Expert insights. Personalized for you.
The Information Technology (IT) industry is growing, and the technologies that are made available tend to grow in number and complexity as well. With more and more people working from home or any remote location, it’s no surprise that cybersecurity threats are becoming more prevalent. MORE
"PwnedPiper" flaws could allow attackers to disrupt delivery of lab samples or steal hospital employee credentials, new research shows MORE
75 
Unsanctioned software and applications running on corporate mobile devices is a security nightmare. MORE
?. This interview was cross-posted from the Veracode Community. With his third consecutive championship in the Secure Coding Challenge – the monthly coding competition in the Veracode Community – Hans Dam is the first in the community to clinch the title of Secure Code Champion. MORE
The tech may seem antiquated, but it poses very modern cybersecurity problems. Security Security / Cyberattacks and Hacks MORE
Did you ever stop to think that the office smart TV used for company presentations, Zoom meetings, and other work-related activities may not be so trustworthy? In our latest video, we demonstrate an attack scenario that can occur within any organization – hacking a smart TV. MORE
IT workloads are increasingly moving to the cloud, changing the way organizations develop and deliver software. Deploying and running production systems is now separate from the hardware and network, infrastructure is defined through code, and operations are now part of cloud service APIs. MORE
You’ve likely heard of ransomware, the highly profitable cybercrime through which malicious actors gain unauthorized access to sensitive data and hold it hostage in exchange for a ransom, typically paid in cryptocurrency. With that in mind, you’re likely wondering “What is ransomware as a service?” MORE
A story of how easily hackers could hit a hole-in-one with the computer network of a premier golf club in the UK. The post On course for a good hacking appeared first on WeLiveSecurity. Hacking MORE
Cybersecurity researchers on Monday disclosed a set of nine vulnerabilities known as "PwnedPiper" that left a widely-used pneumatic tube system (PTS) vulnerable to critical attacks, including a possibility of complete takeover. MORE
By Brian Stoner, Vice President, Service Providers at Stellar Cyber. As the cybersecurity threat landscape is evolving so is the way we need to look at those threats. The drumbeat of new breaches is continuous. MORE
A vulnerability in the open-source cdnjs CDN could have enabled cyberattacks on the 12.7% of ALL websites that rely on its JavaScript and CSS libraries, with hackers taking over systems or propagating flaws to millions of websites. MORE
Last week, a new open-source Registry Editor was released that puts Windows Regedit software to shame by supporting a host of advanced features, making editing the Registry easier than ever. [.]. Microsoft Software MORE
Security researchers have devised a way to block the recently disclosed PetitPotam attack vector that allows hackers to take control of a Windows domain controller easily. [.]. Microsoft Security MORE
93 Plus: A sneaky iOS app, a wiper attack in Iran, and more of the week's top security news. Security Security / Security News MORE
87 Threat actors that hacked Electronic Arts in June have leaked full data dump stolen from the company after the failure of the negotiation with the victim. In June, hackers have compromised the network of the gaming giant Electronic Arts (EA) and claimed to have stolen approximately 780 GB of data. MORE
Kaspersky experts spotted a previously undocumented Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange flaws in attacks on high-profile victims. MORE
Ernst & Young Australia has made it official that it is going to acquire Cloud Security Company SecureWorx that offers managed security solutions to National Network Operations Centre (NOC) and Secure Operations Centre (SOC). MORE
Healthcare and education sectors are the frequent targets of a new surge in credential harvesting activity from what's a "highly modular".NET-based MORE
This article was originally published in The Hacker News. The post How to stop your exposed API business logic from being breached appeared first on Security Boulevard. Security Bloggers Network API security CISOs Cybersecurity MORE
Leading a team is kind of like when a burglar alarm goes off and "you're the police," says the head of cybersecurity at ExpressVPN MORE
116 Don’t let myths undermine the security of financial software. We examine the seven myths and misconceptions found in FSI application security. The post Debunking the seven myths of FSI application security appeared first on Software Integrity Blog. MORE
Cybersecurity researchers disclosed multiple flaws, dubbed PwnedPiper , that left a widely-used pneumatic tube system (PTS) vulnerable to attacks. MORE
Of course this is hackable: A sophisticated telecommunications satellite that can be completely repurposed while in space has launched. […]. Because the satellite can be reprogrammed in orbit, it can respond to changing demands during its lifetime. […]. MORE
You can add an SSH tarpit to Ubuntu Server with the help of endlessh. Jack Wallen shows you how MORE
99 An attacker could exploit a vulnerability in the WordPress Download Manager plugin, tracked as CVE-2021-34639, to execute arbitrary code under specific configurations. MORE
A new highly capable and persistent threat actor has been targeting major high-profile public and private entities in the U.S. as part of a series of targeted cyber intrusion attacks by exploiting internet-facing Microsoft Internet Information Services (IIS) servers to infiltrate their networks. MORE
