Sat.Oct 02, 2021 - Fri.Oct 08, 2021

What Happened to Facebook, Instagram, & WhatsApp?

Krebs on Security

Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages.

Senate Bill Would Mandate Reporting Infrastructure Data Breaches

Lohrman on Security

The Cyber Incident Notification Act of 2021 would require reporting cyber incidents impacting critical infrastructure to the Cybersecurity and Infrastructure Security Agency (CISA) within 24 hours

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cybersecurity Awareness Month: Time For Improved Education, Better Practices, and Some Nice Give Aways

Joseph Steinberg

Cybersecurity Awareness Month is Here! In October, people across America commemorate Cybersecurity Awareness Month, a national observance jointly established in 2004 by the U.S. Department of Homeland Security (DHS) and the National Cyber Security Alliance.

Every day is cyber security awareness month

Javvad Malik

October is National Cyber Security Awareness Month. . Delivering effective cyber security awareness is an ongoing process, and not one that can be solved in one month a year. But that doesn’t mean we shouldn’t try. Staying safe online has many similarities with staying safe on the line aka tightrope walking. It involves a delicate mix of courage, foolhardiness, balance, poise, and the threat of falling to a horrible death.

How to Avoid the Pain and Cost of PCI Compliance While Optimizing Payments

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

Over 1.5 billion Facebook users' personal data found for sale on hacker forum

Tech Republic Security

Unrelated to other recent problems Facebook has had, this particular batch of data was scraped from profiles, meaning it's publicly available knowledge. That doesn't stop it from being dangerous

171
171

GUEST ESSAY: What it will take to train the next generation of cybersecurity analysts

The Last Watchdog

It is no secret that there is, and has been for some time, a shortage of trained cyber security professionals in corporate IT Security teams. The Wharton School of the University of Pennsylvania observed that “nowhere is the workforce-skills gap more pronounced than in cybersecurity.”. Related: Deploying ‘human’ sensors’ According to data gathered by CyberSeek under a Commerce Department grant, there are currently nearly 465,000 unfilled cyber jobs across the US alone.

More Trending

Syniverse Hack: Billions of Users’ Data Leaks Over Five Years

Security Boulevard

Hackers broke into the massive telephony interconnection service run by Syniverse—a huge, yet invisible, chunk of infrastructure. The post Syniverse Hack: Billions of Users’ Data Leaks Over Five Years appeared first on Security Boulevard.

How to better secure user authentication protocols

CyberSecurity Insiders

This blog was written by an independent guest blogger. In March 2021, cybersecurity researcher Le Xuan Tuyen discovered a security bug in Microsoft Exchange Server.

What the CEO Saw: Colonial Pipeline, Accellion Execs Share Cyberattack War Stories

Dark Reading

CEOs of the two breached companies said their priorities instantly shifted to joining the response efforts when they first learned of attacks on their systems

110
110

Why today’s cybersecurity threats are more dangerous

CSO Magazine

Over the past two years, the rise of big-ticket ransomware attacks and revelations of harmful software supply chain infections have elevated cybersecurity to the top of the government's agenda.

CSO 114

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

Protecting Active Directory With Viable Backups

Security Boulevard

The primary recovery concern after a ransomware attack is the health of the core infrastructure. Before recovering any environment, it is crucial to confirm the viability of backups and whether there is a working and operational domain controller (DC) with functioning Active Directory (AD) services.

Securing the edge with Zero Trust

CyberSecurity Insiders

The proliferation of cloud computing, mobile device use, and the Internet of Things has dissolved traditional network boundaries. Today, the network perimeter has evolved as workloads have moved to the cloud while non-managed, mobile devices have become the norm rather than the exception.

UEFI threats moving to the ESP: Introducing ESPecter bootkit

We Live Security

ESET research discovers a previously undocumented UEFI bootkit with roots going back all the way to at least 2012. The post UEFI threats moving to the ESP: Introducing ESPecter bootkit appeared first on WeLiveSecurity. Malware

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

Resecurity researchers dumped Gigabytes of data from Agent Tesla C2Cs, one of the most well-known cyberespionage tools suffers a data leakage.

Retail 109

Human vs. Artificial Intelligence in Autonomous Systems

Security Boulevard

A common goal, as we see in many articles on AI (artificial intelligence) and ML (machine learning), is to make AI/ML systems more like humans.

Introducing the Palo Alto Networks Panorama Advanced AlienApp

CyberSecurity Insiders

Here at AT&T Cybersecurity, we believe cyber protection should include multiple layers and cover as much ground as possible.

