Sat.May 07, 2022 - Fri.May 13, 2022

ICE Is a Domestic Surveillance Agency

Schneier on Security

Georgetown has a new report on the highly secretive bulk surveillance activities of ICE in the US: When you think about government surveillance in the United States, you likely think of the National Security Agency or the FBI.

Microsoft Patch Tuesday, May 2022 Edition

Krebs on Security

Microsoft today released updates to fix at least 74 separate security problems in its Windows operating systems and related software.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

GUEST ESSAY: Rising global tensions put us a few lines of code away from a significant cyber event

The Last Watchdog

Reflecting on the threats and targets that we are most concerned with given the Russia-Ukraine war, cybersecurity is now the front line of our country’s wellbeing. Cyber threats endanger businesses and individuals — they can affect supply chains, cause power grid failures, and much more. Related: Reaction to Biden’s cybersecurity order.

Looking Back at the Colonial Pipeline Ransomware Incident

Lohrman on Security

In early May 2021, the world was shocked into attention by a ransomware attack that brought down gas lines. What have we learned — or not — one year later

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Apple Mail Now Blocks Email Trackers

Schneier on Security

Apple Mail now blocks email trackers by default. Most email newsletters you get include an invisible “image,” typically a single white pixel, with a unique file name. The server keeps track of every time this “image” is opened and by which IP address.

DEA Investigating Breach of Law Enforcement Data Portal

Krebs on Security

The U.S. Drug Enforcement Administration (DEA) says it is investigating reports that hackers gained unauthorized access to an agency portal that taps into 16 different federal law enforcement databases.

More Trending

Are Western Sanctions Undermining Russian Civilians’ Efforts To Obtain Accurate News Via VPNs?

Joseph Steinberg

Surveillance by Driverless Car

Schneier on Security

San Francisco police are using autonomous vehicles as mobile surveillance cameras. Privacy advocates say the revelation that police are actively using AV footage is cause for alarm. This is very concerning,” Electronic Frontier Foundation (EFF) senior staff attorney Adam Schwartz told Motherboard.

Your Phone May Soon Replace Many of Your Passwords

Krebs on Security

Apple , Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services.

10 reasons why we fall for scams

We Live Security

The ‘it won’t happen to me’ mindset leaves you unprepared – here are some common factors that put any of us at risk of online fraud. The post 10 reasons why we fall for scams appeared first on WeLiveSecurity. Scams

Scams 114

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

Nokia starts a Cybersecurity Testing Lab for 5G Networks

CyberSecurity Insiders

Nokia, once renowned for its amazing mobile phones, has now developed a testing lab completely dedicated to cybersecurity in the United States.

IoT 114

Which phishing scams are trending in 2022?

Security Boulevard

With more people looking to cash in on hype surrounding the cryptocurrency market than ever before and an increasing digital workforce which may lack awareness of network security set-ups, cybercriminal activity remains rampant.

Scams 114

It’s a party! Cisco SecureX at RSAC and Cisco Live US 2022

Cisco CSR

We have come a long way from making our first sourdough starter batch to exploring new hobbies — or in my case exhausting the Netflix library! We have craved human connection and insightful conversations.

Retail 113

Common LinkedIn scams: Beware of phishing attacks and fake job offers

We Live Security

LinkedIn scammers attack when we may be at our most vulnerable – here’s what to look out for and how to avoid falling victim to fraud when using the platform. The post Common LinkedIn scams: Beware of phishing attacks and fake job offers appeared first on WeLiveSecurity. Scams

Scams 113

How to Avoid the Pain and Cost of PCI Compliance While Optimizing Payments

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

Watch out for these signs to know whether your phone is hacked

CyberSecurity Insiders

Are you having a doubt that your smartphone has been hacked or is being used by remote hackers for malevolent scams? If so, then watch out for these abnormal behavioral signs to know whether the device has been hacked.

BPFDoor?—?an active Chinese global surveillance tool

DoublePulsar

Recently, PwC Threat Intelligence documented the existence of BPFDoor, a passive network implant for Linux they attribute to Red Menshen… Continue reading on DoublePulsar ». bpfdoor cybersecurity

Fostering a culture that normalizes mental health discussions

Cisco CSR

May is Mental Health Awareness Month, an important topic to me personally and my leadership ethos. It is a challenge that spans the globe—day-in and day-out—for many people, whether dealing with issues themselves or supporting a loved one.

