Sat.Jan 07, 2023 - Fri.Jan 13, 2023

article thumbnail

Are Cyber Attacks at Risk of Becoming 'Uninsurable'?

Lohrman on Security

There are dark clouds on the horizon as well as conflicting forecasts regarding cyber insurance in 2023 and beyond. Where will the insurance market go from here on cybersecurity coverage

Insurance 200
article thumbnail

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

Identity thieves have been exploiting a glaring security weakness in the website of Experian , one of the big three consumer credit reporting bureaus.

Web Fraud 261
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Identifying People Using Cell Phone Location Data

Schneier on Security

The two people who shut down four Washington power stations in December were arrested.

article thumbnail

Cyber Security Expert Joseph Steinberg To Continue Serving On Newsweek Expert Forum In 2023

Joseph Steinberg

Cyber Security Expert, Joseph Steinberg, who joined Newsweek’s Expert Forum in 2021, will continue serving as a member of the premier news organization’s council in 2023.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

article thumbnail

Microsoft retracts its report on Mac ransomware

Tech Republic Security

A publication from Microsoft that was taken down January 6 warns about four ransomware families affecting macOS devices. Much of the report closely resembles research published in July by Patrick Wardle. The post Microsoft retracts its report on Mac ransomware appeared first on TechRepublic.

article thumbnail

Microsoft Patch Tuesday, January 2023 Edition

Krebs on Security

Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S.

More Trending

article thumbnail

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

The Last Watchdog

In golf there’s a popular saying: play the course, not your opponent. Related: How ‘CAASM’ closes gaps. In an enterprise, it’s the same rule. All areas of an organization need to be free to “play their own game.”. And when malware, ransomware, or other cyber threats get in the way, the focus shifts from forward progress to focused co-operation. A security strategy should clear obstacles and enable every part of a business operation to run smoothly.

Risk 147
article thumbnail

Ransomware attacks are decreasing, but companies remain vulnerable

Tech Republic Security

Only 25% of the organizations surveyed by Delinea were hit by ransomware attacks in 2022, but fewer companies are taking proactive steps to prevent such attacks. The post Ransomware attacks are decreasing, but companies remain vulnerable appeared first on TechRepublic.

article thumbnail

Weekly Update 330

Troy Hunt

Big week!

Passwords 165
article thumbnail

Experian Privacy Vulnerability

Schneier on Security

Brian Krebs is reporting on a vulnerability in Experian’s website: Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus.

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

article thumbnail

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

The Last Watchdog

As the world becomes more digital and connected, it is no surprise that data privacy and security is a growing concern for small to medium sized businesses — SMBs. Related: GDPR sets new course for data privacy. Large corporations tend to have the resources to deal with compliance issues. However, SMBs have can struggle with the expense and execution of complying with data security laws in many countries.

article thumbnail

Explore information security with 97% off this huge course bundle

Tech Republic Security

The training covers Docker, Splunk and AWS as you work toward CCSP certification. The post Explore information security with 97% off this huge course bundle appeared first on TechRepublic. Security cissp certification client data protection information security information security certification

article thumbnail

Yikes, Control Web Panel has Critical RCE — Patch NOW

Security Boulevard

Linanto’s popular web hosting control panel, CWP, has a nasty flaw. It’s easily exploitable—in fact, it’s being exploited RIGHT NOW. The post Yikes, Control Web Panel has Critical RCE — Patch NOW appeared first on Security Boulevard.

article thumbnail

Realizing the Value of Privacy Investment

Cisco CSR

It’s been my pleasure to work alongside the Centre for Information Policy Leadership (CIPL) for over a decade to advocate for privacy to be respected as a fundamental human right and managed by organizations as a business imperative.

article thumbnail

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

article thumbnail

Sneaky New Stealer Woos Corporate Workers Through Fake Zoom Downloads

Dark Reading

Rhadamanthys spreads through Google Ads that redirect to bogus download sites for popular workforce software — as well as through more typical malicious emails

Software 110
article thumbnail

Forging the Path to Continuous Audit Readiness

CyberSecurity Insiders

By Scott Gordon, CISSP, Oomnitza . Technology oversight is a common mandate across IT and security frameworks and compliance specifications, but achieving that oversight is difficult.

article thumbnail

CES 2023 FAIL: Worst in Show for Security and Privacy

Security Boulevard

The Consumer Electronics Show wrapped up yesterday. But some vendors faced stiff criticism over their privacy and security stances. The post CES 2023 FAIL: Worst in Show for Security and Privacy appeared first on Security Boulevard.

article thumbnail

Nine Top of Mind Issues for CISOs Going Into 2023

Cisco CSR

As the majority of the global Covid fog finally started lifting in 2022, other events – and their associated risks – started to fill the headspace of C-level execs the world over.

