Schneier on Security

SEPTEMBER 21, 2020

This sounds like a bad idea.

Surveillance 363

Surveillance 363

Krebs on Security

SEPTEMBER 23, 2020

Tyler Technologies , a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations. The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents.

Technology 357

Technology Ransomware Software Government 357

Adam Levin

SEPTEMBER 22, 2020

The personal information of 540,000 sports referees, league officials, and school representatives has been compromised following a ransomware attack targeting a software vendor for the athletics industry. ArbiterSports, a software provider for several sports leagues including the NCAA, announced that it had averted a ransomware attack in July 2020, but despite blocking the attempt to encrypt their systems, the company discovered that a database backup had been accessed prior to the attack.

Identity Theft 246

Identity Theft Passwords Backups Encryption 246

Tech Republic Security

SEPTEMBER 23, 2020

Game players are affected by phishing campaigns, while gaming companies are getting hit by DDoS attacks, says Akamai.

DDOS 218

DDOS Phishing 218

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

Schneier on Security

SEPTEMBER 22, 2020

No real surprises, but we finally have the story. The story he went on to tell is strikingly straightforward. De Guzman was poor, and internet access was expensive. He felt that getting online was almost akin to a human right (a view that was ahead of its time). Getting access required a password, so his solution was to steal the passwords from those who’d paid for them.

Passwords 347

Passwords Internet Internet Malware 347

Krebs on Security

SEPTEMBER 24, 2020

Microsoft warned on Wednesday that malicious hackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the keys to the kingdom inside a vulnerable corporate network. Microsoft’s warning comes just days after the U.S. Department of Homeland Security issued an emergency directive instructing all federal agencies to patch the vulnerability by Sept. 21 at the latest.

Antivirus 276

Antivirus Security Intelligence Engineering Authentication 276

Tech Republic Security

SEPTEMBER 23, 2020

Some 85% of CISOs surveyed by Netwrix revealed that they sacrificed cybersecurity to quickly set up employees to work remotely.

Cyber threats 218

Cyber threats CISO Cybersecurity 218

Schneier on Security

SEPTEMBER 22, 2020

Amazon drivers — all gig workers who don’t work for the company — are hanging cell phones in trees near Amazon delivery stations, fooling the system into thinking that they are closer than they actually are: The phones in trees seem to serve as master devices that dispatch routes to multiple nearby drivers in on the plot, according to drivers who have observed the process.

Hacking 310

Hacking Wireless Accountability 310

WIRED Threat Level

SEPTEMBER 20, 2020

The latest update for your iPhone and iPad will make them safer than ever.

145

145

Security Affairs

SEPTEMBER 20, 2020

The U.K. National Cyber Security Centre (NCSC) has issued an alert about a surge in ransomware attacks targeting education institutions. The U.K. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware attacks against education institutions. The British security agency is urging the institutions in the industry to follow the recommendations to mitigate the risk of exposure to ransomware attacks.

Education 145

Education Ransomware Antivirus Backups 145

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Tech Republic Security

SEPTEMBER 22, 2020

Security is changing rapidly, and the COVID-19 pandemic hasn't helped. A Cisco roundtable of chief information security officer advisers plotted the course for a secure future.

CISO 218

CISO Information Security 218

Schneier on Security

SEPTEMBER 24, 2020

The New York Times wrote about a still-unreleased report from Chckpoint and the Miaan Group: The reports, which were reviewed by The New York Times in advance of their release, say that the hackers have successfully infiltrated what were thought to be secure mobile phones and computers belonging to the targets, overcoming obstacles created by encrypted applications such as Telegram and, according to Miaan, even gaining access to information on WhatsApp.

Government 278

Government Hacking Mobile Encryption 278

Dark Reading

SEPTEMBER 22, 2020

Understaffed, underfunded, and underequipped, IT teams in the K-12 sector face a slew of challenges amid remote and hybrid learning models. Here's where they can begin to protect their schools against cyberattacks.

Cybersecurity 144

Cybersecurity 144

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. The Mozi botnet was spotted by security experts from 360 Netlab, at the time of its discovered it was actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them.

