The Security Ledger

MAY 16, 2024

In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments. Read the whole entry. »

CSO 59

CSO Risk Energy and Utilities Social Engineering 59

SiteLock

AUGUST 27, 2021

Fast forward to 2015, and we’ve had several trending cyber security issues appear in just these first few weeks. Below are 7 trending cyber security stories that you should read for February 2015. Anthem Cyber Attack. 2015 Cyber Security Risks. Read the full story here on Hot for Security.

Passwords 95

Passwords Cybersecurity Internet Internet 95

SecureWorld News

MARCH 17, 2022

Key takeaway #2: Collaborative platforms are at heightened risk for security breaches due to WFH. Key takeaway #3: Social engineering is the most powerful attack vector against InfoSec protocols. Social engineering, as it's called, has always been the most powerful part of InfoSec, or the lack of InfoSec, in any organization.".

InfoSec 97

InfoSec Social Engineering Phishing Cybercrime 97

CyberSecurity Insiders

SEPTEMBER 21, 2021

Every device you use, the app you download, the bit of information you share, or the message you open comes with a certain amount of risk. Many of the most worrying cyber security vulnerabilities involve human negligence or ignorance. In our digital age, cybersecurity is everyone’s responsibility. Hardening the human firewall.

Threat Detection 91

Threat Detection InfoSec Wireless Firewall 91

The Security Ledger

SEPTEMBER 25, 2019

» Related Stories Spotlight Podcast: Security Automation is (and isn’t) the Future of Infosec Episode 159: Deep Fakes and Election (in)Security with ZeroFOX Spotlight Podcast: Rethinking Your Third Party Cyber Risk Strategy. If you believe the headlines, the first known disruptive cyber attack against the U.S.

Cyber Attacks 40

Cyber Attacks Energy and Utilities Cyber Risk Firewall 40

McAfee

DECEMBER 4, 2020

Cloud Risk & Adoption Report: Work-from-Home Edition. Now in beta with a target launch date of Q1, 2021, we built CNAPP to provide InfoSec teams broad visibility into their cloud native applications. Government’s FedRAMP High JAB P-ATO Designation. To support today’s U.S. Learn more here. Election Website Security Shortcomings.

Cyber threats 94

Cyber threats InfoSec Big data Architecture 94

Security Boulevard

MAY 6, 2021

Poor firewall implementation and maintenance is a common factor in cyber attacks and payment card data thefts within small businesses, which is often due to poor IT security understanding and suitable resources by IT and business management.

Small Business 100

Small Business Firewall Wireless Internet 100

Security Boulevard

JUNE 15, 2021

As I was waking up in Boston on the morning of June 27, 2017, reports were being shared on social media that an electric power supplier in Ukraine was hit by a cyber attack. By the time I arrived at my desk, companies around the world were shut down by the same attack--which Symantec declared as Petya ransomware.

Cyber Attacks 98

Cyber Attacks Media Ransomware CISO 98

Approachable Cyber Threats

FEBRUARY 23, 2024

Category Awareness, Artificial Intelligence Risk Level Artificial Intelligence (AI) is set to be the newest ally for many companies, but it’s also set to be the newest threat. As we navigate this dynamic landscape, AI emerges as both the guardian of digital fortresses and the stealthy architect of cyber threats.

Cybersecurity 92

Cybersecurity Artificial Intelligence Malware Phishing 92

Herjavec Group

MAY 27, 2021

InfoSec professionals tend to describe the benefits of a strong cybersecurity program with technical jargon and acronyms. Having been on both sides of the equation as the infosec executive and the enterprise leader, I can confidently say the key is to speak the language of the executive team and board. Believe me – I’ve been there !

Cybersecurity 52

Cybersecurity InfoSec Cyber Risk Risk 52

SecureWorld News

SEPTEMBER 21, 2020

Germany's Federal Office for Information Security (BSI) says the attack occurred through a Citrix VPN vulnerability that has been known about since last year. The BSI would like to emphasize that a vulnerability ( CVE-2019-19781 ) known since December 2019 in VPN products from Citrix for Cyber -Attacks is being exploited.".

Ransomware 97

Ransomware Marketing VPN Healthcare 97

Lenny Zeltser

MAY 1, 2017

I came across the following reasonable definition of this term in FireEye’s Zero-Day Danger report , which is consistent with how many other security vendors use this term: “Zero-day vulnerabilities are software flaws that leave users exposed to cyber attacks before a patch or workaround is available.”

