Krebs on Security

OCTOBER 4, 2021

Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages.

Internet 269

Internet Internet DNS Marketing 269

Schneier on Security

OCTOBER 11, 2021

It’s not actually banned in the EU yet — the legislative process is much more complicated than that — but it’s a step: a total ban on biometric mass surveillance.

Surveillance 253

Surveillance 253

Lohrman on Security

OCTOBER 10, 2021

By almost any measure, the breadth, depth and impact of data breaches have dramatically increased during the COVID-19 pandemic. Here’s a roundup of the numbers

Data breaches 184

Data breaches 184

Troy Hunt

OCTOBER 9, 2021

A lot of cyber things this week: loads of data breach (or "scrape", In LinkedIn's case) incidents, Windows 11 upgrade experiences and then bricking my house courtesy of a Home Assistant update that fundamentally changed the Tuya integration.

Password Management 177

Password Management Data breaches Passwords 177

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

Marketing

The Last Watchdog

OCTOBER 11, 2021

Software today is built on a combination of open source and proprietary software packages. Developers can reuse and build on the packages created by others, which results in the rapid creation of new capabilities and technologies. Related: How SBOM factors into DevSecOps. This reuse creates dependencies, all of which don’t necessarily stay updated at the same pace.

Software 139

Software Authentication Technology Government 139

Joseph Steinberg

OCTOBER 4, 2021

Cybersecurity Awareness Month is Here! In October, people across America commemorate Cybersecurity Awareness Month, a national observance jointly established in 2004 by the U.S. Department of Homeland Security (DHS) and the National Cyber Security Alliance.

Education 130

Education Artificial Intelligence Cybersecurity Government 130

Schneier on Security

OCTOBER 15, 2021

Even before Apple made its announcement , law enforcement shifted their battle for backdoors to client-side scanning. The idea is that they wouldn’t touch the cryptography, but instead eavesdrop on communications and systems before encryption or after decryption.

Risk 218

Risk Encryption 218

Lohrman on Security

OCTOBER 3, 2021

The Cyber Incident Notification Act of 2021 would require reporting cyber incidents impacting critical infrastructure to the Cybersecurity and Infrastructure Security Agency (CISA) within 24 hours

Data breaches 148

Data breaches Cybersecurity 148

Troy Hunt

OCTOBER 15, 2021

I had a bunch of false starts with this one. I don't know if it was just OBS or something else, but we got there after several failed attempts and me resorting to reading Gov Parson's nutty tweets until it all started working. "Nutty"

Data breaches 135

Data breaches Media Hacking 135

Security Boulevard

OCTOBER 14, 2021

In early October 2021, director of the NSA and U.S. Cyber Command General Paul Nakasone spoke at the 2021 Mandiant Cyber Defense Summit. In his speech, Nakasone detailed numerous ongoing influence operations and outlined how the entities he commands are tackling nation-state threats.

Artificial Intelligence 114

Artificial Intelligence Social Engineering Engineering Risk 114

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

Data privacy

The Last Watchdog

OCTOBER 4, 2021

It is no secret that there is, and has been for some time, a shortage of trained cyber security professionals in corporate IT Security teams. The Wharton School of the University of Pennsylvania observed that “nowhere is the workforce-skills gap more pronounced than in cybersecurity.”. Related: Deploying ‘human’ sensors’ According to data gathered by CyberSeek under a Commerce Department grant, there are currently nearly 465,000 unfilled cyber jobs across the US alone.

Cybersecurity 123

Cybersecurity Education Cybercrime Marketing 123

Krebs on Security

OCTOBER 1, 2021

The U.S.

Wireless 186

Wireless Mobile Passwords Authentication 186

Schneier on Security

OCTOBER 1, 2021

The Wall Street Journal is reporting on a baby’s death at an Alabama hospital in 2019, which they argue was a direct result of the ransomware attack the hospital was undergoing.

Ransomware 239

Ransomware Healthcare Accountability Cybercrime 239

Javvad Malik

OCTOBER 6, 2021

October is National Cyber Security Awareness Month. . Delivering effective cyber security awareness is an ongoing process, and not one that can be solved in one month a year. But that doesn’t mean we shouldn’t try. Staying safe online has many similarities with staying safe on the line aka tightrope walking. It involves a delicate mix of courage, foolhardiness, balance, poise, and the threat of falling to a horrible death.

Security Awareness 122

Security Awareness Backups Education Passwords 122

Tech Republic Security

OCTOBER 6, 2021

Unrelated to other recent problems Facebook has had, this particular batch of data was scraped from profiles, meaning it's publicly available knowledge. That doesn't stop it from being dangerous

171

171

CSO Magazine

OCTOBER 14, 2021

REvil is a ransomware-as-a-service (RaaS) operation that has extorted large amounts of money from organizations worldwide over the past year. Its name stands for Ransomware Evil and was inspired by the Resident Evil movie series.

