Dark Reading

AUGUST 11, 2022

Industry standards would provide predictable and understandable IoT security frameworks.

IoT 145

IoT Security 145

Krebs on Security

AUGUST 10, 2022

One way to tame your email inbox is to get in the habit of using unique email aliases when signing up for new accounts online. Adding a “+” character after the username portion of your email address — followed by a notation specific to the site you’re signing up at — lets you create an infinite number of unique email addresses tied to the same account.

Security 221

Security Data breaches Passwords Retail 221

Data Breach Today

AUGUST 6, 2022

Vulnerability Allowed Threat Actors to Gain Access to Personal Information Twitter confirms that a zero-day vulnerability allowed threat actors to gain access to the personal information of 5.4 million user account profiles. The company was notified about this specific vulnerability in Twitter's systems through their bug bounty program in January.

Access 274

Access 274

The Last Watchdog

AUGUST 10, 2022

Technology provides opportunities to positively impact the world and improve lives. Related: Why facial recognition ought to be regulated. It also delivers new ways to commit crimes and fraud. The U.S. Federal Bureau of Investigation (FBI) issued a public warning in June 2022 about a new kind of fraud involving remote work and deepfakes. The making of Deepfakes.

Education 229

Education Cybersecurity Authentication IT 229

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR, the EU’s flagship data privacy and “right to be forgotten” regulation, has made the stakes of a data breach higher than ever.

Data Privacy 145

Data Privacy Compliance Privacy Security 145

Data Breach Today

AUGUST 10, 2022

Monthly Dump Includes Patches for 141 Flaws, Including 17 'Critical' Fixes More than two years after being notified of it, Microsoft issued a fix for a Microsoft Windows Support Diagnostic Tool vulnerability known as DogWalk. The fix is part of the operating system giant's newest Patch Tuesday dump, which includes patches for 141 flaws.

IT 350

IT 350

The Last Watchdog

AUGUST 8, 2022

Our technological world is advancing at dizzying speeds. Related: The coming of a ‘bio digital twin” Over the last decade, we have seen the introduction of 4G and 5G telecommunication service, the iPad, Instagram, and the introduction, acceptance, and adoption of cloud services from Microsoft, Google, and Amazon, as well as cloud computing.

Security 214

Security Artificial Intelligence Risk Access 214

Security Affairs

AUGUST 7, 2022

A massive cyberattack hit the website of the German Chambers of Industry and Commerce (DIHK) this week. A massive attack hit the website of the German Chambers of Industry and Commerce (DIHK) forcing the organization to shut down its IT systems as a precautionary measure for security reasons. Aktuell wird intensiv an Lösung und Abwehr gearbeitet. Wir informieren Sie hier, welche Anwendungen wieder funktionsfähig sind: [link] #IHK #DIHK pic.twitter.com/5OHMOLH7Mz — DIHK (@DIHK_News) August

Ransomware 144

Ransomware Security IT Information Security 144

Krebs on Security

AUGUST 12, 2022

The Department of Homeland Security (DHS) is urging states and localities to beef up security around proprietary devices that connect to the Emergency Alert System — a national public warning system used to deliver important emergency information, such as severe weather and AMBER alerts. The DHS warning came in advance of a workshop to be held this weekend at the DEFCON security conference in Las Vegas, where a security researcher is slated to demonstrate multiple weaknesses in the nationw

Passwords 209

Passwords Manufacturing Security Risk 209

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Data Breach Today

AUGUST 9, 2022

Victims Often Attacked Simultaneously by Multiple Ransomware Groups Cybercriminals monitor leak sites for newly listed ransomware victims in a bid to try their own hand at dropping encryption malware, says Sophos. The cybersecurity firm says it's seen an uptick in incidents involving multiple criminal gangs demanding a ransom for unencrypted victims' files.

Ransomware 328

Ransomware Encryption Cybersecurity IT 328

Schneier on Security

AUGUST 8, 2022

Quantum computing is a completely new paradigm for computers. A quantum computer uses quantum properties such as superposition, which allows a qubit (a quantum bit) to be neither 0 nor 1, but something much more complicated. In theory, such a computer can solve problems too complex for conventional computers. Current quantum computers are still toy prototypes, and the engineering advances required to build a functionally useful quantum computer are somewhere between a few years away and impossib

Encryption 140

Encryption Security Information Security Privacy 140

Security Affairs

AUGUST 9, 2022

Cybersecurity researchers from Kaspersky linked the Maui ransomware to the North Korea-backed Andariel APT group. Kaspersky linked with medium confidence the Maui ransomware operation to the North Korea-backed APT group Andariel , which is considered a division of the Lazarus APT Group, . North Korean nation-state actors used Maui ransomware to encrypt servers providing healthcare services, including electronic health records services, diagnostics services, imaging services, and intranet servic

Ransomware 144

Ransomware Computer and Electronics Encryption Government 144

IT Governance

AUGUST 9, 2022

Welcome to our August 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over their personal data. This month, we look at a scam targeting verified Twitter users and the latest in a series of phishing campaigns that are designed to steal the contents of cryptocurrency wallets.

Phishing 137

Phishing Passwords Authentication Blockchain 137

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Data Breach Today

AUGUST 10, 2022

An ISMG Overview of the Technology Buzz Leading Up to Black Hat Conference 2022 ISMG caught up with 11 security executives in Las Vegas on Tuesday to discuss everything from open-source intelligence and Web3 security to training new security analysts and responding to directory attacks. Here's a look at some of the most interesting things we heard from industry leaders.

