Sat.Jan 01, 2022 - Fri.Jan 07, 2022

Norton 360 Now Comes With a Cryptominer

Krebs on Security

Norton 360 , one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers.

People Are Increasingly Choosing Private Web Search

Schneier on Security

DuckDuckGo has had a banner year : And yet, DuckDuckGo. The privacy-oriented search engine netted more than 35 billion search queries in 2021 , a 46.4% jump over 2020 (23.6 billion). That’s big.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Weekly Update 277

Troy Hunt

Well that all changed very quickly. One week ago, I was like "I'm going to do this video from somewhere really epic next week" A few hours after that video, the host of the drinks we'd gone to over the road the day before told us she had symptoms.

198
198

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

The Last Watchdog

Cyber threats continue to gain momentum and there are still not enough ways to counter it. Related: Why the ‘Golden Age’ of cyber espionage is upon us. The global threat intelligence market size was estimated at $10.9 billion in 2020 and will grow to $16.1 billion by 2025. Yet, according to the study by the Ponemon Institute, the number of insider leaks has increased by 47 percent in 2020 compared to 2018.

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Cyber Security Expert Joseph Steinberg To Serve On Newsweek Expert Forum In 2022

Joseph Steinberg

Cyber Security Expert, Joseph Steinberg, who joined Newsweek’s Expert Forum last year, will continue serving as a member throughout 2022.

Norton’s Antivirus Product Now Includes an Ethereum Miner

Schneier on Security

Norton 360 can now mine Ethereum. It’s opt-in, and the company keeps 15%. It’s hard to uninstall this option. Uncategorized antivirus cryptocurrency

More Trending

MY TAKE: Why companies had better start taking the security pitfalls of API proliferation seriously

The Last Watchdog

APIs are putting business networks at an acute, unprecedented level of risk – a dynamic that has yet to be fully acknowledged by businesses. Related: ‘SASE’ framework extends security to the network edge. That said, APIs are certain to get a lot more attention by security teams — and board members concerned about cyber risk mitigation — in 2022. This is so because a confluence of developments in 2021 has put API security in the spotlight, where it needs to be.

CDN Cache Poisoning Allows DoS Attacks Against Cloud Apps

Dark Reading

A Romanian researcher discovers more than 70 vulnerabilities in how applications and their content delivery networks handle cache misses that open the doors to denial-of-service attacks

114
114

More Russian Cyber Operations against Ukraine

Schneier on Security

Both Russia and Ukraine are preparing for military operations in cyberspace. Uncategorized cyberwar Russia Ukraine

232
232

Hackers exploit Google Docs in new phishing campaign

Tech Republic Security

Attackers are taking advantage of the comment feature in Google Docs to send people emails with malicious links, says Avanan

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

5 ways hackers steal passwords (and how to stop them)

We Live Security

From social engineering to looking over your shoulder, here are some of the most common tricks that bad guys use to steal passwords. The post 5 ways hackers steal passwords (and how to stop them) appeared first on WeLiveSecurity. Password

Google Docs Comments Weaponized in New Phishing Campaign

Dark Reading

Attackers use the comment feature in Google Docs to email victims and lure them into clicking malicious links

Artificial Intelligence cuts down packaging issues for Amazon

CyberSecurity Insiders

From January 3rd, 2022, Amazon will be solving most of its packaging issues with the help of AI based machine learning tools.

How to install the CSF firewall on Ubuntu Server

Tech Republic Security

If you'd like a powerful firewall for your Ubuntu Server, but one that offers a fairly straightforward configuration, Jack Wallen thinks CSF might be the right tool for the job

How to Avoid the Pain and Cost of PCI Compliance While Optimizing Payments

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

Google Releases New Chrome Update to Patch Dozens of New Browser Vulnerabilities

The Hacker News

Google has rolled out the first round of updates to its Chrome web browser for 2022 to fix 37 security issues, one of which is rated Critical in severity and could be exploited to pass arbitrary code and gain control over a victim's system.

114
114

New Attack Campaign Exploits Microsoft Signature Verification

Dark Reading

The Malsmoke attack group is behind a campaign that has exploited the Microsoft e-signature verification tool to target 2,100 victims

114
114

What’s Ahead for AI and Cybersecurity in 2022

Security Boulevard

There was no shortage of cybersecurity headlines in 2021. From REvil’s attacks, disappearance and resurgence to a brewing “cyber cold war” sweeping the world, 2021 was one of the most hectic years yet for the cybersecurity industry.

