Krebs on Security

OCTOBER 18, 2024

Brazilian authorities reportedly have arrested a 33-year-old man on suspicion of being “ USDoD ,” a prolific cybercriminal who rose to infamy in 2022 after infiltrating the FBI’s InfraGard program and leaking contact information for 80,000 members. More recently, USDoD was behind a breach at the consumer data broker National Public Data that led to the leak of Social Security numbers and other personal information for a significant portion of the U.S. population.

Social Engineering 224

Social Engineering Passwords Cybercrime Mobile 224

Schneier on Security

OCTOBER 18, 2024

The Wall Street Journal is reporting that the CEO of a still unnamed company has been indicted for creating a fake auditing company to falsify security certifications in order to win government business.

Government 206

Government 206

Anton on Security

OCTOBER 18, 2024

Many organizations are looking for trusted advisors , and this applies to our beloved domain of cyber/information security. If you look at LinkedIn, many consultants present themselves as trusted advisors to CISOs or their teams. Untrusted Advisor by Dall-E via Copilot This perhaps implies that nobody wants to hire an untrusted advisor. But if you think about it, modern LLM-powered chatbots and other GenAI applications are essentially untrusted advisors (RAG and fine-tuning notwithstanding).

Architecture 130

Architecture Risk CISO Cybersecurity 130

Malwarebytes

OCTOBER 18, 2024

The Microsoft Threat Intelligence team disclosed details about a macOS vulnerability, dubbed “HM Surf,” that could allow an attacker to gain access to the user’s data in Safari. The data the attacker could access without users’ consent includes browsed pages, along with the device’s camera, microphone, and location. The vulnerability, tracked as CVE-2024-44133 was fixed in the September 16 update for Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac Mi

Adware 136

Adware Spyware Mobile Technology 136

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Security Boulevard

OCTOBER 18, 2024

There are growing concerns among chief information security officers (CISOs) about the evolving demands of their role, with 84% advocating for a split into separate technical and business-focused positions. The Trellix and Vanson Bourne survey of 5,000 CISOs and IT security leaders found that as cybersecurity threats grow more complex and regulatory frameworks expand, there.

CISO 134

CISO Information Security Cybersecurity Risk 134

The Hacker News

OCTOBER 18, 2024

North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in order to not leak it, marking a new twist to their financially motivated attacks.

Technology 133

Technology 133

Security Boulevard

OCTOBER 18, 2024

The U.S. Army is developing a cloud environment called N-CODE that will give smaller businesses access to the security technologies they need to meet stringent DoD cybersecurity requirements and compete for defense contracts. The post Army Cloud Program to Help SMBs Meet DoD Cyber Requirements appeared first on Security Boulevard.

Technology 116

Technology Cybersecurity Security Awareness Mobile 116

Security Affairs

OCTOBER 18, 2024

Microsoft disclosed a flaw in the macOS Apple’s Transparency, Consent, and Control (TCC) framework that could allow it to bypass privacy settings and access user data. Microsoft discovered a vulnerability, tracked as CVE-2024-44133 and code-named ‘HM Surf’, in Apple’s Transparency, Consent, and Control (TCC) framework in macOS.

Adware 125

Adware Hacking Information Security 125

The Hacker News

OCTOBER 18, 2024

Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver infostealers targeting Windows and macOS systems.

Malware 116

Malware Cybersecurity 116

Security Boulevard

OCTOBER 18, 2024

Authors/Presenters:Rob Sherwood, Jinghao Shi, Ying Zhang, Neil Spring, Srikanth Sundaresan, Jasmeet Bagga, Prathyusha Peddi, Vineela Kukkadapu, Rashmi Shrivastava, Manikantan KR, Pavan Patil, Srikrishna Gopu, Varun Varadan, Ethan Shi, Hany Morsy, Yuting Bu, Renjie Yang, Rasmus Jönsson, Wei Zhang, Jesus Jussepen Arredondo, Diana Saha, Sean Choi Our sincere thanks to USENIX , and the Presenters & Authors for publishing their superb 21st USENIX Symposium on Networked Systems Design and Implemen

107

107

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Tech Republic Security

OCTOBER 18, 2024

Discover how to legally, securely, and quickly fax a check whether you're using a traditional fax machine or an online faxing service.

Software 110

Software Mobile Network Security 110

WIRED Threat Level

OCTOBER 18, 2024

Moldova is facing a tide of disinformation unprecedented in complexity and aggression, the head of a new center meant to combat it tells WIRED. And platforms like Facebook, TikTok, Telegram and YouTube could do more.

Media 106

Media 106

SecureList

OCTOBER 18, 2024

Last December, we discovered a new group targeting Russian businesses and government agencies with ransomware. Further investigation into this group’s activity suggests a connection to other groups currently targeting Russia. We have seen overlaps not only in indicators of compromise and tools, but also tactics, techniques, and procedures (TTPs).

Energy and Utilities 102

Energy and Utilities VPN Encryption Ransomware 102

Zero Day

OCTOBER 18, 2024

Try or gift Xbox Game Pass for three months for nearly one-third off and play over 100 games including Starfield, Forza Motorsport, and Football Manager 2024 on your Xbox, PC, or mobile device.

Mobile 98

Mobile 98

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Identity IQ

OCTOBER 18, 2024

Who Can Check Your Credit Report? IdentityIQ The primary purpose of your credit report is to demonstrate your creditworthiness to lenders and creditors. In other words, your credit report can help companies decide whether to approve or deny your loan and credit card applications. But lenders and credit card companies aren’t the only ones that can pull your credit report.