CISO 109
article thumbnail

How to Avoid the Pain and Cost of PCI Compliance While Optimizing Payments

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

article thumbnail

Attackers Are Already Exploiting ChatGPT to Write Malicious Code

Dark Reading

The AI-based chatbot is allowing bad actors with absolutely no coding experience to develop malware

Malware 113
article thumbnail

Cuba Ransomware gang hacking Microsoft Exchange Servers

CyberSecurity Insiders

Microsoft issued a press update that Cuba Ransomware gang were after its exchange servers after exploiting critical server-side request forgery (SSRF) vulnerability.

article thumbnail

Security Teams Failing to Address Open Source Vulnerabilities 

Security Boulevard

The ongoing rise in open source vulnerabilities and software supply chain attacks is leaving organizations vulnerable to attack and causing greater challenges for security teams, according to Mend’s open source risk survey of nearly 1,000 North American companies.

Software 110
article thumbnail

Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches

Naked Security

Get 'em while they're hot. And get 'em for the very last time, if you still have Windows 7 or 8.1. Microsoft Vulnerability Exploit malware. vulnerability Patch Tuesday

Malware 102
article thumbnail

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

article thumbnail

Norton LifeLock Warns on Password Manager Account Compromises

Dark Reading

Password manager accounts may have, ironically, been compromised via simple credential stuffing, thanks to password reuse

article thumbnail

Hackers lodge war with the Maritime sector by hitting DNV Shipmanager Software

CyberSecurity Insiders

As the maritime sector has become extremely dependent on technology tools, it is also attracting the attention of cyber criminals who are finding it as a lucrative target to mint money.

article thumbnail

2023 Predictions for Modern Application Security

Security Boulevard

Software dominates the world and remains a big and accessible attack surface. In 2022, an estimated $6B was invested in Application Security, with that number expected to reach $7.5B in 2023.

Software 107
article thumbnail

Accelerate XDR Outcomes with NDR and EDR

Cisco CSR

Cybersecurity attacks complication and damaging impact are always keeping SOC analyst at their edge.

Firewall 102
article thumbnail

Better Phishing, Easy Malicious Implants: How AI Could Change Cyberattacks

Dark Reading

Current defenses are able to protect against today's AI-enhanced cybersecurity threats, but that won't be the case for long as these attacks become more effective and sophisticated

Phishing 108
article thumbnail

Artificial Intelligence driven ChatGPT being used by Cyber Criminals

CyberSecurity Insiders

For the past few days, say two weeks, an Artificial Intelligence based writing tool ChatGPT is trending excellently on Google headlines.

article thumbnail

Market for Security Robots Grows, But Data Privacy Concerns Remain

Security Boulevard

Robots have been infiltrating business and industry for decades, so it’s not surprising that AI and connected technologies like streaming video are now being enlisted to perform many of the security tasks currently handled by humans. The global security robots market “was valued at USD 27.32

Marketing 102
article thumbnail

StrongPity espionage campaign targeting Android users

We Live Security

ESET researchers identified an active StrongPity campaign distributing a trojanized version of the Android Telegram app, presented as the Shagle app – a video-chat service that has no app version. The post StrongPity espionage campaign targeting Android users appeared first on WeLiveSecurity.

100
100
article thumbnail

$20K Buys Insider Access to Telegram Servers, Dark Web Ad Claims

Dark Reading

In the ad, cybercriminals are offering to sell employee-level access to Telegram, researchers warn

106
106
article thumbnail

Smart TV manufacturing companies withdraw security support after 18 months

CyberSecurity Insiders

Next time when you are planning to buy a Smart TV, please be aware that most reputed manufactures withdraw security support after 12 to 16 months or at the most 18 months. Meaning, the Television gadget touted to be smart will be vulnerable to hackers launching sophistication driven cyber-attacks.