Behind the scenes: A day in the life of a cybersecurity curriculum director

Tech Republic Security

The Kennedy Space Center kick-started Andee Harston's career in cybersecurity. Here's how she worked her way up to overseeing the cybersecurity curriculum for Infosec

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

6 Ways to Delete Yourself From the Internet

WIRED Threat Level

You’ll never be able to get a clean slate—but you can significantly downsize your digital footprint. Security Security / Privacy

Attackers Exploit Log4j Flaws in Hands-on-Keyboard Attacks to Drop Reverse Shells

Dark Reading

Microsoft says vulnerabilities present a "real and present" danger, citing high volume of scanning and attack activity targeting the widely used Apache logging framework

114
114

6 Ways to Minimize Ransomware Damage

Security Boulevard

Ransomware is more pervasive than ever, and the number of attacks is mindboggling. With help from ransomware-as-a-service (RaaS), cybercriminals and organized “bad actors” continue to wreak havoc.

Over 3.7 million accounts were compromised in the FlexBooker data breach

Security Affairs

The appointment scheduling service FlexBooker discloses a data breach that impacted over 3.7 million accounts. Threat actors compromised the FlexBooker accounts of more than 3.7 million users, the attack took place before the holidays.

Instagram and teens: A quick guide for parents to keep their kids safe

We Live Security

How can you help your kids navigate Instagram safely? Here are a few tips to help you protect their privacy on the app. The post Instagram and teens: A quick guide for parents to keep their kids safe appeared first on WeLiveSecurity. Kids Online

113
113

Vinnie Liu Has a Mission: Keeping People Safe Online and Offline

Dark Reading

Security Pro File: The years at the National Security Agency shaped Vinnie Liu's views on security. We're missionaries, not mercenaries," he says

114
114

Cybersecurity News Round-Up: Week of January 3, 2022

Security Boulevard

On Tuesday, the United States Federal Trade Commission (FTC) issued a stern warning to companies that have not yet patched the Log4j vulnerability: We will find you. The post Cybersecurity News Round-Up: Week of January 3, 2022 appeared first on Security Boulevard. Security Bloggers Network

Exclusive: NASA Director Twitter account hacked by Powerful Greek Army

Security Affairs

The Twitter account of NASA Director Parimal Kopardekar (@nasapk) was hacked by the Powerful Greek Army group. The Twitter account of the NASA Director and Sr Technologist for Air Transporation Sytem Mr. Parimal Kopardekar ( @nasapk ) was hacked by the Powerful Greek Army group.

New Trick Could Let Malware Fake iPhone Shutdown to Spy on Users Secretly

The Hacker News

Researchers have disclosed a novel technique by which malware on iOS can achieve persistence on an infected device by faking its shutdown process, making it impossible to physically determine if an iPhone is off or otherwise.

Mobile 113

Name That Edge Toon: In Your Face!

Dark Reading

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card

114
114

Data mining of Facebook and Twitter posts by China

CyberSecurity Insiders

China is reportedly mining data from users of Facebook and Twitter and the plan is to feed its military with all useful information sieved from the tonnes of data using different AI based machine learning tools.

Threat actors stole 1.1 million customer accounts from 17 well-known companies

Security Affairs

NY OAG warned 17 companies that roughly 1.1 million of their customers have had their user accounts compromised in credential stuffing attacks. The New York State Office of the Attorney General (NY OAG) has warned 17 companies that roughly 1.1

Detecting Evasive Malware on IoT Devices Using Electromagnetic Emanations

The Hacker News

Cybersecurity researchers have proposed a novel approach that leverages electromagnetic field emanations from the Internet of Things (IoT) devices as a side-channel to glean precise knowledge about the different kinds of malware targeting the embedded systems, even in scenarios where obfuscation techniques have been applied to hinder analysis.

IoT 113

New Mac Malware Samples Underscore Growing Threat

Dark Reading

A handful of malicious tools that emerged last year showed threat actors may be getting more serious about attacking Apple macOS and iOS environments

Apple AirTag: Absolutely Awful, Say Stalking Victims

Security Boulevard

Apple is coming under renewed flak for its AirTags—and how they make life easy for stalkers and carjackers. But is the criticism fair? The post Apple AirTag: Absolutely Awful, Say Stalking Victims appeared first on Security Boulevard.