Malware 68

Malware Software Cyber Attacks InfoSec 68

SiteLock

AUGUST 27, 2021

Regardless of whether your website is a personal blog, a small eCommerce site, or a corporate business, you are at risk of a cyber attack. However, you may not be at risk for the reasons you think. Install a WAF to protect your website from any future cyber attacks or malicious attempts. Why WordPress?

eCommerce 52

eCommerce Cyber Attacks InfoSec Marketing 52

Herjavec Group

JANUARY 31, 2022

While there has always been a risk associated with not protecting your Industrial Control Systems, using established IT-style practices, today’s landscape shows that it is no longer a matter of “if” but “when” an organization’s system will be targeted. . The Need for Greater OT System Security .

Technology 98

Technology Cybersecurity InfoSec Software 98

SecureList

MAY 31, 2021

Number of unique users attacked by financial malware, Q1 2021 ( download ). Attack geography. Excluded are countries with relatively few users of Kaspersky products (under 50,000). ** Unique users attacked by miners as a percentage of all unique users of Kaspersky products in the country.

Mobile 108

Mobile Adware Ransomware Malware 108

Security Through Education

JANUARY 18, 2023

However, even if they are not used to store data, attackers will often use them as ways to access other networked devices. We can benefit from these the most if we are aware of the possible risks and take measures to use them wisely. More than 90% of successful cyber-attacks start with a phishing email.

Cybersecurity 98

Cybersecurity Social Engineering Scams IoT 98

Security Boulevard

OCTOBER 12, 2021

But there are security principles every development and IT team can follow to reduce the risks of a damaging breach. This is a terrible idea, as an attacker who compromises the web server will then gain root access to that machine. This will lower your risks of complete system compromise during an attack.

Social Engineering 78

Social Engineering Penetration Testing Authentication Engineering 78

Security Boulevard

OCTOBER 27, 2021

As organizations continue to gather more data than ever before, the surface area of risk, and subsequently the blast radius, will exponentially increase when an incident materializes. . Today, the biggest mistake most security practitioners make is treating ransomware attacks as any other cyber attack. Improve Your SOC.

Ransomware 59

Ransomware Backups Mobile InfoSec 59

Herjavec Group

NOVEMBER 23, 2021

With an increase in online activity comes an increase in the risk of cyber threats. While individuals tend to be the initial victim of online shopping attacks, users are increasingly doing online shopping on corporate devices or networks, leaving enterprises extremely vulnerable. Use Your Credit Card.

Cybercrime 52

Cybercrime InfoSec Encryption Risk 52

Approachable Cyber Threats

FEBRUARY 23, 2024

Category Awareness, Artificial Intelligence Risk Level Artificial Intelligence (AI) is set to be the newest ally for many companies, but it’s also set to be the newest threat. As we navigate this dynamic landscape, AI emerges as both the guardian of digital fortresses and the stealthy architect of cyber threats.

Cybersecurity 52

Cybersecurity Artificial Intelligence Malware Phishing 52

The Security Ledger

NOVEMBER 6, 2019

Related Stories Spotlight Podcast: Security Automation is (and isn’t) the Future of Infosec Episode 164: Who owns the Data Smart Cars collect? Episode 162: Have We missed Electric Grid Cyber Attacks for Years? Also: making Passwords work. Also: Breaking Bad Security Habits.

Artificial Intelligence 40

Artificial Intelligence Technology Banking InfoSec 40

The Security Ledger

SEPTEMBER 26, 2019

Related Stories Episode 162: Have We missed Electric Grid Cyber Attacks for Years? Also: Breaking Bad Security Habits Spotlight Podcast: Security Automation is (and isn’t) the Future of Infosec Spotlight Podcast: Rethinking Your Third Party Cyber Risk Strategy.

Passwords 40

Passwords Authentication InfoSec Accountability 40

NopSec

FEBRUARY 9, 2017

The year 2016 will be remembered for some big moments in the world of cybersecurity: the largest known distributed denial of service (DDoS) attack, a phishing attack on a United States presidential candidate’s campaign, and ransomware attacks on major healthcare organizations are just a few. For a preview, read on.

Cybersecurity 40

Cybersecurity DDOS IoT Social Engineering 40

Digital Shadows

OCTOBER 23, 2024

Infosec teams may have a false sense of security when critical servers are equipped with EDR technology and redundant logging. However, in this attack, after encrypting hosts and exfiltrating data, the attacker sent a Microsoft Teams message from the compromised domain admin account, containing an Onion link for the ransom demand.

