Sat.Aug 14, 2021 - Fri.Aug 20, 2021

More on Apple’s iPhone Backdoor

Schneier on Security

In this post, I’ll collect links on Apple’s iPhone backdoor for scanning CSAM images. Previous links are here and here. Apple says that hash collisions in its CSAM detection system were expected, and not a concern.

Wanted: Disgruntled Employees to Deploy Ransomware

Krebs on Security

Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

The Last Watchdog

TMobile has now issued a formal apology and offered free identity theft recovery services to nearly 48 million customers for whom the telecom giant failed to protect their sensitive personal information.

Mobile 242

Ransomware Hits Maine Sewage Treatment Plants, Sounding The Alarm About Dangerous CyberSecurity Risks At America’s Many Small Critical Infrastructure Providers

Joseph Steinberg

Two recent ransomware attacks successfully breached computers at wastewater management plants in the US State of Maine , according to a statement by the state’s Department of Environmental Protection.

How to Avoid the Pain and Cost of PCI Compliance While Optimizing Payments

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

Apple’s NeuralHash Algorithm Has Been Reverse-Engineered

Schneier on Security

Apple’s NeuralHash algorithm — the one it’s using for client-side scanning on the iPhone — has been reverse-engineered. Turns out it was already in iOS 14.3,

T-Mobile: Breach Exposed SSN/DOB of 40M+ People

Krebs on Security

T-Mobile is warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company.

Mobile 235

More Trending

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

The Last Watchdog

So NortonLifeLock has acquired Avast for more than $8 billion. This deal reads like to the epilogue to a book titled The First 20 Years of the Supremely Lucrative Antivirus Market. Way back in 1990, Symantec acquired Norton Utilities and made Norton the heart of its antivirus subscription offering. Related: The coming of ubiquitous passwordless access.

T-Mobile Data Breach

Schneier on Security

It’s a big one : As first reported by Motherboard on Sunday, someone on the dark web claims to have obtained the data of 100 million from T-Mobile’s servers and is selling a portion of it on an underground forum for 6 bitcoin, about $280,000.

T-Mobile Investigating Claims of Massive Data Breach

Krebs on Security

Knockoff semiconductor chips flood the enterprise market

Tech Republic Security

As the predominantly pandemic-caused global chip shortage rolls on, businesses are now facing another challenge — component scams and bogus supply-chain claims

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

7 key data points on the cybersecurity skills shortage

CSO Magazine

I am proud to say that the annual Life and Times of Cybersecurity Professionals report from ESG and ISSA is now available for free download. As part of the research for this report, we always ask cybersecurity professionals several questions about the global cybersecurity skills shortage.

CSO 114

Tetris: Chinese Espionage Tool

Schneier on Security

I’m starting to see writings about a Chinese espionage tool that exploits website vulnerabilities to try and identify Chinese dissidents. Uncategorized China cyberespionage espionage spyware

Are you, the customer, the one paying the ransomware demand?

We Live Security

Ransomware payments may have greater implications than you thought – and not just for the company that gave in to the attackers’ demands. The post Are you, the customer, the one paying the ransomware demand? appeared first on WeLiveSecurity. Ransomware

Why it's important to create a common language of cyber risk

Tech Republic Security

All departments of an organization need to be on the same page where cybersecurity is concerned, and that will only happen if the terminology used is understood by all

Certified Cloud Security Professional (CCSP): Exam, cost, and requirements

CSO Magazine

What is the CCSP certification? CCSP is a cloud-focused security certification for experienced security pros offered by the International Information System Security Certification Consortium, or (ISC) 2.

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I’m speaking (via Internet) at SHIFT Business Festival in Finland, August 25-26, 2021. I’ll be speaking at an Informa event on September 14, 2021. Details to come.

Britain to use AI driven Facial Recognition to nab criminals

CyberSecurity Insiders

Britain is all set to launch a new law where the common public will be subjected to AI driven CCTV surveillance that will help nab criminals.

Data privacy is a growing concern for more consumers

Tech Republic Security

People surveyed by KPMG reported feeling increasingly uneasy about the data collection practices of corporations

Hamburg’s data protection agency (DPA) states that using Zoom violates GDPR

Security Affairs

The German state’s data protection agency (DPA) warns that the use of the videoconferencing platform Zoom violates the European Union’s GDPR.

