Security Boulevard

NOVEMBER 10, 2022

This week: Former Uber CSO is convicted for his attempted cover-up of a 2016 hack of the company. The post The Week in Security: Former Uber CSO convicted over hack cover-up, supply chain attack targets media appeared first on Security Boulevard.

CSO 69

CSO Media Hacking Software 69

Naked Security

OCTOBER 5, 2022

Obstructed an investigation, and concealed a crime, said the jury.

CSO 78

CSO 78

CSO Magazine

MAY 19, 2022

Case in point: A federal judge recently ordered Uber Technologies to work with its former CSO, Joseph Sullivan (who held the position from April 2015 to November 2017), and review a plethora of Uber documents that Sullivan has requested in unredacted form for use in his defense in the upcoming criminal trial.

CISO 107

CISO CSO Data breaches Media 107

CSO Magazine

APRIL 27, 2021

Editor's note: This article, originally published in April 2016, has been updated to include tools that are currently in popular use. Get the latest from CSO by signing up for our newsletters. ]. Learn how to track and secure open source in your enterprise. | ELF Parser.

CSO 132

CSO Malware Software 132

The Security Ledger

DECEMBER 21, 2022

Paul speaks with Caleb Sima, the CSO of the online trading platform Robinhood, about his journey from teenage cybersecurity phenom and web security pioneer, to successful entrepreneur to an executive in the trenches of protecting high value financial services firms from cyberattacks. Caleb Sima is the CSO at Robinhood.

CSO 52

CSO Financial Services CISO Mobile 52

CSO Magazine

OCTOBER 6, 2022

Yesterday, a federal jury handed down a guilty verdict to Joe Sullivan, the former CSO on charges of “obstruction of the proceedings of the Federal Trade Commission and misprision of felony in connection with the attempted cover-up of a 2016 hack at Uber” according to a notice published by the Department of Justice (DOJ).

CSO 91

CSO CISO Data breaches Hacking 91

SecureWorld News

JULY 27, 2022

In 2016, Uber experienced a data breach that exposed the information of 57 million users and drivers. The CSO was also involved in the situation and has been charged with obstruction of justice. The settlement "contains no admission of liability, wrongdoing, or responsibility by any of the defendants.". Uber data breach.

Data breaches 96

Data breaches Mobile CSO CISO 96

CSO Magazine

JANUARY 15, 2021

Uber’s poor handling of its 2016 breach cost it close to $150 million. Marriott was hit with a $124 million fine, later reduced, while Equifax agreed to pay a minimum of $575 million for its 2017 breach. This comes after an active 2018.

Data breaches 144

Data breaches 144

CSO Magazine

JULY 1, 2021

The number of dark web listings that could harm an enterprise has risen by 20% since 2016. A 2019 study, Into the Web of Profit , conducted by Dr. Michael McGuires at the University of Surrey, shows that things have become worse. Of all listings (excluding those selling drugs), 60% could potentially harm enterprises.

Engineering 145

Engineering Internet Internet 145

CSO Magazine

MARCH 16, 2022

It shouldn’t be confused with an older ransomware family called Locky, which was notorious in 2016, or LokiBot, which is an infostealer. The threat was first seen in the wild in mid-August 2021," researchers from BlackBerry's Research & Intelligence Team said in a new report. "It

Ransomware 142

Ransomware 142

CSO Magazine

APRIL 25, 2022

It was late fall in 2016 when a fellow researcher joined him at the InGuardians lab, where he is director of research. Larry Pesce remembers the day when the distributed denial of service (DDoS) threat landscape changed dramatically.

DDOS 132

DDOS IoT Internet Internet 132

CSO Magazine

MARCH 16, 2021

Editor's note: This article, originally published on May 26, 2016, has been updated to more accurately reflect recent trends. To say the world has changed a lot over the past year would be a bit of an understatement.

eCommerce 129

eCommerce Cybersecurity 129

CSO Magazine

JULY 20, 2022

A study by In-Q-Tel researchers shows a rapid rise in software supply chain attacks starting around 2016, going from almost none in 2015 to about 1,500 in 2020. Securing the software supply chain continues to be one of the most discussed topics currently among IT and cybersecurity leaders.

Software 118

Software Cybersecurity 118

SecureWorld News

APRIL 10, 2023

The research comes less than a year after former Uber CSO Joseph Sullivan was convicted of attempting to cover up a 2016 hack of Uber, highlighting the fact that lying about data breaches is a serious criminal offense in many jurisdictions.

Data breaches 98

Data breaches CSO Social Engineering Cyber threats 98

CSO Magazine

SEPTEMBER 22, 2022

Sullivan is charged with trying to conceal from federal investigators the details of a 2016 hack at Uber that exposed the email addresses and phone numbers of 57 million drivers and passengers. The trial of former Uber CISO Joe Sullivan marks the first time a cybersecurity chief has faced potential criminal liability.

CISO 117

CISO Insurance Hacking Cybersecurity 117

Malwarebytes

DECEMBER 15, 2022

In July of this year, Uber confessed to a cover-up of the 2016 data breach with the help of its former chief security officer (CSO), Joe Sullivan. Six years before that , the personal data of 7 million drivers were exposed, including 600,000 driver's license numbers. Sullivan was charged with obstruction of justice.

Data breaches 98

Data breaches CSO Backups Mobile 98

Security Boulevard

OCTOBER 16, 2022

Former Uber CSO Joe Sullivan was found guilty of obstructing a federal investigation in connection with the attempted cover-up of a 2016 hack at Uber, NIST and Microsoft say that mandatory password expiration is no longer needed but many organizations are still doing it, and how fake executive profiles are becoming a huge problem for […].

