Tech Republic Security
JANUARY 25, 2023
A new study finds that due to the growing threat surface from hybrid work and third-party vendors, only half of organizations have the budget to meet current cybersecurity needs. The post Survey: Cybersecurity budgets aren’t matching cybersecurity challenges appeared first on TechRepublic.
Schneier on Security
JANUARY 27, 2023
Early in his career, Kevin Mitnick successfully hacked California law. He told me the story when he heard about my new book , which he partially recounts his 2012 book, Ghost in the Wires. The setup is that he just discovered that there’s warrant for his arrest by the California Youth Authority, and he’s trying to figure out if there’s any way out of it.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Krebs on Security
JANUARY 25, 2023
On Dec. 23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. Experian fixed the glitch, but remained silent about the incident for a month.
Lohrman on Security
JANUARY 22, 2023
In a series of reports released at the World Economic Forum gathering in Davos, Switzerland, this past week, the outlook for the global economy, and for cybersecurity worldwide, looked gloomy.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Tech Republic Security
JANUARY 24, 2023
The criminals took advantage of an API to grab personal details such as customer names, billing addresses, email addresses, phone numbers, dates of birth, and T-Mobile account numbers. The post How hackers stole the personal data of 37 million T-Mobile customers appeared first on TechRepublic.
Schneier on Security
JANUARY 23, 2023
I can’t remember the last time I thought about the US no-fly list: the list of people so dangerous they should never be allowed to fly on an airplane, yet so innocent that we can’t arrest them. Back when I thought about it a lot, I realized that the TSA’s practice of giving it to every airline meant that it was not well protected, and it certainly ended up in the hands of every major government that wanted it.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Boulevard
JANUARY 27, 2023
Law enforcement agencies from several countries got together and took down the site. They also worked to decrypt victims’ data. The post ‘Hive’ Russian Ransomware Gang Shut Down by FBI, DoJ, Europol, Bundeskriminalamt, et al appeared first on Security Boulevard.
Tech Republic Security
JANUARY 27, 2023
Working with international law enforcement, the FBI said it has seized control of the servers the Hive group uses to communicate with members. The post FBI takes down Hive ransomware group appeared first on TechRepublic.
Schneier on Security
JANUARY 24, 2023
Just another obscure warrantless surveillance program. US law enforcement can access details of money transfers without a warrant through an obscure surveillance program the Arizona attorney general’s office created in 2014. A database stored at a nonprofit, the Transaction Record Analysis Center (TRAC), provides full names and amounts for larger transfers (above $500) sent between the US, Mexico and 22 other regions through services like Western Union, MoneyGram and Viamericas.
We Live Security
JANUARY 27, 2023
Sandworm continues to conduct attacks against carefully chosen targets in the war-torn country The post SwiftSlicer: New destructive wiper malware strikes Ukraine appeared first on WeLiveSecurity
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Quick Heal Antivirus
JANUARY 25, 2023
As cyber threats continue to evolve and become more sophisticated, it’s crucial for security researchers and professionals. The post AsyncRAT Analysis with ChatGPT appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.
Tech Republic Security
JANUARY 25, 2023
Unless you've been living under a rock for the past decade, you’ve probably heard of 5G telecommunications. But what is it? The post The risks of 5G security appeared first on TechRepublic.
Schneier on Security
JANUARY 25, 2023
The head of both US Cyber Command and the NSA, Gen. Paul Nakasone, broadly discussed that first organization’s offensive cyber operations during the runup to the 2022 midterm elections. He didn’t name names, of course: We did conduct operations persistently to make sure that our foreign adversaries couldn’t utilize infrastructure to impact us,” said Nakasone. “We understood how foreign adversaries utilize infrastructure throughout the world.
Security Boulevard
JANUARY 27, 2023
The Federal Trade Commission (FTC) chair, Lina M. Khan, recently announced the commission’s intent to adjust a rule that would prohibit non-compete agreements by workers or independent contractors. Their rationale? Unfair competition—which, therefore, falls under the purview of the FTC. This could have a huge impact on the cybersecurity and IT industries, and open up.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Bleeping Computer
JANUARY 26, 2023
Microsoft urged customers today to keep their on-premises Exchange servers patched by applying the latest supported Cumulative Update (CU) to have them always ready to deploy an emergency security update. [.
