Expert insights. Personalized for you.
Before you use it to cartoonify your face, consider the risks to your data. Security Security / Privacy MORE
By failing to prepare you are preparing to fail – here’s what you can do today to minimize the impact of a potential ransomware attack in the future. The post 5 essential things to do before ransomware strikes appeared first on WeLiveSecurity. Cybersecurity MORE
After the recent ransomware attacks against Colonial Pipeline, JBS and others, there are new calls for the U.S. to hack back against cybercrimminals and hold nation-states responsible. So what now? MORE
Click Here to listen to the podcast on SoundCloud. We are honored to have Dr. Alex Tarter, CTO of Thales UK and co-founder of TurgenSec, and Breaches.UK on our podcast. Alex is a bit of a legend in the CISO space. MORE
Apple on Monday shipped out-of-band security patches to address two zero-day vulnerabilities in iOS 12.5.3 that it says are being actively exploited in the wild. The latest update, iOS 12.5.4, comes with three security fixes, including a memory corruption issue in the ASN.1 MORE
96 In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. MORE
Most medical and fitness apps in Google Play have tracking capabilities enabled and their data collection practices aren’t transparent. The post Most health apps engage in unhealthy data‑harvesting habits appeared first on WeLiveSecurity. Privacy MORE
Paul van Oorschot’s webpage contains a complete copy of his book: Computer Security and the Internet: Tools and Jewels. It’s worth reading. Uncategorized books computer security MORE
With the new era of Windows as a service, Microsoft is rolling out changes to the operating system twice a year. Many of those changes will allow you to improve your security posture and offer more security choices. MORE
Researchers have discovered a vulnerability in Peloton stationary bicycles, one that would give the attacker complete control over the device. The attack requires physical access to the Peloton, so it’s not really a practical attack. President Biden’s Peloton was not in danger MORE
155 Naftali Bennett, elected yesterday as Prime Minister of Israel , appears to be the first entrepreneur and executive from the cybersecurity industry to have become the head of a national government. MORE
Loss of revenue, brand and reputation damage, employee layoffs and business closures were some of the effects of a ransomware attack, according to Cybereason MORE
124 Online scammers use the name of international shipping company UPS to dupe consumers into participating in a survey giveaway scam. MORE
You know what’s not in my threat model? A meteor hitting a volcano…And that’s ok! Your threat modeling should be focused on the threats that are likely to impact your systems. So unless your system is your evil supervillain volcano lair, a meteor is likely out of scope. And unless you have giant space lasers, there’s not a lot you can do about that meteor. You’ll learn this, and more in my threat modeling courses, and speaking of which, we have some upcoming. MORE
100 Major American banks and various other parties serving them are each spending $1 Billion per year on cybersecurity, according to Bank of America’s CEO, Brian Moynihan. MORE
According to a report by Catalin Cimpanu at The Record , authorities in South Korea have filed charges against employees at a computer repair store. What are the nine charged employees of the unnamed company based in Seoul alleged to have done? MORE
In response to malicious actors targeting US federal IT systems and their supply chain, the President released the "Executive Order on Improving the Nation’s Cybersecurity (Executive Order)." MORE
Really interesting two part analysis of the audit conducted after the 2020 election in Windham, New Hampshire. MORE
Microsoft will retire the Windows 10 operating system on October 10, 2025. It’s the first time the company puts an expiration date on its current operating system, paving the way for its successor, Windows 11. MORE
Unaddressed cybersecurity threats can cause lost profits, regulatory fines and missed opportunities. Plus, as company leaders scramble to recover from attacks, making progress often takes weeks or months, severely disrupting business operations. MORE
I’m exploring the concept of very fast threat modeling videos, and have posted the first one. Feedback welcome! Threat Model Thursdays threat modeling MORE
100 Instagram has patched a new flaw that allowed anyone to view archived posts and stories posted by private accounts without having to follow them. This bug could have allowed a malicious user to view targeted media on Instagram," Mayur Fartade said in a Medium post today. "An MORE
Our mobile devices are not just a means to communicate with others. They’ve evolved into a data storage device, a video and sound recorder, as well as an easy way to access our bank accounts. MORE
Today I'm very happy to welcome the Finnish government to Have I Been Pwned by granting their National Cyber Security Centre full and free access to query their government domains. MORE
Thought I'd do a bit of AMA this week given the rest of the content was a bit lighter. If you like this sort of content then I'll try and be a bit more organised next time, give some notice and make more of an event out of it. MORE
In December last year, we reported how the email and mailing addresses of some 270,000 Ledger customers had been published on a hacking forum following a data breach. MORE
The U.S. Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. MORE
