The Last Watchdog

APRIL 28, 2023

“Stronger together” was the theme of RSA Conference 2023 , which returned to its pre-Covid grandeur under the California sunshine last week at San Francisco’s Moscone Center. Here are three evolving themes reverberating from RSAC 2023 that struck me: Getting a grip on identities Password enabled access will endure for the foreseeable future.

Mobile 211

Mobile Cloud Migration Penetration Testing Authentication 211

The Last Watchdog

JUNE 15, 2023

June 15, 2023. The World Wide Web Consortium today announced a standardization milestone for a new browser capability that helps to streamline user authentication and enhance payment security during Web checkout. Customer authentication For the past 15 years, e-commerce has increased as a percentage of all retail sales.

Authentication 100

Authentication Technology Banking Media 100

SecureWorld News

FEBRUARY 13, 2025

While initially popularized in entertainment and satire, cybercriminals now weaponize this technology for fraud, identity theft, and corporate deception. According to a 2023 study by Sumsub , deepfake fraud attempts increased by 704% between 2022 and 2023.

Social Engineering 84

Social Engineering Authentication Identity Theft Education 84

SecureList

MAY 6, 2024

Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. Cryptocurrency phishing saw a 16% year-on-year increase in 2023, with 5.84 million in 2022.

Phishing 134

Phishing Banking Mobile Scams 134

Google Security

MAY 5, 2023

Silvia Convento, Senior UX Researcher and Court Jacinic, Senior UX Content Designer In recognition of World Password Day 2023, Google announced its next step toward a passwordless future: passkeys. Figure 1: authentication success rate with passkey vs password. They are designed to enhance online security for users.

Authentication 122

Authentication Passwords Technology Password Management 122

Krebs on Security

NOVEMBER 29, 2023

20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of its 18,000+ customers. For this reason, they can’t be locked down with multifactor authentication the way user accounts can.

Accountability 296

Accountability Authentication Passwords Antivirus 296

Thales Cloud Protection & Licensing

OCTOBER 2, 2023

Cybersecurity Awareness Month 2023 – What it is and why we should be aware madhav Tue, 10/03/2023 - 05:33 The inception of Cybersecurity Awareness Month in 2004 came at a critical juncture in our technological history. Implement Passwordless Strong Authentication Strong authentication is crucial in enhancing cybersecurity.

Cybersecurity 148

Cybersecurity Cyber threats Authentication Phishing 148

Security Affairs

OCTOBER 25, 2023

Citrix warned of attacks actively exploiting the vulnerability CVE-2023-4966 in NetScaler ADC and Gateway appliances. Citrix is urging administrators to secure all NetScaler ADC and Gateway appliances against the CVE-2023-4966 vulnerability, which is actively exploited in attacks. reported Citrix. reported Citrix. NetScaler ADC 13.1-FIPS

Authentication 134

Authentication VPN Hacking Government 134

Krebs on Security

FEBRUARY 18, 2025

Rather, the missives are sent through the Apple iMessage service and through RCS , the functionally equivalent technology on Google phones. In August 2023, the security firm Resecurity discovered a vulnerability in one popular Chinese phish kit vendor’s platform that exposed the personal and financial data of phishing victims.

Phishing 284

Phishing Mobile Scams Banking 284

eSecurity Planet

DECEMBER 7, 2022

Vaibhav Narayanam, who is the Director of Corporate Development & Venture Investments at ServiceNow, invests in a variety of technologies. But for 2023, cybersecurity will be a “key pillar” of the company’s focus – particularly data compliance and protection. See our picks for the Top Cybersecurity Startups. Ransomware.

Cybersecurity 145

Cybersecurity Risk Technology Ransomware 145

Jane Frankland

MARCH 27, 2024

And I can’t help but be concerned that technology, especially advancements in artificial intelligence, is not just reshaping our world; it’s actually reshaping our identity and the fabric of trust that binds us. This has led to a new imperative in trust and technology – being human by default. The result?

Technology 130

Technology Artificial Intelligence Authentication Scams 130

Jane Frankland

NOVEMBER 20, 2023

My Predictions for Cybersecurity in 2023 were… Technology enables opportunities as fast as it introduces threats. Unsurprisingly, cyberattacks and data breaches show no signs of slowing as companies invest in technology to fuel growth, enhance customer experiences, support remote and hybrid workforces, and meet ESG goals.

Cybersecurity 130

Cybersecurity Digital transformation Artificial Intelligence Architecture 130

Security Affairs

OCTOBER 18, 2023

Experts reported that the vulnerability CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been exploited in attacks since late August. On October 10, Citrix published a security bulletin related to a critical vulnerability, tracked as CVE-2023-4966, in Citrix NetScaler ADC/Gateway devices. ” reported Citrix.

