industroyer2: Industroyer reloaded appeared first on WeLiveSecurity. Ukraine Crisis – Digital Security Resource Center

Malware 112

Malware 112

CyberSecurity Insiders

APRIL 12, 2022

United States government, in association with Europol, launched a secret operation named TOURNIQUET and as a part of this operation, it seized the IT infrastructure of the Raid-forums, a darknet website that sells and trades in stolen credentials from databases.

Cybersecurity 111

Cybersecurity Cryptocurrency Banking Hacking 111

WIRED Threat Level

APRIL 14, 2022

It really is the closest thing we have to an online public square—and that's terrible for democracy. Let his takeover bid be a wakeup call. Security

108

108

The Hacker News

APRIL 13, 2022

The Chinese-backed Hafnium hacking group has been linked to a piece of a new malware that's used to maintain persistence on compromised Windows environments.

Telecommunications 111

Telecommunications Internet Internet Malware 111

Security Affairs

APRIL 12, 2022

The dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of Operation TOURNIQUET.

Banking 108

Banking Accountability Data breaches Marketing 108

CyberSecurity Insiders

APRIL 12, 2022

This blog was written by an independent guest blogger. Amidst sweeping digital transformation across the globe, numerous organizations have been seeking a better way to manage data.

Architecture 107

Architecture Unstructured Data eCommerce Identity Theft 107

Cisco CSR

APRIL 11, 2022

With a tidal wave of vulnerabilities out there and brand-new vulnerabilities coming out daily, security teams have a lot to handle.

Retail 104

Retail Risk Internet Internet 104

The Hacker News

APRIL 14, 2022

Microsoft and a consortium of cybersecurity companies took legal and technical steps to disrupt the ZLoader botnet, seizing control of 65 domains that were used to control and communicate with the infected hosts.

Cybercrime 110

Cybercrime Internet Internet Malware 110

Security Affairs

APRIL 13, 2022

Apache addressed a critical flaw in Apache Struts RCE that was linked to a previous issue that was not properly fixed. Apache Struts is an open-source web application framework for developing Java EE web applications.

Software 103

Software Cybersecurity Information Security Malware 103

CyberSecurity Insiders

APRIL 12, 2022

France-based Dordogne Groupements Hospitaliers de Territoire (Dordogne GHT) has stopped RYUK Ransomware attack on its servers by using the AI propelled DarkTrace Threat monitoring and detection solution.

Artificial Intelligence 106

Artificial Intelligence Cybersecurity Ransomware Healthcare 106

Naked Security

APRIL 11, 2022

Useful quantum computers might not actually be possible. But what if they are? And what if they arrive, say, tomorrow? Cryptography NTRU Prime openssh quantum computing

101

101