WIRED Threat Level

JULY 29, 2021

The latest weapons in the global information war are fake vessels behaving badly. Security Security / National Security

96

96

CyberSecurity Insiders

JULY 26, 2021

United States is interested in seeking an international strategy to tackle AI based cyber attacks that are leading to hybrid warfare.

Cyber Attacks 111

Cyber Attacks Artificial Intelligence Ransomware Government 111

SiteLock

JULY 27, 2021

One of the most dangerous concerns one could find is malware on a server. Malware can appear on websites produced through any CMS including WordPress. A malware developer can create a code that targets a specific website, or an entire CMS.

Malware 83

Malware 83

CSO Magazine

JULY 27, 2021

There’s no shortage of definitions of zero trust floating around. You’ll hear terms such as principles, pillars, fundamentals, and tenets. While there is no single definition of zero trust, it helps to have a shared understanding of a concept.

Architecture 113

Architecture Technology 113

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

Marketing

Schneier on Security

JULY 28, 2021

Data collection 285

Data collection Surveillance Mobile Advertising 285

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals.

Passwords 248

Passwords Web Fraud Scams Phishing 248

Troy Hunt

JULY 30, 2021

The plan this week was to do a super simple update whilst having some time out. In the back yard, sun shining, iPad, Air Pods, all good. Mostly all good - the sound quality on those Air Pods is absolute rubbish.

196

196

Schneier on Security

JULY 26, 2021

Ransomware isn’t new; the idea dates back to 1986 with the “Brain” computer virus. Now, it’s become the criminal business model of the internet for two reasons.

Ransomware 285

Ransomware Banking Cryptocurrency Marketing 285

Krebs on Security

JULY 26, 2021

Joseph “PlugwalkJoe” O’Connor, in a photo from a paid press release on Sept. 02, 2020, pitching him as a trustworthy cryptocurrency expert and advisor.

Media 208

Media Wireless Scams Accountability 208

The Last Watchdog

JULY 26, 2021

Google’s addition to Gmail of something called Verified Mark Certificates (VMCs) is a very big deal in the arcane world of online marketing. Related: Dangers of weaponized email. This happened rather quietly as Google announced the official launch of VMCs in a blog post on July 12. Henceforth companies will be able to insert their trademarked logos in Gmail’s avatar slot; many marketers can’t wait to distribute email carrying certified logos to billions of inboxes.

Marketing 169

Marketing Cybersecurity Phishing Authentication 169

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

Data privacy

Anton on Security

JULY 30, 2021

I keep coming to the same topic over and over? —?why why are we still bad at detecting threats? I’ve lamented on this a few times, either touching on general difficulties with detection , its uncertainty or highlighting the fragile detections people write.

Threat Detection 130

Threat Detection Authentication Engineering Cybersecurity 130

Schneier on Security

JULY 30, 2021

New paper: “ Encrypted Cloud Photo Storage Using Google Photos “: Abstract: Cloud photo services are widely used for persistent, convenient, and often free photo storage, which is especially useful for mobile devices.

Encryption 280

Encryption Architecture Mobile 280

Tech Republic Security

JULY 30, 2021

It will be hard to catch these smugglers, as they're abusing an essential element of web browsers that allow them to assemble code at endpoints, bypassing perimeter security

Cybercrime 170

Cybercrime 170

The Last Watchdog

JULY 29, 2021

Modern civilization revolves around inextricably intertwined relationships. This is why our financial markets rise and fall in lock step; why climate change is accelerating; and why a novel virus can so swiftly and pervasively encircle the planet. Related: What it will take to truly secure data lakes. Complex relationships also come into play when it comes to operating modern business networks. A lack of understanding of these relationships is a big reason why cloud breaches happen.

Cloud Migration 150

Cloud Migration Digital transformation Risk CISO 150

The Hacker News

JULY 30, 2021

Cybersecurity researchers on Friday unmasked new command-and-control (C2) infrastructure belonging to the Russian threat actor tracked as APT29, aka Cozy Bear, that has been spotted actively serving WellMess malware as part of an ongoing attack campaign.

Malware 114

Malware Cybersecurity 114

Schneier on Security

JULY 30, 2021

The time has come for me to find a new home for my (paper) cryptography library. It’s about 150 linear feet of books, conference proceedings, journals, and monographs — mostly from the 1980s, 1990s, and 2000s.

Education 278

Education 278

Tech Republic Security

JULY 27, 2021

To ward off the attack known as PetitPotam, Microsoft advises you to disable NTLM authentication on your Windows domain controller

Authentication 171

Authentication 171

The Last Watchdog

JULY 27, 2021

The ethical hackers at WizCase recently disclosed another stunning example of sensitive consumer data left out in the open in the public cloud — for one and all to access. Related: How stolen data gets leveraged in full-stack attacks. This latest high-profile example of security sloppiness was uncovered by a team of white hat hackers led by Ata Hakçil.