Identity Theft 98

Identity Theft Insurance Government Accountability 98

The Hacker News

OCTOBER 18, 2024

Picture your company's data as a vast, complex jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces are hidden, some misplaced, and others might even be missing entirely. Keeping your data secure in today’s fast-evolving landscape can feel like an impossible challenge. But there’s a game-changing solution: Data Security Posture Management (DSPM).

99

99

SecureWorld News

OCTOBER 18, 2024

If you're in IT or another technical role and thinking about transitioning into cybersecurity, you might be wondering if you have what it takes. Maybe you've got solid tech skills and a knack for problem-solving, but you don't have a security title or certifications yet. You're probably thinking, “I'd be great in a cybersecurity role, but will anyone even consider me?

Cybersecurity 96

Cybersecurity Risk 96

Zero Day

OCTOBER 18, 2024

If you're an iPhone user, you could probably use these trackers to monitor your keys, wallet, luggage, and even your young kids, especially with this $20 discount.

98

98

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Heimadal Security

OCTOBER 18, 2024

Microsoft is alerting business clients to a flaw that resulted in critical logs being partially lost for nearly a month. This puts at risk businesses who depend on this data to identify unwanted activity. Microsoft is alerting enterprise customers that a flaw resulted in important logs being largely lost for nearly a month, endangering businesses […] The post Microsoft Reveals Loss of Customer Security Logs for a Month appeared first on Heimdal Security Blog.

Risk 90

Risk Cybersecurity 90

Zero Day

OCTOBER 18, 2024

Rolling Square's InCharge XS charges via USB-C, USB-A, and iPhone Lightning in one versatile cable that's small enough to fit on your keychain.

98

98

Security Boulevard

OCTOBER 18, 2024

And the Ethical Dilemma of Using AI to Create Fake Online Personalities In recent years, advancements in artificial intelligence (AI) have given rise to powerful tools like StyleGAN and sophisticated language models such as ChatGPT. These technologies can create hyper-realistic images and conversations, blurring the line between authentic human presence and synthetic creations.

Artificial Intelligence 78

Artificial Intelligence Technology Authentication Cybersecurity 78

Zero Day

OCTOBER 18, 2024

If you're a Ring user looking to upgrade to a battery-powered video doorbell, the Ring Battery Doorbell Plus is the perfect choice.

98

98

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

Security Boulevard

OCTOBER 18, 2024

Insight #1: Data breach costs are climbing According to IBM’s latest Cost of a Data Breach report , data breach costs have risen 39.4% over the past decade and are now at almost $5 million per breach. We should make sure our cybersecurity insurance falls in line with these numbers. Insight #2: Ditto for open-source nasties in repos According to a new report , the number of malicious packages uploaded to open-source repositories has increased 150% in the last year.

CISO 78

CISO Cybersecurity Data breaches Insurance 78

Zero Day

OCTOBER 18, 2024

Amazon just released a new Fire TV Stick HD, retiring the Fire TV Stick and Fire TV Stick Lite. Here's what that means.

98

98

CompTIA on Cybersecurity

OCTOBER 18, 2024

What does the maturing of cybersecurity look like in today’s tech landscape? Explore what the CompTIA State of Cybersecurity 2025 report has to say.

Cybersecurity 84

Cybersecurity 84

SecureBlitz

OCTOBER 18, 2024

I will show you the best proxies for bots in this post. In today's digital landscape, bots have become increasingly common for various legitimate purposes, such as web scraping, market research, and automated testing. However, choosing the right proxy service is crucial to ensure smooth and efficient bot operations. This comprehensive guide will explore the […] The post Best Proxies for Bots: Ethical Usage and Top Providers appeared first on SecureBlitz Cybersecurity.

Marketing 74

Marketing Cybersecurity 74

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity

Penetration Testing

OCTOBER 18, 2024

Synology has issued a security advisory, Synology-SA-24:17, warning of critical vulnerabilities in several of its camera firmware products, including Synology Camera BC500, TC500, and CC400W. The vulnerabilities, which could allow... The post Critical Flaw in Synology Camera Firmware Expose Devices to RCE and DoS Attacks appeared first on Cybersecurity News.

Firmware 79

Firmware Cybersecurity 79

WIRED Threat Level

OCTOBER 18, 2024

Sixty-five years ago, the Army's leaders unveiled its “ultimate weapon” for the age of atomic warfare. Here’s how the service’s vision stands up to today's reality.

77

77

SecureBlitz

OCTOBER 18, 2024

Learn how to build cybersecurity expertise as a professional in this post. The cybersecurity landscape is evolving as digital threats become more sophisticated. Current trends emphasize proactive measures, such as artificial intelligence for threat detection. The rise of remote work has expanded the attack surface, making robust security practices essential.

Artificial Intelligence 72

Artificial Intelligence Cybersecurity Threat Detection 72

Security Boulevard

OCTOBER 18, 2024

In today’s ever-evolving cybersecurity landscape, organizations are grappling with a delicate balance: safeguarding their digital environments while managing costs and ensuring compliance. At GITEX Global 2024, Seceon proudly joined our partner Tech First Gulf at Hall 2, Stand B30, where we demonstrated how our solutions provide more than just automated cybersecurity—they offer a strategic approach The post Seceon at GITEX Global 2024: Driving Cybersecurity Innovation with Tech First Gulf appear

Cybersecurity 72

Cybersecurity 72

Advertisement

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

Government