General Packet Radio Service (GPRS) is a mobile data standard that was widely used in the early 2000s. The first encryption algorithm for that standard was GEA-1, a stream cipher built on three linear-feedback shift registers and a non-linear combining function. MORE
With this year's Amazon Prime Day set for June 21-22, scammers are already touting "Early Prime Day Deals," says Bolster MORE
This article first appeared on Philippe Vallée’s LinkedIn. A woman contacts her bank to take out a mortgage on her first house. A group of teenagers excitedly buy tickets to see their favourite musician who is touring through their town. MORE
56% of all Microsoft critical vulnerabilities could have been mitigated by removing admin rights, according to the 2021 BeyondTrust Microsoft Vulnerabilities Report MORE
124 A string of cyber espionage campaigns dating all the way back to 2014 and focused on gathering military intelligence from neighbouring countries have been linked to a Chinese military-intelligence apparatus. MORE
This is a current list of where and when I am scheduled to speak: I’ll be part of a European Internet Forum virtual debate on June 17, 2021. The topic is “Decrypting the encryption debate: How to ensure public safety with a privacy-preserving and secure Internet?” MORE
Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group , a cybercriminal gang said to have extorted more than half a billion dollars from victims. MORE
TorrentFreak surveyed nineteen VPN providers, asking them questions about their privacy practices: what data they keep, how they respond to court order, what country they are incorporated in, and so on. Most interesting to me is the home countries of these companies. MORE
This is probably worth paying attention to: A change to TikTok’s U.S. privacy policy on Wednesday introduced a new section that says the social video app “may collect biometric identifiers and biometric information” from its users’ content. MORE
This is the third of three blogs in a series to help the energy and utility industries. You can read the first blog on Ransomware and Energy and Utilities and the second blog on Threat Intelligence and Energy and Utilities as well. MORE
Doctor Chaos
JUNE 15, 2021
Unaddressed cybersecurity threats can cause lost profits, regulatory fines and missed opportunities. Plus, as company leaders scramble to recover from attacks, making progress often takes weeks or months, severely disrupting business operations.
Lohrman on Security
JUNE 13, 2021
After the recent ransomware attacks against Colonial Pipeline, JBS and others, there are new calls for the U.S. to hack back against cybercrimminals and hold nation-states responsible. So what now?
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Hot for Security
JUNE 15, 2021
Our mobile devices are not just a means to communicate with others. They’ve evolved into a data storage device, a video and sound recorder, as well as an easy way to access our bank accounts.
Krebs on Security
JUNE 15, 2021
The U.S. Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware.
Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies
Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.
Schneier on Security
JUNE 17, 2021
General Packet Radio Service (GPRS) is a mobile data standard that was widely used in the early 2000s. The first encryption algorithm for that standard was GEA-1, a stream cipher built on three linear-feedback shift registers and a non-linear combining function.
Joseph Steinberg
JUNE 15, 2021
Major American banks and various other parties serving them are each spending $1 Billion per year on cybersecurity, according to Bank of America’s CEO, Brian Moynihan.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Krebs on Security
JUNE 16, 2021
Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group , a cybercriminal gang said to have extorted more than half a billion dollars from victims.
Schneier on Security
JUNE 14, 2021
This is probably worth paying attention to: A change to TikTok’s U.S. privacy policy on Wednesday introduced a new section that says the social video app “may collect biometric identifiers and biometric information” from its users’ content.
Doctor Chaos
JUNE 16, 2021
Click Here to listen to the podcast on SoundCloud. We are honored to have Dr. Alex Tarter, CTO of Thales UK and co-founder of TurgenSec, and Breaches.UK on our podcast. Alex is a bit of a legend in the CISO space.
Troy Hunt
JUNE 18, 2021
Thought I'd do a bit of AMA this week given the rest of the content was a bit lighter. If you like this sort of content then I'll try and be a bit more organised next time, give some notice and make more of an event out of it.
Krebs on Security
JUNE 18, 2021
In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years.
Schneier on Security
JUNE 16, 2021
TorrentFreak surveyed nineteen VPN providers, asking them questions about their privacy practices: what data they keep, how they respond to court order, what country they are incorporated in, and so on. Most interesting to me is the home countries of these companies.
Joseph Steinberg
JUNE 14, 2021
Naftali Bennett, elected yesterday as Prime Minister of Israel , appears to be the first entrepreneur and executive from the cybersecurity industry to have become the head of a national government.
Hot for Security
JUNE 18, 2021
According to a report by Catalin Cimpanu at The Record , authorities in South Korea have filed charges against employees at a computer repair store. What are the nine charged employees of the unnamed company based in Seoul alleged to have done?