Social Engineering 122

Social Engineering Engineering Accountability Backups 122

Herjavec Group

JANUARY 27, 2022

For the past two years, it’s been easy to brush off data privacy risks for the benefit of being able to access and/or purchase anything we needed without having to leave the comfort or safety of our homes. It’s important to remember that with great innovation and progression comes an increase in risk.

Data privacy 52

Data privacy Digital transformation Education Cybersecurity 52

Herjavec Group

DECEMBER 15, 2021

From Solar Winds to Colonial Pipeline, we’ve seen that the consequences of a ransomware attack don’t just affect the victimized organization – they can have trickle-down effects that impact whole communities, industries and even nations. Provide resources and training for your team on best practices and good cyber hygiene.

Cybersecurity 52

Cybersecurity Digital transformation Ransomware Cyber Risk 52

Digital Shadows

OCTOBER 23, 2024

Infosec teams may have a false sense of security when critical servers are equipped with EDR technology and redundant logging. However, in this attack, after encrypting hosts and exfiltrating data, the attacker sent a Microsoft Teams message from the compromised domain admin account, containing an Onion link for the ransom demand.

Social Engineering 52

Social Engineering Engineering Accountability Backups 52

NetSpi Technical

AUGUST 16, 2024

Trey discussed the fundamentals of threat emulation (red teaming) from a business risk standpoint. These groups can reasonably be approximated by their attack methods linked to MITRE T codes. How do we approach a situation where, for example, Russia utilizes cyber-attacks on Microsoft Azure to attack Ukraine?

Social Engineering 51

Social Engineering Penetration Testing Engineering Ransomware 51

Security Boulevard

NOVEMBER 18, 2021

The API server will respond with the entire corresponding user object: { "id": 6253282, "username": "vickieli7", "screen_name": "Vickie", "location": "San Francisco, CA", "bio": "Infosec nerd. Determining the risk of rate limit issues is all about where the vulnerability is located in the application’s context. Hacks and secures.

Authentication 64

Authentication Accountability Passwords Engineering 64

eSecurity Planet

FEBRUARY 25, 2022

President Joe Biden for “massive cyberattacks” aimed at disrupting the Russian invasion – initial reports of cyber attacks have in some cases been destructive and damaging, but not anywhere near anyone’s worst-case fears of utility system attacks, for example. ” Protective Steps to Take.

B2B 126

B2B Cyber Attacks Firewall Cyber threats 126

eSecurity Planet

DECEMBER 19, 2023

Bottom line: Prepare now based on risk. Without guidelines, organizations risk unfettered use of AI, risks of data leaks, and no recourse for unethical AI use within the organization. Also consider learning about the top governance, risk, and compliance tools to identify the best one for you.

Cybersecurity 140

Cybersecurity CISO Government Technology 140

Cisco Security

JUNE 25, 2021

First of all, while I am honoured and deeply thankful for the recognition, I believe strongly that Security is a team effort and I must acknowledge the superb InfoSec team in Steward but also the Steward workforce. Cyber attacks during the pandemic escalated by as much as 600%. I have that.

CISO 83

CISO Healthcare InfoSec Computers and Electronics 83

ForAllSecure

APRIL 26, 2022

Is it balance between the monkey that the myths and all of that to explaining the risks explaining the probability explaining what can what can happen and you know, in an honest way, Vamosi: I think the nuances are more interesting the the realities of what can fail and could happen. The risk still isn’t clear enough.

Hacking 52

Hacking Energy and Utilities Manufacturing Firmware 52

Security Affairs

FEBRUARY 14, 2022

A CyberNews investigation has revealed that Lovense remote sex toy users might be at risk from threat actors, due to poor security features. However, the company dismissed concerns that this outdated technology could prove vulnerable to cyber attacks. Risk of DoS. Original post: [link].

Wireless 98

Wireless Manufacturing Firewall Technology 98

Herjavec Group

JULY 29, 2021

While the world transitions out of the pandemic, cyber adversaries have continued to take advantage of the chaos – cyber attacks have skyrocketed and are only becoming more frequent, destructive, and sophisticated. Ransomware – the hacker’s current cyber weapon of choice. Back up all sensitive data.

Cybersecurity 52

Cybersecurity Digital transformation Cyber Attacks Ransomware 52

CyberSecurity Insiders

DECEMBER 8, 2021

This is not a new problem and with its increasing frequency it’s important for our leaders to understand how profitable an industry RaaS has become, and the risks they may be facing. It’s a Catch-22; the higher the risk, the harder it can be for a company to find insurance coverage, which can impact new business and government contracts.

Data breaches 142

Data breaches Ransomware Government Cybersecurity 142