Schneier on Security

FEBRUARY 16, 2023

Interesting : According to internal Slack messages that were leaked to Insider , an Amazon lawyer told workers that they had “already seen instances” of text generated by ChatGPT that “closely” resembled internal company data. This issue seems to have come to a head recently because Amazon staffers and other tech workers throughout the industry have begun using ChatGPT as a “ coding assistant ” of sorts to help them write or improve strings of code, the report

354

354

Lohrman on Security

FEBRUARY 12, 2023

Quantum computers hold the promise of amazing advances in numerous fields. So why are cybersecurity experts so worried about Q-Day? What must be done now to prepare?

Cybersecurity 361

Cybersecurity 361

Tech Republic Security

FEBRUARY 16, 2023

Learn how to protect your business and staff from the MortalKombat ransomware and Laplas Clipper malware. The post Cryptocurrency users in the US hit by ransomware and Clipper malware appeared first on TechRepublic.

Cryptocurrency 210

Cryptocurrency Malware Ransomware Phishing 210

Security Boulevard

FEBRUARY 17, 2023

Oakland is still reeling from last week’s ransomware attack. San Francisco’s poorer neighbor is asking for help. The post ‘Serious’ Ransomware Emergency in Oakland, Calif. — Legacy FAIL appeared first on Security Boulevard.

Ransomware 138

Ransomware Social Engineering Security Awareness Engineering 138

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Trend Micro

FEBRUARY 16, 2023

We discovered a new backdoor which we have attributed to the advanced persistent threat actor known as Earth Kitsune, which we have covered before. Since 2019, Earth Kitsune has been distributing variants of self-developed backdoors to targets, primarily individuals who are interested in North Korea.

135

135

SecureList

FEBRUARY 15, 2023

ChatGPT is a groundbreaking chatbot powered by the neural network-based language model text-davinci-003 and trained on a large dataset of text from the Internet. It is capable of generating human-like text in a wide range of styles and formats. ChatGPT can be fine-tuned for specific tasks, such as answering questions, summarizing text, and even solving cybersecurity-related problems, such as generating incident reports or interpreting decompiled code.

Malware 138

Malware Phishing Encryption Internet 138

Bleeping Computer

FEBRUARY 17, 2023

Web hosting giant GoDaddy says it suffered a breach where unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment in a multi-year attack. [.

Malware 136

Malware 136

Security Boulevard

FEBRUARY 14, 2023

U.S. GDPR ASAP: Data brokers are selling PII about mental health conditions—depression, anxiety, bipolar disorder, PTSD, OCD, etc. The post Your Mental Health Data for Sale or Rent — 20¢ appeared first on Security Boulevard.

Social Engineering 135

Social Engineering Insurance Accountability Healthcare 135

CSO Magazine

FEBRUARY 17, 2023

The European Parliament’s Committee on Civil Liberties, Justice and Home Affairs has recommended that the European Commission reject the proposed EU-US Data Privacy Framework, which would govern the way in which the personal information of EU citizens is handled by US companies. The committee's decision — formally, a draft motion for a resolution— represents a rejection of the European Commission’s recommendation, announced in December , that the data privacy framework should be adopted.

Data privacy 134

Data privacy Government 134

Tech Republic Security

FEBRUARY 13, 2023

The company showcased dozens of new security tools and services to detect and prevent malware, phishing, ransomware and other attacks, but AI took center stage. The post Check Point’s annual cybersecurity event spotlights power of AI appeared first on TechRepublic.

Cybersecurity 173

Cybersecurity Phishing Ransomware Malware 173

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Bleeping Computer

FEBRUARY 16, 2023

A new Mirai botnet variant tracked as 'V3G4' targets 13 vulnerabilities in Linux-based servers and IoT devices to use in DDoS (distributed denial of service) attacks. [.

DDOS 137

DDOS IoT Malware 137

Security Boulevard

FEBRUARY 15, 2023

Oligo Security today launched a runtime application security and observability platform that enables cybersecurity teams to detect and prioritize open source code vulnerabilities based on severity without affecting performance. Fresh from raising $28 million in funding, Oligo CEO Nadav Czerninski said the Oligo platform makes use of dynamic library-level analysis and behavior monitoring software to.

Software 130

Software Cybersecurity Malware 130

CSO Magazine

FEBRUARY 15, 2023

Machine learning (ML) is a commonly used term across nearly every sector of IT today. And while ML has frequently been used to make sense of big data—to improve business performance and processes and help make predictions—it has also proven priceless in other applications, including cybersecurity. This article will share reasons why ML has risen to such importance in cybersecurity, share some of the challenges of this particular application of the technology and describe the future that machine

Cybersecurity 130

Cybersecurity Big data IoT Internet 130

Tech Republic Security

FEBRUARY 16, 2023

Find out how Beep malware can evade your security system, what it can do and how to protect your business. The post Security warning: Beep malware can evade detection appeared first on TechRepublic.

Malware 167

Malware Ransomware Cybersecurity 167

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Bleeping Computer

FEBRUARY 16, 2023

Hackers are deploying a new malware named 'Frebniss' on Microsoft's Internet Information Services (IIS) that stealthily executes commands sent via web requests. [.

Malware 135

Malware Internet Internet 135

CyberSecurity Insiders

FEBRUARY 17, 2023

Succession Wealth, a financial wealth management service offering company, has released a press statement that a cyber attack targeted its servers and it can only reveal details after the investigation gets concluded. Prima Facie revealed that hackers accessed no client data in the attack. However, a confirmation on this note can only be given after a detailed inquiry gets concluded.

