Sat.Mar 04, 2023 - Fri.Mar 10, 2023

article thumbnail

New National Cybersecurity Strategy: What Do You Need to Know?

Lohrman on Security

The White House released a new national cybersecurity strategy this past week with five pillars. What’s in the plan, and how will this impact public- and private-sector organizations

article thumbnail

Prompt Injection Attacks on Large Language Models

Schneier on Security

This is a good survey on prompt injection attacks on large language models (like ChatGPT). Abstract: We are currently witnessing dramatic advances in the capabilities of Large Language Models (LLMs).

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Who’s Behind the NetWire Remote Access Trojan?

Krebs on Security

A Croatian national has been arrested for allegedly operating NetWire , a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of the NetWire sales website by the U.S.

DNS 242
article thumbnail

To Infinity and Beyond, with Cloudflare Cache Reserve

Troy Hunt

What if I told you. that you could run a website from behind Cloudflare and only have 385 daily requests miss their cache and go through to the origin service? No biggy, unless.

Passwords 338
article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

This exclusive webinar with William Hord, Senior VP of Risk & Professional Services, will explore the foundational elements you need to start or validate your ERM program. He will also dive into topic definitions, governance structures, and framework components for success.

article thumbnail

New Report “State of Cloud Threat Detection and Response”

Anton on Security

Cloud D&R Report (2023) One of the mysteries of detection and response (D&R) is about how companies really approach D&R in the public cloud. So we did a survey focused on this, and we actually polled both leaders and technologists.

article thumbnail

BlackLotus Malware Hijacks Windows Secure Boot Process

Schneier on Security

Researchers have discovered malware that “can hijack a computer’s boot process even when Secure Boot and other advanced protections are enabled and running on fully updated versions of Windows.” ” Dubbed BlackLotus, the malware is what’s known as a UEFI bootkit.

Malware 259

More Trending

article thumbnail

CrowdStrike: Attackers focusing on cloud exploits, data theft

Tech Republic Security

CrowdStrike’s new threat report sees a big increase in data theft activity, as attackers move away from ransomware and other malware attacks, as defense gets better, and the value of data increases. The post CrowdStrike: Attackers focusing on cloud exploits, data theft appeared first on TechRepublic.

article thumbnail

Weekly Update 338

Troy Hunt

I'm going lead this post with where I finished the video because it brought the biggest smile to Charlotte's and my faces this week: This.

216
216
article thumbnail

New National Cybersecurity Strategy

Schneier on Security

Last week the Biden Administration released a new National Cybersecurity Strategy (summary here ). There is lots of good commentary out there. It’s basically a smart strategy, but the hard parts are always the implementation details.

article thumbnail

GUEST ESSAY: Five stages to attain API security — and mitigate attack surface exposures

The Last Watchdog

APIs (Application Programming Interfaces) play a critical role in digital transformation by enabling communication and data exchange between different systems and applications. Related: It’s all about attack surface management APIs help digital transformation by enabling faster and more efficient business processes, improving customer experience, and providing new ways to interact with your business.

article thumbnail

The Power of Storytelling in Risk Management

Speaker: Dr. Karen Hardy, CEO and Chief Risk Officer of Strategic Leadership Advisors LLC

Join this exclusive webinar with Dr. Karen Hardy, where she will explore the power of storytelling in risk communication as a core component of a resilient organization's management framework!

article thumbnail

New National Cybersecurity Strategy: resilience, regs, collaboration and pain (for attackers)

Tech Republic Security

The Biden administration’s National Cybersecurity Strategy aims to go after attackers, cultivate a resilience-first defensive posture and build public, private and international collaboration.

article thumbnail

Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

Dark Reading

More than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information

145
145
article thumbnail

Another Malware with Persistence

Schneier on Security

Here’s a piece of Chinese malware that infects SonicWall security appliances and survives firmware updates.

Malware 224
article thumbnail

The FBI Just Admitted It Bought US Location Data

WIRED Threat Level

Rather than obtaining a warrant, the bureau purchased sensitive data—a controversial practice that privacy advocates say is deeply problematic. Security Security / Privacy Security / Security News

143
143
article thumbnail

Everything You Need to Know About Crypto

Speaker: Ryan McInerny, CAMS, FRM, MSBA - Principal, Product Strategy

This exclusive webinar with Ryan McInerny will teach you all about cryptocurrency and NFTs! Register to learn more about identifying crypto transactions, crypto asset market trends, managing risk and compliance, and supporting customers and partners using crypto-based payments.

article thumbnail

Become your business’s cybersecurity expert

Tech Republic Security

Learn a wide variety of topics for a lifetime with this eclectic bundle. The post Become your business’s cybersecurity expert appeared first on TechRepublic. Security Tech & Work cybersecurity training bundle infosec4tc stackskills stone river

article thumbnail

Why Traditional Vulnerability Management isn’t Cutting it Anymore

CyberSecurity Insiders

Traditional vulnerability management is in need of a desperate change due to the lack of effectiveness in combating modern cyberattacks. It’s a bold statement, but true, nonetheless, because it’s just not enough.

