The Last Watchdog

FEBRUARY 5, 2024

One critical issue faced by organizations that rely on Exchange Server is the risk of a corrupt Exchange Server database cropping up. Navigating new risks Today, heavy reliance on cloud-centric IT infrastructure and cloud-hosted applications has become the norm. Here are a few ‘dos:’ •Rigorous vulnerability management.

Risk 264

Risk Backups Software Education 264

The Last Watchdog

AUGUST 29, 2023

Here’s what you should know about the risks, what aviation is doing to address those risks, and how to overcome them. It is difficult to deny that cyberthreats are a risk to planes. Risks delineated Still, there have been many other incidents since. Fortunately, there are ways to address the risks.

Software 264

Software Risk Artificial Intelligence Engineering 264

Anton on Security

APRIL 11, 2024

Recently our team has written several papers and blogs focused on securing AI. Here are 5 gen AI security terms busy business leaders should know” defines five key generative AI security terms that busy business leaders should understand to navigate the potential risks and benefits of this technology.

Artificial Intelligence 130

Artificial Intelligence Government Risk Technology 130

The Last Watchdog

JANUARY 10, 2022

It’s possible to de-risk work scenarios involving personal data by carrying out a classic risk assessment of an organization’s internal and external infrastructure. This de-risks personal data that does not fit in a separate security contour. Related: The dangers of normalizing encryption for government use. Encryption.

Risk 240

Risk Encryption Data privacy CISO 240

The Last Watchdog

APRIL 21, 2022

Related: The value of sharing third-party risk assessments. The threat landscape is also continuously changing, with new attacker trends coming to light and new software vulnerabilities discovered which put organizations at risk if they are not patched. Take a risk-based approach. Is data backed up regularly?

Risk 235

Risk Cybersecurity Architecture Data breaches 235

The Last Watchdog

JANUARY 2, 2024

In today’s digital landscape, organizations face numerous challenges when it comes to mitigating cyber risks. Here are some of the key challenges that organizations encounter in their efforts to mitigate cyber risks in the current environment. Improve overall security posture and reduce cyber risks.

Cyber Risk 202

Cyber Risk Risk Education Security Awareness 202

Schneier on Security

FEBRUARY 25, 2021

” From a blog post : The report suggests a comprehensive framework for understanding and assessing the risks posed by Chinese technology platforms in the United States and developing tailored responses.

Technology 307

Technology Risk 307

The Last Watchdog

MAY 5, 2022

Let’s walk through some practical steps organizations can take today, implementing zero trust and remote access strategies to help reduce ransomware risks: •Obvious, but difficult – get end users to stop clicking unknown links and visiting random websites that they know little about, an educational challenge. Best practices.

Ransomware 247

Ransomware Risk Internet Internet 247

The Last Watchdog

APRIL 17, 2023

Here are a few of the top security weaknesses that threaten organizations today: Poor risk management. A lack of a risk management program or support from senior management is a glaring weakness in your cybersecurity strategy. Organizations increasingly rely on third-party suppliers for their product components or services.

Risk 218

Risk Cybersecurity Data breaches Cyber Attacks 218

The Last Watchdog

FEBRUARY 11, 2024

From identity theft to greater oversight on risk management, internal IT teams will be taking the brunt of these incoming regulations. Regulatory overload Firms in the financial services industry are staring down the bottom of the regulatory barrel coming into 2024.

Cyber Risk 234

Cyber Risk Risk Financial Services Cyber threats 234

Schneier on Security

AUGUST 12, 2024

Interesting paper: “ Generative AI Misuse: A Taxonomy of Tactics and Insights from Real-World Data “: Generative, multimodal artificial intelligence (GenAI) offers transformative potential across industries, but its misuse poses significant risks. image, text, audio, video) in the wild.

Artificial Intelligence 295

Artificial Intelligence Risk 295

The Last Watchdog

OCTOBER 10, 2022

Instead, it is a first step towards solving a dangerous technological disparity: despite posing an unprecedented degree of privacy risk, VR currently lacks even the most basic privacy tools. About the essayist: Vivek Nair is an NSF CyberCorps Scholar, NPSC Fellow, Hertz Foundation Fellow, IC3 Researcher, and an EECS Ph.D.