Cyber Attacks 129

Cyber Attacks Identity Theft Insurance Social Engineering 129

CSO Magazine

FEBRUARY 14, 2023

The last year saw a rise in the sophistication and number of attacks targeting industrial infrastructure, including the discovery of a modular malware toolkit that's capable of targeting tens of thousands of industrial control systems (ICS) across different industry verticals. At the same time, incident response engagements by industrial cybersecurity firm Dragos showed that 80% of impacted environments lacked visibility into ICS traffic and half had network segmentation issues and uncontrolled

Malware 130

Malware Cybersecurity 130

Tech Republic Security

FEBRUARY 15, 2023

The outage message that Twitter users got last week could be read as a warning for big tech firms looking to slash their IT workforce. The post What Twitter outage says about (over) zealous downsizing appeared first on TechRepublic.

152

152

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Security Boulevard

FEBRUARY 15, 2023

It comes as no surprise that, as last year came to a close, Microsoft was tracking more than 50 unique active ransomware families and more than 100 threat actors that were using ransomware in their attacks. After all, ransomware is still a familiar, destructive and sometimes costly foe; 2022 ended with the Sandworm gang launching. The post Ransomware Closed 2022 With a Bang, Fueled by RaaS appeared first on Security Boulevard.

Ransomware 127

Ransomware Malware Cybersecurity 127

SecureWorld News

FEBRUARY 16, 2023

How would you feel to wake up one day and find that your city's IT systems are offline? That's the reality the City of Oakland, California, is facing after a ransomware attack last week. The incident has caused enough damage that the city has declared a state of emergency to expedite orders, materials, and equipment procurement, and to activate emergency workers when needed, highlighting the real-world consequences of cyberattacks.

Ransomware 121

Ransomware Government Cybersecurity Encryption 121

CSO Magazine

FEBRUARY 15, 2023

As business processes become more complex, companies are turning to third parties to boost their ability to provide critical services from cloud storage to data management to security. It’s often more efficient and less expensive to contract out work that would otherwise require significant effort and potentially drain in-house resources to those who can do it for you.

Risk 129

Risk 129

Tech Republic Security

FEBRUARY 15, 2023

Leaving your iOS device unattended can pose a security risk as more iOS users are carrying personal information on their devices. Keep it secure with these handy tips. The post How to secure your iOS device to prevent unwanted access appeared first on TechRepublic.

Risk 136

Risk Mobile 136

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Security Boulevard

FEBRUARY 13, 2023

It’s evident that many cybersecurity and IT professionals have mixed feelings about AI in general and ChatGPT in particular. According to a recent study from BlackBerry, while eight in ten decision makers said they plan to invest in AI-driven cybersecurity by 2025, three-quarters of those respondents saw AI as a serious threat to security. The. The post When Will the First ChatGPT-Based Cyberattacks Launch?

Cybersecurity 127

Cybersecurity Social Engineering Engineering Phishing 127

CyberSecurity Insiders

FEBRUARY 13, 2023

Pepsi Bottling Ventures PBV, a business unit of PepsiCo Beverages, suffered a malware attack leading to disruption of services in 18 of its bottling facilities spread across Maryland, Delaware, Virginia, South and North Carolina. Unconfirmed sources state that the attack was caused by malware leading to data siphoning and encryption- hinting to us the attack was of ransomware variant.

Ransomware 121

Ransomware Insurance Manufacturing Malware 121

CSO Magazine

FEBRUARY 13, 2023

Responses to recent cyber breaches suggest organizations can struggle to get the message right in the midst of an incident. While managing the communications around an incident is outside the direct purview of the CISO, having an existing communications plan in place is an essential element of cyber preparedness. “Communications are a critical component of a good cyber strategy, and it should be prepared and practiced in organizations before an incident occurs,” says Eden Winokur, head of cyber

CISO 127

CISO Risk 127

Bleeping Computer

FEBRUARY 17, 2023

The U.S. Federal Bureau of Investigation (FBI) is reportedly investigating malicious cyber activity on the agency's network. [.

Cybersecurity 143

Cybersecurity 143

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

Security Boulevard

FEBRUARY 15, 2023

As 5G networks continue to roll out, cybersecurity is top-of-mind for communication service providers (CSPs). The telecom industry was the most targeted vertical, attracting 37% of security attacks compared to 14% for the next-highest industry vertical according to CrowdStrike’s 2022 threat report. Understanding a fast-moving digital landscape comes with unique challenges, and more industries and.

Threat Reports 125

Threat Reports Cybersecurity Security Awareness Risk 125

Dark Reading

FEBRUARY 17, 2023

Established network security players like Check Point are responding to the shift to cloud-native applications, which have exposed more vulnerabilities in open source software supply chains.

Network Security 120

Network Security Software 120

CSO Magazine

FEBRUARY 15, 2023

Not too long ago, guarding access to the network was the focal point of defense for security teams. Powerful firewalls ensured that attackers were blocked on the outside while on the inside things might get “squishy,” allowing users fairly free rein within. Those firewalls were the ultimate defense—no one undesirable got access. Until they did. With the advent of cloud computing, the edge of a network is no longer protected by a firewall.

Firewall 126

Firewall 126

Bleeping Computer

FEBRUARY 16, 2023

Atlassian has confirmed that a breach at a third-party vendor caused a recent leak of company data and that their network and customer information is secure. [.

Hacking 124

Hacking 124

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

Risk