Authentication 131

Authentication VPN Hacking Government 131

SecureWorld News

NOVEMBER 22, 2024

Scattered Spider has gained infamy for its high-profile cyberattacks, including the ransomware assault on MGM Casino in 2023 , which caused widespread disruption. The attacks have resulted in millions of dollars in theft, including cryptocurrency and sensitive corporate data, showcasing the ongoing threat of organized cybercrime.

Phishing 107

Phishing Identity Theft Cryptocurrency Cybercrime 107

The Last Watchdog

SEPTEMBER 25, 2023

million in 2023, according to IBM’s Cost of a Data Breach Report, and over 700,000 small businesses were targeted in cybersecurity attacks in 2020, according to the Small Business Association. Taking an active role Your cybersecurity policy should address your employees and technology systems. Employee training is crucial.

Small Business 222

Small Business Cybersecurity Technology Accountability 222

Digital Shadows

MARCH 17, 2025

While it had dropped out of the top 15 by 2023, it remains on CISAs list of routinely exploited vulnerabilities, showcasing its enduring appeal to threat actors. This ensures that even if attackers extract VPN credentials, they can’t use them without the secondary authentication that exists outside the compromised system.

VPN 133

VPN Authentication Ransomware Risk 133

Duo's Security Blog

NOVEMBER 10, 2023

10 and over 250 reviews, Duo is honored to share that we won the 2023 TrustRadius Top Rated Award for Authentication. Duo’s Multi-Factor Authentication solution combines multiple authentication factors to provide simple ways to protect users. With a score of 9.3/10

Authentication 119

Authentication Education Accountability Technology 119

SecureWorld News

JANUARY 16, 2025

With the increasing reliance on digital technologies for operational efficiency, this sector has become a prime target for sophisticated cyber and physical threats. A report from 2023 revealed that 67% of energy and utility companies faced ransomware attacks, with many incidents exploiting unpatched vulnerabilities.

Energy and Utilities 108

Energy and Utilities IoT Artificial Intelligence Backups 108

The Last Watchdog

DECEMBER 17, 2023

Yet IoE, at this nascent stage, holds much promise to tilt us towards a utopia where technology helps to resolve our planet’s most intractable problems. This was the theme of Infineon Technologies’ OktoberTech 2023 conference, which I had the privilege of attending at the Computer History Museum in the heart of Silicon Valley.

IoT 264

IoT Internet Internet Technology 264

The Last Watchdog

DECEMBER 13, 2023

Notable progress was made in 2023 in the quest to elevate Digital Trust. I had the opportunity to sit down with DigiCert’s Jason Sabin , Chief Technology Officer and Avesta Hojjati , Vice President of Engineering to chew this over. We met at DigiCert Trust Summit 2023. And PKI is the best technology we’ve got to get us there.

Encryption 311

Encryption Technology CISO IoT 311

The Last Watchdog

JUNE 7, 2023

Related: A call to regulate facial recognition This was an early example of multifactor authentication (MFA). I learned about this at RSA Conference 2023 from company Co-founder and CEO Phani Nagarjuna , who explained how Circle extends the use of encryption keys fused to biometrics and decentralizes where copies of the keys are stored.

Authentication 188

Authentication Encryption Passwords Internet 188

Security Affairs

JUNE 20, 2023

VMware is warning customers that critical remote code execution vulnerability CVE-2023-20887 is being actively exploited in attacks. “VMware has confirmed that exploitation of CVE-2023-20887 has occurred in the wild,” reads the advisory. . The vulnerability CVE-2023-20887 (CVSSv3 score of 9.8)

Authentication 98

Authentication Hacking Technology Information Security 98

Joseph Steinberg

JANUARY 4, 2023

Zero Trust Network Architecture, on the other hand, is not conceptual; it refers to an actual information technology architecture – including hardware, software, data, and workflow – that employs the principles of Zero Trust in its design so as to enforce a Zero Trust model. This post is sponsored by Perimeter 81.

Architecture 361

Architecture Artificial Intelligence Encryption Cybersecurity 361

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. million in 2023.

Phishing 74

Phishing Banking Scams Mobile 74

Krebs on Security

FEBRUARY 1, 2024

.” Colorado resident Emily “Em” Hernandez allegedly helped the group gain access to victim devices in service of SIM-swapping attacks between March 2021 and April 2023. technology companies during the summer of 2022. In August 2023, Kroll suffered its own breach after a Kroll employee was SIM-swapped.