IoT 145

IoT DDOS Architecture Passwords 145

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Tech Republic Security

SEPTEMBER 22, 2020

Passwords are the most important factor for securing your accounts. But you need to pay attention to your usernames as well, says NordPass.

Passwords 218

Passwords Accountability 218

Schneier on Security

SEPTEMBER 25, 2020

The founder and CEO of the Internet security company NS8 has been arrested and “charged in a Complaint in Manhattan federal court with securities fraud, fraud in the offer and sale of securities, and wire fraud.” I admit that I’ve never even heard of the company before.

Internet 232

Internet Internet Cybersecurity 232

WIRED Threat Level

SEPTEMBER 22, 2020

Operation Disruptor is an unprecedented international law enforcement effort, stemming from last year’s seizure of a popular underground bazaar called Wall Street Market.

Marketing 137

Marketing 137

Security Affairs

SEPTEMBER 19, 2020

The popular encrypted email service Tutanota was hit with a series of DDoS attacks this week targeting its website fist and its DNS providers later. Encrypted email service, Tutanota suffered a series of DDoS attacks that initially targeted the website and later its DNS providers. The company currently has over 2 million users, some of them were not able to access the service for several hours.

DDOS 145

DDOS Encryption DNS Advertising 145

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Tech Republic Security

SEPTEMBER 21, 2020

Government agencies in the US have until today to patch a Windows Server vulnerability that could give hackers control over federal networks.

Government 218

Government 218

Threatpost

SEPTEMBER 24, 2020

A new 'fork' of the Cerberus banking trojan, called Alien, targets victims' credentials from more than 200 mobile apps, including Bank of America and Microsoft Outlook.

Banking 127

Banking Mobile Authentication Malware 127

WIRED Threat Level

SEPTEMBER 24, 2020

On July 15, Twitter melted down. On Election Day, that's not an option.

Hacking 131

Hacking 131

Security Affairs

SEPTEMBER 22, 2020

The Italian eyewear and eyecare giant Luxottica has reportedly suffered a cyber attack that disrupted its operations in Italy and China. Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.c

Advertising 145

Advertising Retail Manufacturing Cyber Attacks 145

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

Tech Republic Security

SEPTEMBER 22, 2020

Keeping the hackers out remains a top priority but firms are also looking at new areas of investment.

218

218

Threatpost

SEPTEMBER 22, 2020

Google's new release of Chrome 85.0.4183.121 for Windows, Mac, and Linux fixes 10 security flaws.

120

120

SecureWorld News

SEPTEMBER 21, 2020

Major fines and major findings in the Capitol One data breach investigation. Here is what a U.S. regulatory agency revealed about the bank data breach.

Data breaches 298

Data breaches Risk Banking 298

Security Affairs

SEPTEMBER 19, 2020

Mozilla addressed a bug that can be exploited by attackers to hijack all the Firefox for Android browsers that share the same WiFi network. Mozilla has addressed a vulnerability that can be abused by attackers to hijack all the Firefox for Android browsers on the same WiFi network and force them to visit malicious sites, such as pages delivering malware and phishing pages.

Mobile 145

Mobile Advertising Engineering Hacking 145

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Tech Republic Security

SEPTEMBER 23, 2020

Bad actors could create or change websites and social media content to discredit this year's electoral process, cautions the FBI and CISA.

Media 214

Media 214

Threatpost

SEPTEMBER 21, 2020

A new Android malware strain has been uncovered, part of the Rampant Kitten threat group's widespread surveillance campaign that targets Telegram credentials and more.

Malware 120

Malware Passwords Surveillance Authentication 120

WIRED Threat Level

SEPTEMBER 21, 2020

So-called single sign-on options offer a lot of convenience. But they have downsides that a good old fashioned password manager doesn't.

Password Management 117

Password Management Passwords 117

Security Affairs

SEPTEMBER 24, 2020

Experts worldwide warn about a surge in the Emotet activity, this time the alerts are from Microsoft, Italy and the Netherlands agencies. Two weeks ago, cybersecurity agencies across Asia and Europe warned of Emotet spam campaigns targeting businesses in France, Japan, and New Zealand. The French national cyber-security agency published an alert to warn of a significant increase of Emotet attacks targeting the private sector and public administration entities in France.

Malware 144

Malware Passwords Advertising Ransomware 144

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!