Scams 133

Scams Encryption Passwords Government 133

Security Affairs

JULY 29, 2021

A new variant of the LockBit 2.0 ransomware is now able to encrypt Windows domains by using Active Directory group policies. Researchers from MalwareHunterTeam and BleepingComputer, along with the malware expert Vitali Kremez reported spotted a new version of the LockBit 2.0

Encryption 114

Encryption Ransomware Advertising Cybersecurity 114

Schneier on Security

JULY 27, 2021

Interesting research: “EvilModel: Hiding Malware Inside of Neural Network Models” Abstract: Delivering malware covertly and detection-evadingly is critical to advanced malware campaigns.

Malware 277

Malware Artificial Intelligence Antivirus Engineering 277

Tech Republic Security

JULY 30, 2021

Move up in the profitable field of cybersecurity by improving your ethical hacking skills

Hacking 167

Hacking Cybersecurity 167

The Last Watchdog

JULY 30, 2021

Company-supplied virtual private networks (VPNs) leave much to be desired, from a security standpoint. Related: How ‘SASE’ is disrupting cloud security. This has long been the case. Then a global pandemic came along and laid bare just how brittle company VPNs truly are. Criminal hackers recognized the golden opportunity presented by hundreds of millions employees suddenly using a company VPN to work from home and remotely connect to an array of business apps.

VPN 130

VPN Firewall System Administration Encryption 130

Security Affairs

JULY 30, 2021

Researcher published an exploit code for a high-severity privilege escalation flaw (CVE-2021-3490) in Linux kernel eBPF on Ubuntu machines.

Technology 113

Technology Cybersecurity Information Security Hacking 113

Schneier on Security

JULY 29, 2021

A teenager on an airplane sent a photo of a replica gun via AirDrop to everyone who had their settings configured to receive unsolicited photos from strangers. This caused a three-hour delay as the plane — still at the gate — was evacuated and searched.

234

234

Tech Republic Security

JULY 28, 2021

The average cost of a data breach among companies surveyed for IBM Security reached $4.24 million per incident, the highest in 17 years

Data breaches 167

Data breaches 167

The Hacker News

JULY 30, 2021

As many as eight Python packages that were downloaded more than 30,000 times have been removed from the PyPI portal for containing malicious code, once again highlighting how software package repositories are evolving into a popular target for supply chain attacks.

Software 113

Software 113

CyberSecurity Insiders

JULY 29, 2021

Death Kitty Ransomware that targeted South African Port Transnet has disrupted the networks, forcing the company to declare Force Majeure at Container Terminals and Cargo shifting, forcing the staff to switch to manual paper and pen work.

Ransomware 114

Ransomware Architecture Encryption Malware 114

Security Boulevard

JULY 26, 2021

The Covid-19 pandemic has brought massive and disruptive changes in the digital infrastructures and the lives of individuals and companies. This pandemic is the main reason why companies permit their employees to work from remote places/homes rather than their office premises.

Cybersecurity 114

Cybersecurity Ransomware Network Security 114

Tech Republic Security

JULY 26, 2021

If you want people to trust the photos and videos your business puts out, it might be time to start learning how to prove they haven't been tampered with

Authentication 166

Authentication 166

The Hacker News

JULY 28, 2021

A Chinese cyberespionage group known for targeting Southeast Asia leveraged flaws in the Microsoft Exchange Server that came to light earlier this March to deploy a previously undocumented variant of a remote access trojan (RAT) on compromised systems.

114

114

CyberSecurity Insiders

JULY 29, 2021

Many of you might search for tips that help in keeping phone hackers at bay. So Angus King, the member of secretive Senate Intelligence Committee, is giving advice that could help in keeping a cellphone secure and away from prying eyes.

Spyware 114

Spyware Mobile Internet Internet 114

Security Boulevard

JULY 26, 2021

With all of the focus on ransomware attacks, it’s easy to forget about the damage done by email phishing. Yet, new research from Vade shows that phishing has seen a meteoric rise in the first half of 2021, including a 281% increase in May and a 284% increase in June. And what they want is.

Phishing 114

Phishing Ransomware Social Engineering Engineering 114

Tech Republic Security

JULY 29, 2021

DEF CON 29 sold out of virtual passes, so tuning in on Twitch and Discord are the best options for attending online this year

162

162

The Hacker News

JULY 27, 2021

Apple on Monday rolled out an urgent security update for iOS, iPadOS, and macOS to address a zero-day flaw that it said may have been actively exploited, making it the thirteenth such vulnerability Apple has patched since the start of this year.

114

114

CyberSecurity Insiders

JULY 29, 2021

Cyber Security firm DarkTrace that uses the technology of Artificial Intelligence to track down cyber threats is nowadays busy protecting the computer network of British Fashion retailer Ted Baker.

Retail 113

Retail Artificial Intelligence Cyber Attacks Cyber threats 113