Retail 113

Thousands of WordPress Sites Hacked to Redirect Visitors to Scam Sites

The Hacker News

Cybersecurity researchers have disclosed a massive campaign that's responsible for injecting malicious JavaScript code into compromised WordPress websites that redirects visitors to scam pages and other malicious websites to generate illegitimate traffic.

Scams 111

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

Mobile App Security & Google's Data Safety Launch - Yay or Nay?

Appknox

Internet and software giant Google recently recalibrated how it categorizes its Playstore apps. Google's Android applications are tagged with 'nutrition labels' based on the security practices and the data they collect from users to share with third parties

Mobile 110

Thousands of Top Websites See What You Type—Before You Hit Submit

WIRED Threat Level

A surprising number of the top 100,000 websites effectively include keyloggers that covertly snag everything you type into a form. Security Security / Privacy

110
110

Duo Opens New Data Center in India

Cisco CSR

Back in September last year, Ash Devata, VP and GM for Zero Trust and Duo at Cisco wrote about the expansion of our international footprint with the opening of data centers in Australia, Singapore, and Japan.

Retail 110

Kaspersky uncovers fileless malware inside Windows event logs

Tech Republic Security

The cybersecurity company says this is the first time they have seen this type of malware hiding method. The post Kaspersky uncovers fileless malware inside Windows event logs appeared first on TechRepublic. Security

Iranian hacking group caught spreading ransomware

CyberSecurity Insiders

According to research carried out by SecureWorks, an Iranian Hacking group dubbed “Cobalt Mirage” was discovered to be distributing ransomware.

Help Employees and Consumers Avoid Self-inflicted Cybersecurity Mistakes

Security Boulevard

It shouldn’t be news to anyone that people sharing information online are concerned about the safety of their data.

Network Footprints of Gamaredon Group

Cisco CSR

Below research is reflecting our observations during month of March 2022. We also would like to thank Maria Jose Erquiaga for her contribution in introduction and support during the process of writing. Overview.

Retail 108

Protecting payments in an era of deepfakes and advanced AI

Tech Republic Security

In our digital age, you need to protect your business against advanced fraud techniques. Here's how. The post Protecting payments in an era of deepfakes and advanced AI appeared first on TechRepublic. CXO Security

150
150

Android 13 promises more on Mobile Security and Privacy

CyberSecurity Insiders

Google disclosed at its I/O developer conference that its upcoming beta version of Android 13 mobile OS will have more features on privacy and security.

Mobile 107

Opportunity out of crisis: Tapping the Great Resignation to close the cybersecurity skills gap

We Live Security

What can organizations do to capitalize on the current fluidity in the job market and bring fresh cybersecurity talent into the fold? The post Opportunity out of crisis: Tapping the Great Resignation to close the cybersecurity skills gap appeared first on WeLiveSecurity. We Live Progress

Google Will Use Mobile Devices to Thwart Phishing Attacks

Dark Reading

In an effort to combat phishing, Google will allow Android phones and iPhones to be used as security keys

Mobile 103

Putin’s ‘Victory Parade’ TV Show Hacked: ‘Blood on Your Hands’

Security Boulevard

Ukrainian hackers and their friends continue to pummel Russian computers. Hundreds of millions of documents” are being leaked. And today, Putin’s famous Victory Parade has been marred by hackers.

How to counter smart home device breaches

CyberSecurity Insiders

This blog was written by an independent guest blogger. Businesses that allow employees to work from home are more likely to encounter a new security threat — compromised smart home devices.

IoT 107

Colonial Pipeline facing $1,000,000 fine for poor recovery plans

Naked Security

How good is your cybersecurity? Are you making the same mistakes as lots of other people? Here's some real-life advice. Ransomware Colonial Colonial Pipeline MTR ransomware

Microsoft Patch Tuesday updates for May 2022 fixes 3 zero-days, 1 under active attack

Security Affairs

Microsoft Patch Tuesday security updates for May 2022 address three zero-day vulnerabilities, one of them actively exploited. Microsoft Patch Tuesday security updates for May 2022 addressed three zero-day vulnerabilities, one of which is under active attack.