Tech Republic Security
JANUARY 24, 2023
A new research report from SentinelOne exposes a SEO poisoning attack campaign that hijacks brand names in paid search ads. The post Recent rise in SEO poisoning attacks compromise brand reputations appeared first on TechRepublic.
Schneier on Security
JANUARY 27, 2023
This is a good list of modern phishing techniques.
Security Boulevard
JANUARY 24, 2023
Cloud computing has been adopted more rapidly in recent years, and we see more cloud applications in security. As businesses return to the office, they need to rethink physical security to futureproof their security strategy against the constantly evolving security landscape. Is physical security-as-a-service (PSaaS) the solution for a futureproof security strategy?
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Bleeping Computer
JANUARY 24, 2023
A threat actor tracked as DEV-0569 uses Google Ads in widespread, ongoing advertising campaigns to distribute malware, steal victims' passwords, and ultimately breach networks for ransomware attacks. [.
Tech Republic Security
JANUARY 23, 2023
A new report from Kaspersky details what their digital forensics and incident response teams predict as the main 2023 threats to corporations and government agencies. Learn more about it. The post Kaspersky releases 2023 predictions appeared first on TechRepublic.
CyberSecurity Insiders
JANUARY 24, 2023
The next time when you search for a software download on the Google search engine, be cautious, as the software might also bring in new trouble as malware or might strictly act as a source to malware spread that can steal data and encrypt all the information on the web. Security analysts from MalwareHunterTeam have discovered a threat actor tracked DEV-0569 spreading malware dubbed ‘Rhadamanthys’( Son of Zeus in Greek) by hosting it in Google Ads.
Security Boulevard
JANUARY 23, 2023
Enterprises might want to spend the next few months checking and bolstering their boards’ cybersecurity chops—because by the end of 2023, the Security and Exchange Commission (SEC) is expected to finalize its proposal requiring them to attest to their boards’ cybersecurity acumen—as well as disclose their cybersecurity oversight efforts and information on attacks.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Bleeping Computer
JANUARY 24, 2023
GoTo (formerly LogMeIn) is warning customers that threat actors who breached its development environment in November 2022 stole encrypted backups containing customer information and an encryption key for a portion of that data. [.
Tech Republic Security
JANUARY 24, 2023
From ransomware to third-party vendor security to software-defined perimeters, these cybersecurity topics should be on IT leaders’ radar. The post 10 cybersecurity predictions for tech leaders in 2023 appeared first on TechRepublic.
CSO Magazine
JANUARY 23, 2023
The metaverse is coming; businesses and government agencies are already building virtual worlds to support city services, meetings and conferences, community building, and commerce. They’re also rendering spatial apps around travel, car sales, manufacturing, and architecture in what Citi predicts will be a $13-trillion market with 5 billion users by 2030.
Security Boulevard
JANUARY 25, 2023
At a time when cybersecurity threats are at an all-time high, an alarming statistic is emerging: Professionals in this field are experiencing high levels of stress and burnout. The post Cybersecurity is Facing a Cataclysmic Problem appeared first on Security Boulevard.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Bleeping Computer
JANUARY 27, 2023
Security researchers have analyzed a variant of the PlugX malware that can hide malicious files on removable USB devices and then infect the Windows hosts they connect to. [.
Tech Republic Security
JANUARY 24, 2023
A new study by Gartner predicts that by 2026 just 10% of companies will have zero-trust protocols in place against cybersecurity exploits. The post Companies slow to “mask up” with zero trust cybersecurity protocols appeared first on TechRepublic.
Trend Micro
JANUARY 23, 2023
In this blog entry, we’d like to highlight our findings on Vice Society, which includes an end-to-end infection diagram that we were able to create using Trend Micro internal telemetry.
Security Boulevard
JANUARY 23, 2023
An unsecured Jenkins server contained secret credentials for more than 40 public-cloud storage buckets. In today’s SB Blogwatch, we say hello to our old friend maia arson crimew. The post US No-Fly List Leaked via Airline Dev Server by @_nyancrimew appeared first on Security Boulevard.
Speaker: William Hord, Vice President of ERM Services
A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.
Expert insights. Personalized for you.
192 
Let's personalize your content