article thumbnail

Elephant Hackers

Schneier on Security

An elephant uses its right-of-way privileges to stop sugar-cane trucks and grab food. Uncategorized hacking

Hacking 206
article thumbnail

‘Extraordinary, Egregious’ Data Breach at House and Senate

Security Boulevard

Capitol Trouble: Senators, representatives and staffers suffer PII leak. Could it finally kickstart some action? The post ‘Extraordinary, Egregious’ Data Breach at House and Senate appeared first on Security Boulevard.

article thumbnail

Exploring the Overlap: Cost Optimization and Digital Transformation

Speaker: Alex Jiménez, Managing Principal, Financial Service Consulting for EPAM

The largest banks have increased reserves for protection against deteriorating economic conditions. Should banks delay their digital transformation investments and focus on cost reductions? In this webinar, Alex Jiménez will walk us through that question and examine the prudent course of action.

article thumbnail

LastPass releases new security incident disclosure and recommendations

Tech Republic Security

LastPass attacks began with a hacked employee's home computer. The investigation now reveals the password manager company's data vault was compromised. The post LastPass releases new security incident disclosure and recommendations appeared first on TechRepublic.

article thumbnail

Acer Confirms Data Offered Up for Sale Was Stolen

Dark Reading

An Acer statement confirms that a document server for repair techs was compromised, but says customer data doesn't appear to be part of the leak

135
135
article thumbnail

How Denmark’s Welfare State Became a Surveillance Nightmare

WIRED Threat Level

Once praised for its generous social safety net, the country now collects troves of data on welfare claimants. Security Security / Privacy

article thumbnail

Lockbit Ransomware Dominant Even as Overall Attack Rates Fall

Security Boulevard

With victims from 23 countries, Lockbit continues to be the most prolific ransomware group in the early months of 2023, even as an 11% decrease in ransomware victims was reported in January.

article thumbnail

The Anti-Money Laundering Act of 2020: Initial Catalysts, Current Implications, and Future Impacts

Speaker: Elizabeth "Paige" Baumann, Founder and CEO of Paige Baumann Advisory, LLC

In this session, Elizabeth “Paige” Baumann will cover the Anti-Money Laundering Act of 2020, which also includes the Corporate Transparency Act. She'll take a deep dive into the catalysts that brought on the act, the current implications of the act, and what impacts the act has on the future of banking and finance.

article thumbnail

GitHub rolling out two-factor authentication to millions of users

Tech Republic Security

Over the next nine months, the largest internet hosting service for software development and collaboration will make all code contributors add another layer of electronic evidence to their accounts.

article thumbnail

IceFire Ransomware Portends a Broader Shift From Windows to Linux

Dark Reading

IceFire has changed up its OS target in recent cyberattacks, emblematic of ransomware actors increasingly targeting Linux enterprise networks, despite the extra work involved

article thumbnail

What We Learned from The Royal Mail Ransomware Chat

CyberSecurity Insiders

By Dave Cartwright, CISSP In February 2023, something very unusual happened. Following a ransomware attack on Royal Mail International, a division of the U.K.’s

article thumbnail

Hybrid Systems: AI and Humans Need Each Other for Effective Cybersecurity

Security Boulevard

The sudden mainstreaming of chatbots and generative AI like ChatGPT has a lot of people worried. They believe this is the AI technology that will replace them. Fortunately, that’s not actually the case.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

article thumbnail

Cloud security, hampered by proliferation of tools, has a “forest for trees” problem

Tech Republic Security

C-Suites executives have cybersecurity insecurities around cloud development, deployment and visibility, a Palo Alto Networks survey finds. The post Cloud security, hampered by proliferation of tools, has a “forest for trees” problem appeared first on TechRepublic.

article thumbnail

AI-Powered 'BlackMamba' Keylogging Attack Evades Modern EDR Security

Dark Reading

Researchers warn that polymorphic malware created with ChatGPT and other LLMs will force a reinvention of security automation

Malware 125
article thumbnail

The US Air Force Is Moving Fast on AI-Piloted Fighter Jets

WIRED Threat Level

After successful autonomous flight tests in December, the military is ramping up its plans to bring artificial intelligence to the skies. Security Security / National Security Business / Artificial Intelligence

article thumbnail

Voice-Clone AI Scams — it’s NOT ME on the Phone, Grandma

Security Boulevard

Voice AI tech being misused by scammers: Scrotes fake your voice and call your grandparents. Then “you” beg them for money. The post Voice-Clone AI Scams — it’s NOT ME on the Phone, Grandma appeared first on Security Boulevard.

Scams 132
article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.