Security teams report rise in cyber risk

CSO Magazine

Do you feel like you are gaining in your ability to protect your data and your network? If you are like 80% of respondents to the Trend Micro’s biannual Cyber Risk Index (CRI) report, you expect to experience a data breach that compromises customer data in the next 12 months.

Cybersecurity Requires Decisive Action

Security Boulevard

Corporate executives have a responsibility to ensure long-term positive outcomes for the companies they lead. One way to accomplish this is by minimizing corporate risk and protecting assets through proactive and innovative approaches to cybersecurity.

The cybersecurity skills gap persists for the fifth year running

Tech Republic Security

Most organizations are still lacking talent, according to a new report, but experts think expanding the definition of a cybersecurity professional can help

1.9 million+ records from the FBI’s terrorist watchlist available online

Security Affairs

A security researcher discovered that a secret FBI’s terrorist watchlist was accidentally exposed on the internet for three weeks between July 19 and August 9, 2021. A security researcher Bob Diachenko discovered a secret terrorist watchlist with 1.9

Data sovereignty laws place new burdens on CISOs

CSO Magazine

Your information is at the crux of the issue of data sovereignty. Where is your information? Who has access to the information? Do you have control of your information in each country, or does the government also have access (and control) of your data?

CISO 114

Want to ban someone from Instagram? That’ll cost you just $60

Graham Cluley

Got a grudge against an Instagram user? Like to wipe your ex-partner's sickening selfies off social media? Well, scammers may just have the perfect service for you - at quite an affordable price. Read more in my article on the Tripwire State of Security blog.

Media 113

The 15 highest-paying certifications for 2021

Tech Republic Security

The top certification on the annual Skillsoft list has a salary of more than $171,000. Find out what certifications you should be working toward

167
167

From math-hater to DEFCON-lover: An unlikely path to Cybersecurity

StaySafeOnline

The post From math-hater to DEFCON-lover: An unlikely path to Cybersecurity appeared first on Stay Safe Online

China passes new automobile data security law

CyberSecurity Insiders

China has made some amendments to the existing laws and passed a new document that discloses several provisions on how automobile companies need to collect their user data as per the stated stipulations.

BrandPost: The CIS Benchmarks Community Consensus Process

CSO Magazine

The Center for Internet Security (CIS) recently celebrated 20 years of bringing confidence to the connected world with consensus-based security guidance. The first CIS Benchmark was released in 2000.

Mobile 112

Great Resignation hits IT departments and companies are switching strategies

Tech Republic Security

To ensure business continuity amid high turnover, many CIOs are planning to alter their strategies to make the company "less dependent on employee institutional knowledge," says PwC

164
164

Threat Actors Focus on the Application Layer, Do You?

Security Boulevard

How application security affects you. Philosopher Henry David Thoreau famously said, “There are a thousand hacking at the branches of evil to one who is striking at the root”. While this quote is not about the current state of cybersecurity, it certainly applies.

Increasing Cyber Security on Mac

CyberSecurity Insiders

Recently, many users choose Mac computers because they are fast, reliable, and cool. Some people still think that Apple computers have some “magic” inside to be protected from any viruses, and their speed will always be on the highest level.

BlackBerry faces bad PR by failing to go public with BadAlloc vulnerability

CSO Magazine

Anyone who has ever traveled knows that bedbugs are the kiss of death for a hotel, and possibly the franchise, as no one likes to get bit. BlackBerry is hoping the analogy doesn’t transfer to the bugs found in its QNX embedded operating system.

CSO 111

It's time to retire the Social Security number

Tech Republic Security

With 40 million people having their SSN exposed during the T-Mobile hack, it's time to reconsider the usefulness of the Social Security number

Mobile 163

How Much Cybersecurity Do You Need?

Security Boulevard

Cyberattacks are on the rise. Hackers will seize on any opportunity to accelerate or obscure their cyberattacks. So imagine their delight when the COVID-19 pandemic forced companies to shutter their offices and conduct most, if not all, of their business remotely.