Risk 222

Risk Data privacy Data collection Technology 222

The Last Watchdog

JANUARY 3, 2023

With more and more people working remotely, unsecured home or public WiFi networks represent a security risk not only to individuals but to their companies as well. Since many people are now working from home at least partially, vulnerabilities at home are vulnerabilities at work, and threaten to put a company’s data at risk.

Risk 203

Risk Cybersecurity Antivirus Phishing 203

The Last Watchdog

JANUARY 8, 2023

Smarter security to me broadly refers to relentlessly focusing on fundamentals while maturing the program, making sure your risk posture aligns with your business strategy. It means anti-phishing tools so your teams can open emails without needless hesitation or risk. This leads to revenue gains and positive customer outcomes.

Risk 214

Risk Cybersecurity Technology CISO 214

IT Security Guru

JUNE 13, 2024

The decision between using GitHub’s backup capabilities and managing your own comes down to control, compliance, and risk management. The post Guest Blog: Ox Security on learning from the Recent GitHub Extortion Campaigns first appeared on IT Security Guru.

Backups 129

Backups Authentication Data breaches Social Engineering 129

Duo's Security Blog

SEPTEMBER 5, 2024

Without an accurate user inventory, it becomes difficult to identify and mitigate security risks. This gives you insights into your identity risk profile and guidance on how to remove that risk. Why are dormant accounts a risk? Dormant accounts pose a significant security risk. Interested in learning more?

Accountability 126

Accountability Risk Passwords Authentication 126

BH Consulting

DECEMBER 6, 2024

This blog will explore the advantages and risks these AI tools bring, along with actionable steps to integrate them responsibly into business practices. Key security and privacy risks Despite these benefits, there are inherent risks in relying on AI coding assistants. Establish an AI usage policy.

Risk 72

Risk Data privacy Information Security Software 72

SecureWorld News

OCTOBER 16, 2024

Smart home users should stay vigilant, update device software regularly, and implement network security best practices to mitigate risks. A January 2024 blog on ToolingIdeas.com provides a comprehensive rundown of the risks of IoT devices, particularly robot vacuums.

IoT 116

IoT Risk Hacking Internet 116

Troy Hunt

SEPTEMBER 18, 2020

As I say in the vid, blog posts like the VPN one I did this week are often done to help me get my thoughts on a topic straight and a lot of things became a lot clearer for me in doing that. helps you quickly secure your AD passwords and reduce the risk of Credential Stuffing. Sponsored by: safepass.me

VPN 270

VPN IoT Passwords Ransomware 270

Security Boulevard

JULY 18, 2024

This Article Staying Safe on the Go: Insider Risk and Travel Security Tips was first published on Signpost Six. | While you’re busy planning your getaway, it’s essential to stay vigilant about insider risks and security.

Risk 111

Risk 111

Anton on Security

JULY 7, 2022

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our third Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blog for #2 ). Now, go and read the report!

Cybersecurity 246

Cybersecurity Cryptocurrency Ransomware Education 246

Responsible Cyber

NOVEMBER 25, 2024

Effective from January 2025, DORA mandates that financial institutions implement robust measures to manage Information and Communication Technology (ICT) risks, with a significant emphasis on Third-Party Risk Management (TPRM). Contracts must clearly outline service expectations, security requirements, and compliance obligations.

Risk 85

Risk Cyber threats Technology Software 85

Troy Hunt

JANUARY 19, 2023

These can be massively popular and, par for the course of this blog, released in short demand. Think of breach history not as a binary proposition indicating the legitimacy of an email address, rather as one of assessing risk and considering "pwned or bot" as one of many factors.

Data breaches 348

Data breaches Risk Identity Theft Accountability 348

Troy Hunt

NOVEMBER 25, 2020

The vulnerability Context Security discovered meant exposing the Wi-Fi credentials of the network the device was attached to, which is significant because it demonstrates that IoT vulnerabilities can put other devices on the network at risk as well. Are these examples actually risks in IoT?

IoT 356

IoT Firmware Risk Manufacturing 356

Schneier on Security

SEPTEMBER 15, 2020

And a blog post. Interesting privacy analysis of the Ambient Light Sensor API. Especially note the “Lessons Learned” section.