No matter an organization's size or complexity, cybersecurity is a team sport. Departments and individuals across the board have a stake in ensuring that assets and data remain secure. Just like a successful sports team, collaboration among the players is essential. MORE
As vulnerabilities are discovered, advisories are issued, remedies and mitigations are shared and then the onus is on the end user and/or company to do what’s necessary to close the window into their infrastructure. MORE
A new presidential directive announced that performance standards will be released for critical infrastructure operated by the public sector and private companies to bolster national cybersecurity MORE
135 
Category News, Privacy Risk Level. Gone are the days where the term “invasion” was, in most cases, jovially preceded by the word “Alien” and a subsequent discussion on the likelihood of extraterrestrial life existing in the cosmos. MORE
Organizations hit by ransomware attacks also report tightened budgets and lingering impacts on productivity, profitability and security posture, suggesting the extensive damage caused in the wake of ransomware attacks has long-lasting effects. A Keeper Security survey of 2,000 U.S.-based MORE
Our thanks to Security BSides Athens for publishing their outstanding Security BSides Athens 2021 Conference videos on the groups' YouTube channel. Permalink. MORE
In less than a decade, SOAR — security orchestration, automation and response — has rapidly matured into an engrained component of the security technology stack in many enterprises. Related: Equipping SOCs for the long haul. SOAR has done much since it entered the cybersecurity lexicon to relieve the cybersecurity skills shortage. SOAR leverages automation and machine learning to correlate telemetry flooding in from multiple security systems. MORE
Author: Dave Armlin, VP Customer Success, ChaosSearch. DevOps has become the dominant software development and deployment methodology over the past decade. MORE
Schneier on Security
AUGUST 2, 2021
Of course this is hackable: A sophisticated telecommunications satellite that can be completely repurposed while in space has launched. […]. Because the satellite can be reprogrammed in orbit, it can respond to changing demands during its lifetime. […].
Lohrman on Security
AUGUST 1, 2021
A new presidential directive announced that performance standards will be released for critical infrastructure operated by the public sector and private companies to bolster national cybersecurity
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Doctor Chaos
AUGUST 1, 2021
The Information Technology (IT) industry is growing, and the technologies that are made available tend to grow in number and complexity as well. With more and more people working from home or any remote location, it’s no surprise that cybersecurity threats are becoming more prevalent.
The Last Watchdog
AUGUST 2, 2021
In less than a decade, SOAR — security orchestration, automation and response — has rapidly matured into an engrained component of the security technology stack in many enterprises. Related: Equipping SOCs for the long haul. SOAR has done much since it entered the cybersecurity lexicon to relieve the cybersecurity skills shortage. SOAR leverages automation and machine learning to correlate telemetry flooding in from multiple security systems.
Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies
Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.
Security Boulevard
AUGUST 1, 2021
Organizations hit by ransomware attacks also report tightened budgets and lingering impacts on productivity, profitability and security posture, suggesting the extensive damage caused in the wake of ransomware attacks has long-lasting effects. A Keeper Security survey of 2,000 U.S.-based
CyberSecurity Insiders
AUGUST 1, 2021
Author: Dave Armlin, VP Customer Success, ChaosSearch. DevOps has become the dominant software development and deployment methodology over the past decade.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Affairs
JULY 31, 2021
Threat actors that hacked Electronic Arts in June have leaked full data dump stolen from the company after the failure of the negotiation with the victim. In June, hackers have compromised the network of the gaming giant Electronic Arts (EA) and claimed to have stolen approximately 780 GB of data.
Security Boulevard
AUGUST 2, 2021
A vulnerability in the open-source cdnjs CDN could have enabled cyberattacks on the 12.7% of ALL websites that rely on its JavaScript and CSS libraries, with hackers taking over systems or propagating flaws to millions of websites.
CyberSecurity Insiders
AUGUST 1, 2021
By Brian Stoner, Vice President, Service Providers at Stellar Cyber. As the cybersecurity threat landscape is evolving so is the way we need to look at those threats. The drumbeat of new breaches is continuous.
WIRED Threat Level
AUGUST 2, 2021
The tech may seem antiquated, but it poses very modern cybersecurity problems. Security Security / Cyberattacks and Hacks
Tech Republic Security
AUGUST 2, 2021
Leading a team is kind of like when a burglar alarm goes off and "you're the police," says the head of cybersecurity at ExpressVPN
Security Boulevard
AUGUST 1, 2021
Our thanks to Security BSides Athens for publishing their outstanding Security BSides Athens 2021 Conference videos on the groups' YouTube channel. Permalink.
CyberSecurity Insiders
AUGUST 1, 2021
Ernst & Young Australia has made it official that it is going to acquire Cloud Security Company SecureWorx that offers managed security solutions to National Network Operations Centre (NOC) and Secure Operations Centre (SOC).