Passwords 52

Passwords CSO Hacking Accountability 52

CSO Magazine

JANUARY 11, 2023

The security incident was the latest to affect the service in recent times in the wake of unauthorized access to its development environment in August last year , serious vulnerabilities in 2017 , a phishing attack in 2016 , and a data breach in 2015. To read this article in full, please click here

Data breaches 110

Data breaches Password Management Passwords Encryption 110

CSO Magazine

AUGUST 11, 2022

Ever since the Kremlin's troll farm, the Internet Research Agency, targeted the American electorate during the 2016 U.S. presidential election with social media disinformation campaigns, nation-states across the globe have jumped into their own weaponized information campaigns to influence elections. In 2019, the U.S.

Media 106

Media Internet Internet 106

CSO Magazine

JULY 12, 2022

According to the FBI's Internet Crime Complaint Center (IC3), BEC attacks have led to over $43 billion in losses between June 2016 and December 2021. To read this article in full, please click here

Phishing 98

Phishing Accountability Authentication Internet 98

CSO Magazine

MARCH 29, 2023

It was responsible for the 2014 attack against Sony Pictures, the 2016 cyber heist of funds belonging to the central bank of Bangladesh, and the 2017 WannaCry ransomware worm. When it comes to threat actors working for the North Korean government, most people have heard of the Lazarus group (APT38).

Social Engineering 108

Social Engineering Cybercrime Government Banking 108

CSO Magazine

JUNE 27, 2022

NotPetya was so named because it was similar to but different from Petya, a self-propagating ransomware virus discovered in 2016 that, unlike other nascent forms of ransomware at the time, was incapable of being decrypted.

Ransomware 96

Ransomware Encryption Malware 96

CSO Magazine

DECEMBER 15, 2022

Both vulnerabilities impact Microsoft Exchange Server on-premises and hybrid setups running Exchange versions 2013, 2016, and 2019 with an internet-exposed Outlook Web App (OWA) component. To read this article in full, please click here

InfoSec 97

InfoSec Authentication Internet Internet 97

The Security Ledger

AUGUST 28, 2020

Also joining us: Sam Curry, the CSO of Cybereason. Lurking in the background: the specter of interference and manipulation of the election by targeted, disinformation campaigns like those Russia used during the 2016 campaign – or by outright attacks on election infrastructure. a rel="NOFOLLOW" href="[link].

Risk 52

Risk CSO CISO Digital transformation 52

CyberSecurity Insiders

JUNE 3, 2021

In fact, in March 2016, I wrote a piece in CNN calling for urgent action and offering solutions. The “people problem” is a phrase I heard in many different occasions when I met with IT managers (CISO, CSO, CIOs), many in leading research labs, national security establishments, and such. I presented it at Blackhat in 2016 and 2017.

Cybersecurity 136

Cybersecurity Energy and Utilities Social Engineering Phishing 136

CSO Magazine

JUNE 30, 2022

Advanced API Security is an outgrowth of the company's 2016 acquisition of Apigee, which became part of Google in a $625 million deal. According to Google, the new system allows users to dig more deeply into API traffic to detect unusual patterns, which may be signs of an exploit in progress.

Data breaches 69

Data breaches 69

CSO Magazine

APRIL 12, 2022

billion in August, among other transactions, some of which date back to 2016. When completed, the deal, announced Monday, will be the latest in a string of security focused technology acquisitions for the private equity firm, which last year purchased payment security provider Bottomline Technologies for $2.6

Technology 64

Technology Cybersecurity 64

CSO Magazine

JUNE 13, 2022

To support the idea, Forrester and Kindervag advocated for the use of network analysis and visibility (NAV) solutions which, according to the 2016 report, included "network discovery tools, tools that analyze flow data, tools that dissect packet captures, tools that look at network metadata, and tools used for network forensic examination."

Threat Detection 63

Threat Detection Information Security 63

McAfee

NOVEMBER 12, 2020

It is not only the CISO, CSO or CIO’s responsibility to care and do the right thing. For instance, in August 2020, a former Uber company executive was criminally prosecuted for not disclosing a data breach back in 2016. Everyone is responsible and accountable. When one person doesn’t do their part, things can fall apart for a company.

Cybersecurity 61

Cybersecurity Government Risk Data breaches 61

Spinone

DECEMBER 26, 2018

Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016. VoIP phishing and impersonation also victimized millions of corporate employees across the world , contributing to an even greater cyber threat.

Security Awareness 40

Security Awareness Risk Cyber threats Cyber Risk 40

eSecurity Planet

DECEMBER 3, 2021

— Matthew Green (@matthew_d_green) February 17, 2016. " — Paul Asadoorian (@securityweekly) June 7, 2016. Lesson learned Kamkar continues to test security integrity as co-founder and CSO of Openpath Security. Katie Moussouris | @k8em0. " me: "Is that Windows 98?!?" Parisa Tabriz | @laparisa.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

CSO Magazine

FEBRUARY 8, 2022

In 2016, Apple prevailed in a now-famous legal standoff with FBI Director James Comey to unlock an encrypted phone used by a mass shooter in San Bernardino, California.

Encryption 89

Encryption Technology Government 89

SecureWorld News

JANUARY 26, 2021

Biden hired him for the purpose of preventing a repeat of what happened in 2016 with the Russian hack of the Clinton campaign. After his stint at Ford Motor, DeRusha became the Chief Security Officer (CSO) for the State of Michigan. What else do we know about DeRusha's InfoSec background?

CISO 102

CISO CSO InfoSec Government 102