Engineering 270

Engineering Risk 270

Schneier on Security

DECEMBER 19, 2023

” Willison expands this in a blog post , which I strongly recommend reading in its entirety. We risk letting companies get away with real misconduct because we incorrectly believed in conspiracy theories. On a personal level we risk losing out on useful tools. Privacy is important, and very easily misunderstood.

Government 310

Government Banking Risk Internet 310

Troy Hunt

MARCH 18, 2024

I linked to the story from the beginning of this blog post and got a handful of willing respondents for whom I sent their data and asked two simple questions: Does this data look accurate? That's just an unacceptable risk for which the old adage of "you cannot lose what you do not have" provides the best possible fix.

Data breaches 343

Data breaches Encryption Identity Theft InfoSec 343

Krebs on Security

AUGUST 13, 2021

Come check out Antinalysis, the new address risk analyzer,” reads the service’s announcement, pointing to a link only accessible via ToR. If you use BTC->XMR->BTC method, you’ll still get flagged down by our services labelled as high risk exchange (not to mention LE and exchanges). ” Update, 1:42 p.m.

Cryptocurrency 340

Cryptocurrency Marketing Ransomware Financial Services 340

Troy Hunt

MARCH 10, 2021

link] - @troyhunt think this one is an interesting read, maybe worthy of a blog post. The Mirai botnet taught us how far vulnerable IoT devices can be pushed and let's face it, those of us running Home Assistant are putting a lot of IoT stuff in the network that creates some level of risk, we just don't know how much risk.

Passwords 346

Passwords IoT Password Management Data breaches 346

The Last Watchdog

FEBRUARY 27, 2023

A new generation of security frameworks are gaining traction that are much better aligned to today’s cloud-centric, work-from-anywhere world. Related: The importance of ‘attack surface management’ I’m referring specifically to Secure Access Service Edge (SASE) and Zero Trust (ZT).

Risk 208

Risk Architecture Firewall Telecommunications 208

Troy Hunt

JANUARY 27, 2024

I suspect many of us are prone to looking at this in a very binary fashion: if the data is publicly accessible anyway, scraping it poses no risk. That's before we even get into the issue of whether in Trello's case, it should ever be possible for a third party to match email address to username and IRL name.

Risk 246

Risk 246

Anton on Security

SEPTEMBER 28, 2023

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. In this blog (#3 in the series), we will start to define and refine our detection engineering machinery to avoid the problems covered in Parts 1 and 2. Stay tuned!

Engineering 246

Engineering Education Government Threat Detection 246

The Last Watchdog

JANUARY 27, 2022

Throughout this period, the risk level of the acquirer is much higher than the acquired company, creating a major cybersecurity gap as they merge their tech stack and security tools together. They can be divided into two categories: Pre-Close Risks. Post-Close Risks. Lack of documented evidence. Hybrid Integration.

Marketing 265

Marketing Data privacy Risk Accountability 265

Troy Hunt

SEPTEMBER 3, 2020

They’re bcrypt hashes so good job there, but the fact they’re suggesting everyone changes their password illustrates that even good hashing has its risks. This entire blog post hashed with Md5 is still 32 characters long. A shorter password hashed with MD5 is still 32 characters long. Usually, not very long. With bcrypt.

Passwords 363

Passwords Encryption Data breaches Risk 363

eSecurity Planet

OCTOBER 8, 2024

The fourteen vulnerabilities together expose more than 704,000 DrayTek routers in 168 countries, say researchers from Vedere Labs, the research arm of cyber risk management provider Forescout Technologies. The malware has been active for the last few years, and the researchers warn that it’s possible every Linux server could be at risk.

Risk 106

Risk Malware Software Passwords 106

Anton on Security

MARCH 6, 2023

Read the official blog , it is serious. Cloud: Risk or Benefit? Let’s address the elephant in the room: “The average security pro says cloud security is slightly more difficult than on-prem and involves a higher level of risk.“ Now, you have three options: Just read the survey results document [PDF, 24 pages, with pictures!]

Threat Detection 246

Threat Detection Risk 246

Thales Cloud Protection & Licensing

NOVEMBER 26, 2024

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday josh.pearson@t… Tue, 11/26/2024 - 08:01 As Black Friday and Cyber Monday loom, the stakes for retailers extend far beyond enticing deals and record sales. trillion, the risk of a data breach extends beyond immediate financial losses. trillion and $5.28

Retail 71

Retail Cyber Risk Risk DDOS 71