FontOnLake: Previously unknown malware family targeting Linux

We Live Security

ESET researchers discover a malware family with tools that show signs they’re used in targeted attacks. The post FontOnLake: Previously unknown malware family targeting Linux appeared first on WeLiveSecurity. Malware backdoor Linux rootkit

Why Windows 11's security is such a big deal

Tech Republic Security

Enterprises are worried about exactly the issues that Windows 11 helps with, and the hardware specs mean future security improvements like more app containers

157
157

Why The Biggest Cyberattacks Happen Slowly

Security Boulevard

The most important thing to understand about data breaches and cyberattacks is that they are not a singular event. The post Why The Biggest Cyberattacks Happen Slowly appeared first on Radware Blog. The post Why The Biggest Cyberattacks Happen Slowly appeared first on Security Boulevard.

Does XDR Need a New Kill Chain?

CyberSecurity Insiders

The time has come for cyber security technology to keep up with the adversaries. Now that we have seen so many successful multi-stage attacks, we need to reassess the way we correlate the signals we are seeing from all the security tools in our environments.

Unnamed Ransomware gang uses a Python script to encrypt VMware ESXi servers

Security Affairs

An unnamed ransomware gang used a custom Python script to target VMware ESXi and encrypt all the virtual machines hosted on the server.

Phishing campaigns against Chase Bank customers are on the rise

Tech Republic Security

Throughout the summer of 2021, the number of phishing URLs designed to impersonate Chase jumped by 300%, says security firm Cyren

Huge Twitch Breach Leaks eSports ‘Toxic Cesspool’

Security Boulevard

Amazon’s game streaming service, Twitch, got hacked: 125 GB of its most private data has leaked. The post Huge Twitch Breach Leaks eSports ‘Toxic Cesspool’ appeared first on Security Boulevard.

US forms a National Cryptocurrency Enforcement Team to curb ransomware payments

CyberSecurity Insiders

After the ransomware attack on JBS Meat and Colonial Pipeline, the law enforcement authorities of United States have taken a resolution to curb ransomware payments.

5 steps toward real zero trust security

CSO Magazine

Zero trust has long been the logical successor to the moat/castle perimeter security model, which hasn’t worked very well to protect enterprises from cyberattacks and is becoming increasingly outdated as employees become more mobile and applications migrate to the cloud.

CSO 108

How to encrypt specific sections of Google Docs with the DocSecrets add-on

Tech Republic Security

Anyone who needs to hide away sections of text in Google Documents should give this handy add-on a try

New Regulations Are Coming — Get a Handle on Your App Portfolio

Dark Reading

With the realization that any app could be a gateway for a larger attack, there will be more pressure than ever on companies to fully protect their entire application landscape

106
106

Facebook October 2021 downtime could result from a revolting Cyber Attack

CyberSecurity Insiders

Facebook (FB) issued a press update on Monday October 4th, 2021, stating that all its online services across the world were down because of a configuration error that couldn’t be fixed on time as most of its staff were working from home.

TSA to issue cybersecurity requirements for US rail, aviation sectors

CSO Magazine

After issuing cybersecurity requirements for pipeline companies via two directives earlier this year, the Transportation Safety Administration (TSA) will now also issue cybersecurity requirements for rail systems and airport operators.

Cybersecurity Month: Be Cyber Smart

PCI perspectives

As an ? Official Champion ?of of National Cyber Security Awareness Month (NCSAM), the Council will be sharing educational resources on payment security best practices on the PCI Perspectives blog, and through our Twitter ( @PCISSC ) and? LinkedIn ?pages. pages.

Top 5 Skills Modern SOC Teams Need to Succeed

Dark Reading

From basic coding to threat hunting, here are five skills modern SOC teams need to successfully navigate the future of high-scale detection and response

106
106

Cyber Attack fear for abandoned US Vehicles and Aircrafts in Afghanistan

CyberSecurity Insiders

On September 11th, 2001 Taliban linked terrorist group launched a flight attack on the twin towers of United States that from then-on put a major dent in the US governance on an international note.

How corporate data and secrets leak from GitHub repositories

CSO Magazine

One boring day during the pandemic, security researcher Craig Hays decided to do an experiment. He wanted to leak an SSH username and password into a GitHub repository and see if any attacker might find it. Hays thought he'd have to wait a few days, maybe a week, before anyone noticed it.

CSO 105

To the moon and hack: Fake SafeMoon app drops malware to spy on you

We Live Security

Cryptocurrencies rise and fall, but one thing stays the same – cybercriminals attempt to cash in on the craze. The post To the moon and hack: Fake SafeMoon app drops malware to spy on you appeared first on WeLiveSecurity. Malware

Mandia Alerted NSA on FireEye's SolarWinds Breach

Dark Reading

"National security" concerns led former CEO Kevin Mandia to call the NSA when FireEye discovered its breach in late 2020

104
104