We Live Security
JUNE 18, 2021
By failing to prepare you are preparing to fail – here’s what you can do today to minimize the impact of a potential ransomware attack in the future. The post 5 essential things to do before ransomware strikes appeared first on WeLiveSecurity. Cybersecurity
Schneier on Security
JUNE 18, 2021
Researchers have discovered a vulnerability in Peloton stationary bicycles, one that would give the attacker complete control over the device. The attack requires physical access to the Peloton, so it’s not really a practical attack. President Biden’s Peloton was not in danger
CSO Magazine
JUNE 15, 2021
With the new era of Windows as a service, Microsoft is rolling out changes to the operating system twice a year. Many of those changes will allow you to improve your security posture and offer more security choices.
Hot for Security
JUNE 16, 2021
Microsoft will retire the Windows 10 operating system on October 10, 2025. It’s the first time the company puts an expiration date on its current operating system, paving the way for its successor, Windows 11.
Adam Shostack
JUNE 17, 2021
I’m exploring the concept of very fast threat modeling videos, and have posted the first one. Feedback welcome! Threat Model Thursdays threat modeling
Schneier on Security
JUNE 15, 2021
Really interesting two part analysis of the audit conducted after the 2020 election in Windham, New Hampshire.
The Hacker News
JUNE 15, 2021
Instagram has patched a new flaw that allowed anyone to view archived posts and stories posted by private accounts without having to follow them. This bug could have allowed a malicious user to view targeted media on Instagram," Mayur Fartade said in a Medium post today. "An
Hot for Security
JUNE 16, 2021
Online scammers use the name of international shipping company UPS to dupe consumers into participating in a survey giveaway scam.
Adam Shostack
JUNE 15, 2021
You know what’s not in my threat model? A meteor hitting a volcano…And that’s ok! Your threat modeling should be focused on the threats that are likely to impact your systems. So unless your system is your evil supervillain volcano lair, a meteor is likely out of scope. And unless you have giant space lasers, there’s not a lot you can do about that meteor. You’ll learn this, and more in my threat modeling courses, and speaking of which, we have some upcoming.
Schneier on Security
JUNE 14, 2021
This is a current list of where and when I am scheduled to speak: I’ll be part of a European Internet Forum virtual debate on June 17, 2021. The topic is “Decrypting the encryption debate: How to ensure public safety with a privacy-preserving and secure Internet?”
The Hacker News
JUNE 14, 2021
Apple on Monday shipped out-of-band security patches to address two zero-day vulnerabilities in iOS 12.5.3 that it says are being actively exploited in the wild. The latest update, iOS 12.5.4, comes with three security fixes, including a memory corruption issue in the ASN.1
WIRED Threat Level
JUNE 12, 2021
Before you use it to cartoonify your face, consider the risks to your data. Security Security / Privacy
Tech Republic Security
JUNE 17, 2021
With this year's Amazon Prime Day set for June 21-22, scammers are already touting "Early Prime Day Deals," says Bolster
Schneier on Security
JUNE 17, 2021
Paul van Oorschot’s webpage contains a complete copy of his book: Computer Security and the Internet: Tools and Jewels. It’s worth reading. Uncategorized books computer security
The Hacker News
JUNE 18, 2021
A string of cyber espionage campaigns dating all the way back to 2014 and focused on gathering military intelligence from neighbouring countries have been linked to a Chinese military-intelligence apparatus.
We Live Security
JUNE 17, 2021
Most medical and fitness apps in Google Play have tracking capabilities enabled and their data collection practices aren’t transparent. The post Most health apps engage in unhealthy data‑harvesting habits appeared first on WeLiveSecurity. Privacy
Tech Republic Security
JUNE 16, 2021
Loss of revenue, brand and reputation damage, employee layoffs and business closures were some of the effects of a ransomware attack, according to Cybereason
CyberSecurity Insiders
JUNE 18, 2021
This is the third of three blogs in a series to help the energy and utility industries. You can read the first blog on Ransomware and Energy and Utilities and the second blog on Threat Intelligence and Energy and Utilities as well.
The Hacker News
JUNE 14, 2021
In response to malicious actors targeting US federal IT systems and their supply chain, the President released the "Executive Order on Improving the Nation’s Cybersecurity (Executive Order)."
Hot for Security
JUNE 17, 2021
In December last year, we reported how the email and mailing addresses of some 270,000 Ledger customers had been published on a hacking forum following a data breach.
Tech Republic Security
JUNE 15, 2021
56% of all Microsoft critical vulnerabilities could have been mitigated by removing admin rights, according to the 2021 BeyondTrust Microsoft Vulnerabilities Report
CyberSecurity Insiders
JUNE 18, 2021
This article first appeared on Philippe Vallée’s LinkedIn. A woman contacts her bank to take out a mortgage on her first house. A group of teenagers excitedly buy tickets to see their favourite musician who is touring through their town.
Let's personalize your content