Security 318

Security 318

Threatpost

AUGUST 11, 2022

Belgian researcher Lennert Wouters revealed at Black Hat how he mounted a successful fault injection attack on a user terminal for SpaceX’s satellite-based internet system.

IoT 137

IoT 137

Security Affairs

AUGUST 10, 2022

Cisco discloses a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. Cisco disclosed a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. The investigation conducted by Cisco Security Incident Response (CSIRT) and Cisco Talos revealed that threat actors compromised a Cisco employee’s credentials after they gained control of a personal Google account where credential

Ransomware 136

Ransomware Phishing Authentication Access 136

eSecurity Planet

AUGUST 10, 2022

From mass production of cheap malware to ransomware as a service (RaaS) , cyber criminals have industrialized cybercrime, and a new HP Wolf Security report warns that cybercriminals are adapting advanced persistent threat (APT) tactics too. That means hackers will increasingly mimic nation-state threat groups by establishing a long-term presence inside networks to mine highly sensitive data.

Ransomware 132

Ransomware Digital transformation Access Cybersecurity 132

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Data Breach Today

AUGUST 8, 2022

Penalties for Anyone in US Jurisdiction Who Uses the Cryptocurrency Mixer The federal government today sanctioned Tornado Cash. The Department of Treasury ordered assets of the Ethereum blockchain cryptocurrency mixer to be frozen and says civil and potentially criminal penalties await anyone under U.S. jurisdiction who uses the service.

Blockchain 299

Blockchain IT Government 299

Dark Reading

AUGUST 11, 2022

Ransomware gang gained access to the company's VPN in May by convincing an employee to accept a multifactor authentication (MFA) push notification.

Data breaches 135

Data breaches Authentication Ransomware Access 135

Security Affairs

AUGUST 7, 2022

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 millio

Security 142

Security Manufacturing Passwords Ransomware 142

eSecurity Planet

AUGUST 8, 2022

Companies spend a staggering amount of money on cybersecurity products to defend their networks and data from hackers, but a couple of industry pros say that money is wasted if companies don’t change their internal cybersecurity culture. In September 2021, Cybersecurity Ventures anticipated in a report that the total global cybersecurity spending would exceed a staggering $1.75 trillion by 2025.

Cybersecurity 128

Cybersecurity Communications Security Security awareness 128

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Data Breach Today

AUGUST 12, 2022

Scam Uses 'Secure Message' Theme and Trojan to Harvest Credentials A "secure message-themed" phishing campaign targeting healthcare providers aims to lure recipients to an Evernote notepad website in an attempt by hackers to harvest security credentials, federal authorities warn, saying the scheme puts entities at risk for potential data security compromises.

Phishing 286

Phishing Risk Security 286

Hunton Privacy

AUGUST 9, 2022

On July 27, 2022, Google announced that it is delaying its plans to phase out third-party cookies in the Chrome web browser. Google’s Vice President of Privacy Sandbox, Anthony Chavez, announced the company is extending the full deprecation of third-party cookies to “the second half of 2024,” to continue the testing window for the Privacy Sandbox. Chavez indicated that Google extended the timeline after receiving consistent feedback that developers need more time to evaluate and test the new Pri

Privacy 121

Privacy IT Information Security Security 121

Security Affairs

AUGUST 9, 2022

Microsoft Patch Tuesday security updates for August 2022 addressed a zero-day attack remote code execution vulnerability in Windows. Microsoft Patch Tuesday security updates for August 2022 addressed 118 CVEs in multiple products, including.NET Core, Active Directory Domain Services, Azure Batch Node Agent, Azure Real Time Operating System, Azure Site Recovery, Azure Sphere, Microsoft ATA Port Driver, Microsoft Bluetooth Driver, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microso

Security 135

Security Cloud IT Information Security 135

eSecurity Planet

AUGUST 11, 2022

Many of the basic principles for securing a data lake will be familiar to anyone who has secured a cloud security storage container. Of course, since most commercial data lakes build off of existing cloud infrastructure, this should be the case. However, data lakes add additional elements such as data feeds, data analysis (data lake house, third-party analysis tools, etc.) which increase the complexity of interactions beyond a simple storage container.

Security 123

Security Encryption Cloud Access 123

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Data Breach Today

AUGUST 12, 2022

Regulator Urges Adoption of Web Authentication MFA The U.S. Consumer Financial Protection Bureau is warning lenders they can be liable for data breaches for causing consumers "substantial injury." To avoid liability, the bureau recommends that banks implement multifactor authentication and especially Web Authentication.

Authentication 246

Authentication Data breaches Security 246

KnowBe4

AUGUST 11, 2022

In a recent article by Forbes, Cisco confirmed that they were hacked by a ransomware group as the group of cybercriminals published a partial list of files that were claimed to be exfiltrated.

Ransomware 121

Ransomware Phishing 121

Security Affairs

AUGUST 10, 2022

Cisco addressed a high severity flaw, tracked as CVE-2022-20866, affecting Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. Cisco addressed a high severity vulnerability in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. The flaw, tracked as CVE-2022-20866 , impacts the handling of RSA keys on devices running Cisco ASA Software and FTD Software, an unauthenticated, remote attacker can trigger it to retrieve an RSA private key.

Access 133

Access Security IT Information Security 133