CSO 109

CSO Ransomware 109

Security Boulevard

OCTOBER 11, 2021

A new article on WNEP is reporting on experts who claim that cyber attacks are getting worse. Not surprising at the top of the list is ransomware attacks., which have made headlines, crippling healthcare computer systems, 9-1-1 centers, stopping work on gas pipelines, and more.

Cyber Attacks 110

Cyber Attacks Healthcare Ransomware Software 110

Krebs on Security

OCTOBER 12, 2021

Microsoft today issued updates to plug more than 70 security holes in its Windows operating systems and other software, including one vulnerability that is already being exploited. This month’s Patch Tuesday also includes security fixes for the newly released Windows 11 operating system.

Backups 161

Backups Engineering Internet Internet 161

Schneier on Security

OCTOBER 12, 2021

I feel sorry for the accused : The “security incident” that forced a New-York bound flight to make an emergency landing at LaGuardia Airport on Saturday turned out to be a misunderstanding — after an airline passenger mistook another traveler’s camera for a bomb, sources said Sunday.

221

221

The Last Watchdog

OCTOBER 13, 2021

In recent years, brands have started butting up against the line between convenience and privacy. Shoppers love the convenience of personalized experiences that their data powers, but then horror stories such as the Cambridge Analytica scandal make people skeptical about how much information companies should be collecting and sharing. Related: Apple battles Facebook over consumer privacy.

eCommerce 107

eCommerce Data collection Consumer Protection Marketing 107

Tech Republic Security

OCTOBER 11, 2021

Over the second quarter of the year, 73% of ransomware detections were related to the REvil/Sodinokibi family, while Darkside attacks expanded to more industries, McAfee says

Ransomware 164

Ransomware 164

CSO Magazine

OCTOBER 12, 2021

To fully digitize the last mile of business, you need to distribute compute power where it's needed most -- right next to IoT devices that collect data from the real world

Architecture 112

Architecture IoT 112

Security Affairs

OCTOBER 9, 2021

Security expert Dhiraj Mishra published an NMAP script for the CVE-2021-41773 Path Traversal vulnerability affecting Apache Web Server version 2.4.49.

Technology 112

Technology Software Cybersecurity Information Security 112

Krebs on Security

OCTOBER 13, 2021

A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process.

Passwords 150

Passwords Accountability Scams Web Fraud 150

Schneier on Security

OCTOBER 14, 2021

New paper: “ This Person (Probably) Exists. Identity Membership Attacks Against GAN Generated Faces. Abstract: Recently, generative adversarial networks (GANs) have achieved stunning realism, fooling even human observers.

180

180

Dark Reading

OCTOBER 6, 2021

CEOs of the two breached companies said their priorities instantly shifted to joining the response efforts when they first learned of attacks on their systems

113

113

Tech Republic Security

OCTOBER 6, 2021

Anyone who needs to hide away sections of text in Google Documents should give this handy add-on a try

Encryption 165

Encryption 165

CSO Magazine

OCTOBER 12, 2021

There has been an exponential increase in cyberattacks around the globe in the last five years and a major chunk of it happened in October each year, according to a study by InfoSec Institute.

InfoSec 111

InfoSec 111

Security Affairs

OCTOBER 12, 2021

Microsoft Azure cloud service mitigated a massive DDoS attack of 2.4 terabytes per second (Tbps) at the end of August, it is the largest DDoS attack to date. Microsoft announced that its Azure cloud service mitigated a 2.4

DDOS 108

DDOS Internet Internet Information Security 108

We Live Security

OCTOBER 7, 2021

ESET researchers discover a malware family with tools that show signs they’re used in targeted attacks. The post FontOnLake: Previously unknown malware family targeting Linux appeared first on WeLiveSecurity. Malware backdoor Linux rootkit

Malware 111

Malware 111

Schneier on Security

OCTOBER 14, 2021

This is a current list of where and when I am scheduled to speak: I’ll be speaking at an Informa event on November 29, 2021. Details to come. The list is maintained on this page

174

174

Security Boulevard

OCTOBER 15, 2021

The Missouri Department of Education website was leaking teachers’ social security numbers. A local journalist, Josh Renaud, spotted the PII flaw and reported it to the department, giving them plenty of time to fix the leak. But the state governor accused Renaud of hacking. Specifically, Gov.

Hacking 100

Hacking Security Awareness Risk Education 100

Tech Republic Security

OCTOBER 14, 2021

The new ransomware family, called Yanluowang, appears to still be under development and lacks some sophisticated features found in similar code. Nonetheless, Symantec said, it's dangerous

Software 152

Software Ransomware 152

CSO Magazine

OCTOBER 11, 2021

Some of the changes to IT environments prompted by the COVID-19 pandemic—primarily work-from-home (WFH) and cloud adoption—are here to stay and will require long-term revisions to enterprise cybersecurity strategies.

Cybersecurity 109

Cybersecurity 109

Security Affairs

OCTOBER 5, 2021

An unnamed ransomware gang used a custom Python script to target VMware ESXi and encrypt all the virtual machines hosted on the server.

Encryption 114

Encryption Ransomware Passwords Accountability 114