Cryptocurrency 299

Cryptocurrency Ransomware Retail Government 299

Security Affairs

JUNE 7, 2023

Virtualization technology giant VMware released security patches to address three critical and high-severity vulnerabilities, tracked as CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, in VMware Aria Operations for Networks. The vulnerability CVE-2023-20864 (CVSSv3 base score of 9.8) ” continues the advisory.

Authentication 98

Authentication Hacking Technology Information Security 98

The Last Watchdog

NOVEMBER 12, 2023

I recently discussed the current state of tech standards with DigiCert’s Mike Nelson , Global Vice President of Digital Trust and, Dean Coclin , Senior Director of Trust Services, at DigiCert Trust Summit 2023. Matter works much the way website authentication and website traffic encryption gets executed. identification.”

Manufacturing 276

Manufacturing Authentication Marketing Encryption 276

eSecurity Planet

OCTOBER 30, 2023

See the Top Patch and Vulnerability Management tools October 23, 2023 Citrix NetScaler Vulnerability Under Active Attack Type of attack: Active exploitation of the high-risk Sensitive Information Disclosure vulnerability ( CVE-2023-4966 ) disclosed on October 10, 2023 and now known as Citrix Bleed.

Authentication 104

Authentication Mobile Accountability Software 104

CyberSecurity Insiders

DECEMBER 6, 2022

Netwrix, a cybersecurity vendor that makes data security easy, today released key IT security trends that will affect organizations of all sizes in 2023. Here are five specific trends for 2023 that you need to be aware of: The business of cybercrime will be further professionalized. Supply chain attacks will intensify.

Cybersecurity 116

Cybersecurity Cybercrime Social Engineering Risk 116

Malwarebytes

DECEMBER 13, 2023

In November there were 457 total ransomware victims, making it the most active month for ransomware gangs in 2023 so far besides May. The top stories of the month include ALPHV’s shutdown, an increased focus on the healthcare sector, and high-profile attacks on Toyota, Boeing, and more using a Citrix Bleed vulnerability (CVE-2023-4966).

Ransomware 101

Ransomware Healthcare Encryption Backups 101

CyberSecurity Insiders

JANUARY 6, 2023

Here are some API security predictions for 2023: Prediction #1: There will be a major API security breach that forces faster regulatory action. While regulatory action typically lags behind advanced technology development, API security is increasing the scope and severity of security breaches.

CISO 118

CISO Financial Services Risk Unstructured Data 118

eSecurity Planet

NOVEMBER 6, 2023

30, 2023 NGINX Ingress Controller for Kubernetes Flaws Can Lead to Credential Theft Type of Attack: Path sanitization bypass and injection vulnerabilities discovered in the NGINX Ingress controller can allow for credential theft, arbitrary command execution, and critical data access. CVE-2023-5044 (Code Injection): This CVSS score 7.6

Software 112

Software Education Ransomware Firmware 112

Krebs on Security

APRIL 9, 2024

It involves convincing a user to click on a malicious link in an email, which can then steal the user’s password hash and authenticate as the user in another Microsoft service. “Microsoft has updated their backend and notified any customers who have been affected by the credential leakage.”

DNS 305

DNS Social Engineering Malware Media 305

Malwarebytes

JANUARY 11, 2023

The first Microsoft Patch Tuesday of 2023 is an important one to start of the year with. ended January 10, 2023. The actively exploited vulnerability is listed as CVE-2023-21674. In a network-based attack, an unauthenticated attacker could bypass authentication and make an anonymous connection. SharePoint Server.

B2B 98

B2B Encryption VPN Software 98

Security Affairs

DECEMBER 19, 2023

CitrixBleed is a critical vulnerability, tracked as CVE-2023-4966 , in Citrix NetScaler ADC (Application Delivery Controller) software. The vulnerability was discovered by security researchers at Positive Technologies and disclosed to Citrix in October 10, 2023. ” reads the notice of a security incident.

Authentication 130

Authentication Data breaches Passwords Internet 130

Security Affairs

MARCH 12, 2025

UNC3886 is a sophisticated China-linked cyber espionage group that targets network devices and virtualization technologies using zero-day exploits. Its primary focus is on defense, technology, and telecommunications sectors in the US and Asia. ” concludes the report published by Mandiant.

Telecommunications 66

Telecommunications Malware DDOS Technology 66

Security Through Education

JANUARY 18, 2023

The truth is technology has grown at an exponential rate and so has cybercrime. What are some personal cybersecurity concerns for 2023? Business email compromise (BEC) attacks have been predicted to soar in 2023 according to Forbes Advisor. Perhaps we thought, who would want to hack a completely unknow person like me?

Cybersecurity 98

Cybersecurity Social Engineering Scams IoT 98