Approachable Cyber Threats
AUGUST 2, 2021
Category News, Privacy Risk Level. Gone are the days where the term “invasion” was, in most cases, jovially preceded by the word “Alien” and a subsequent discussion on the likelihood of extraterrestrial life existing in the cosmos.
SiteLock
AUGUST 2, 2021
You’ve likely heard of ransomware, the highly profitable cybercrime through which malicious actors gain unauthorized access to sensitive data and hold it hostage in exchange for a ransom, typically paid in cryptocurrency. With that in mind, you’re likely wondering “What is ransomware as a service?”
Security Boulevard
AUGUST 2, 2021
Don’t let myths undermine the security of financial software. We examine the seven myths and misconceptions found in FSI application security. The post Debunking the seven myths of FSI application security appeared first on Software Integrity Blog.
WIRED Threat Level
JULY 31, 2021
Plus: A sneaky iOS app, a wiper attack in Iran, and more of the week's top security news. Security Security / Security News
The Hacker News
AUGUST 2, 2021
Cybersecurity researchers on Monday disclosed a set of nine vulnerabilities known as "PwnedPiper" that left a widely-used pneumatic tube system (PTS) vulnerable to critical attacks, including a possibility of complete takeover.
Dark Reading
AUGUST 2, 2021
"PwnedPiper" flaws could allow attackers to disrupt delivery of lab samples or steal hospital employee credentials, new research shows
Security Boulevard
AUGUST 1, 2021
As vulnerabilities are discovered, advisories are issued, remedies and mitigations are shared and then the onus is on the end user and/or company to do what’s necessary to close the window into their infrastructure.
Security Affairs
AUGUST 1, 2021
An attacker could exploit a vulnerability in the WordPress Download Manager plugin, tracked as CVE-2021-34639, to execute arbitrary code under specific configurations.
The Hacker News
AUGUST 2, 2021
A new highly capable and persistent threat actor has been targeting major high-profile public and private entities in the U.S. as part of a series of targeted cyber intrusion attacks by exploiting internet-facing Microsoft Internet Information Services (IIS) servers to infiltrate their networks.
Bleeping Computer
AUGUST 1, 2021
Last week, a new open-source Registry Editor was released that puts Windows Regedit software to shame by supporting a host of advanced features, making editing the Registry easier than ever. [.]. Microsoft Software
Security Boulevard
AUGUST 1, 2021
This article was originally published in The Hacker News. The post How to stop your exposed API business logic from being breached appeared first on Security Boulevard. Security Bloggers Network API security CISOs Cybersecurity
Security Affairs
AUGUST 2, 2021
Did you ever stop to think that the office smart TV used for company presentations, Zoom meetings, and other work-related activities may not be so trustworthy? In our latest video, we demonstrate an attack scenario that can occur within any organization – hacking a smart TV.
The Hacker News
AUGUST 2, 2021
Healthcare and education sectors are the frequent targets of a new surge in credential harvesting activity from what's a "highly modular".NET-based
Tech Republic Security
AUGUST 2, 2021
You can add an SSH tarpit to Ubuntu Server with the help of endlessh. Jack Wallen shows you how
Security Boulevard
AUGUST 2, 2021
IT workloads are increasingly moving to the cloud, changing the way organizations develop and deliver software. Deploying and running production systems is now separate from the hardware and network, infrastructure is defined through code, and operations are now part of cloud service APIs.
Security Affairs
AUGUST 1, 2021
Kaspersky experts spotted a previously undocumented Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange flaws in attacks on high-profile victims.
We Live Security
AUGUST 2, 2021
A story of how easily hackers could hit a hole-in-one with the computer network of a premier golf club in the UK. The post On course for a good hacking appeared first on WeLiveSecurity. Hacking
CSO Magazine
AUGUST 2, 2021
No matter an organization's size or complexity, cybersecurity is a team sport. Departments and individuals across the board have a stake in ensuring that assets and data remain secure. Just like a successful sports team, collaboration among the players is essential.
Security Affairs
AUGUST 2, 2021
Cybersecurity researchers disclosed multiple flaws, dubbed PwnedPiper , that left a widely-used pneumatic tube system (PTS) vulnerable to attacks.
Security Boulevard
AUGUST 2, 2021
?. This interview was cross-posted from the Veracode Community. With his third consecutive championship in the Secure Coding Challenge – the monthly coding competition in the Veracode Community – Hans Dam is the first in the community to clinch the title of Secure Code Champion.
Bleeping Computer
AUGUST 2, 2021
Security researchers have devised a way to block the recently disclosed PetitPotam attack vector that allows hackers to take control of a Windows domain controller easily. [.]. Microsoft Security
CSO Magazine
AUGUST 2, 2021
Unsanctioned software and applications running on corporate mobile devices is a security nightmare.
Let's personalize your content