Schneier on Security
AUGUST 6, 2024
When an airplane crashes, impartial investigatory bodies leap into action, empowered by law to unearth what happened and why. But there is no such empowered and impartial body to investigate CrowdStrike’s faulty update that recently unfolded, ensnarling banks, airlines, and emergency services to the tune of billions of dollars. We need one. To be sure, there is the White House’s Cyber Safety Review Board.
Tech Republic Security
AUGUST 6, 2024
IBM’s recent Cost of a Data Breach report found that the average cost of a data breach in Australia reached a record-high in 2024. Explore additional key findings and how the Australian government is mitigating these threats.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
AUGUST 6, 2024
LAS VEGAS — As Black Hat USA 2024 plays out here this week, the disruptive impact of GenAI/LLM at many different levels will be in the spotlight. Related : GenAI introduces fresh risks We’re in early days. The productivity gains are ramping up – but so are the exposures. I had the chance to visit with Amod Gupta , head of product at Traceable ; we discussed how GenAI/LLM is reverberating at the API level, where hyper-interconnectivity continues to intensify.
Tech Republic Security
AUGUST 6, 2024
While Mullvad VPN offers strong privacy and transparency features, NordVPN’s feature-packed service and robust server fleet give it an advantage.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Security Affairs
AUGUST 6, 2024
Threat actors breached the UK-based mobile device management (MDM) firm Mobile Guardian and remotely wiped thousands of devices. Hackers breached the mobile device management (MDM) firm Mobile Guardian, the company detected unauthorized access to iOS and ChromeOS devices on August 4th. The incident impacted users globally, the attackers remotely wiped a small percentage of devices, according to the company.
Malwarebytes
AUGUST 6, 2024
If you’ve been following any news about ransomware , you may be under the impression that ransomware groups are only after organizations rather than individual people, and for the most part that’s true. However, Magniber is one ransomware that does target home users. And it’s back, with full force, demanding four figure ransoms to unencrypt data.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Malwarebytes
AUGUST 6, 2024
Google has released patches for 46 vulnerabilities in Android, including a remote code execution (RCE) vulnerability that it says has been used in limited, targeted attacks. You can find your device’s Android version number, security update level, and Google Play system level in your Settings app. You’ll get notifications when updates are available for you, but you can also check for updates.
The Hacker News
AUGUST 6, 2024
INTERPOL said it devised a "global stop-payment mechanism" that helped facilitate the largest-ever recovery of funds defrauded in a business email compromise (BEC) scam. The development comes after an unnamed commodity firm based in Singapore fell victim to a BEC scam in mid-July 2024.
Malwarebytes
AUGUST 6, 2024
Men report facing more pressure than women—and more threats of retaliation—to grant access to their locations and online accounts when in a committed relationship, according to a new analysis of data released this summer by Malwarebytes. The same analysis also revealed that, while men report more regret in sharing their locations, women report less awareness in how their locations can be accessed, particularly through food delivery apps, ride-hailing services, vacation rental platforms, and othe
Security Affairs
AUGUST 6, 2024
Ransomware attacks are the most significant risk for modern organizations, why organizations should avoid paying ransoms. Ransomware attacks are the most significant risk for modern organizations, with the Verizon Data Breach Report 2024 reporting that ransomware is a top threat across 92% of industries. In recent years, the number of ransomware attacks has grown significantly.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
The Hacker News
AUGUST 6, 2024
The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package registry with the aim of infecting Windows systems, underscoring the persistent nature of their campaigns. The packages in question, harthat-api and harthat-hash, were published on July 7, 2024, according to Datadog Security Labs.
Security Affairs
AUGUST 6, 2024
Google addressed an actively exploited high-severity vulnerability, tracked as CVE-2024-36971, impacting the Android kernel. Google fixed a high-severity flaw, tracked as CVE-2024-36971, impacting the Android kernel. The IT giant is aware that the vulnerability has been actively exploited in the wild. The company did not share details of the attacks exploiting this vulnerability.
The Hacker News
AUGUST 6, 2024
Apple on Tuesday announced an update to its next-generation macOS version that makes it a little more difficult for users to override Gatekeeper protections. Gatekeeper is a crucial line of defense built into macOS designed to ensure that only trusted apps run on the operating system.
Security Affairs
AUGUST 6, 2024
South Korea’s National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. South Korea’s national security and intelligence agencies, including the National Intelligence Service, the Prosecutor’s Office, the Police Agency, the Military Intelligence Command, and the Cyber Operations Command, have issued a joint cybersecurity advisory to warn that North Korea-linked hackers exploited VPN software update to install
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Bleeping Computer
AUGUST 6, 2024
Researchers have demonstrated a method to bypass an anti-phishing measure in Microsoft 365 (formerly Office 365), elevating the risk of users opening malicious emails.` [.
The Hacker News
AUGUST 6, 2024
Everyone loves the double-agent plot twist in a spy movie, but it’s a different story when it comes to securing company data. Whether intentional or unintentional, insider threats are a legitimate concern. According to CSA research, 26% of companies who reported a SaaS security incident were struck by an insider.
Security Affairs
AUGUST 6, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a deserialization of untrusted data vulnerability in Microsoft COM for Windows, tracked as CVE-2018-0824 (CVSS score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog.
Bleeping Computer
AUGUST 6, 2024
A hacker has breached Mobile Guardian, a digital classroom management platform used worldwide, and remotely wiped data from at least 13,000 student's iPads and Chromebooks. [.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Security Affairs
AUGUST 6, 2024
The Réunion des Musées Nationaux network, including Paris’ Grand Palais and other museums, was hit by a ransomware attack. A ransomware attack hit the Réunion des Musées Nationaux network, including Paris’ Grand Palais and other museums. The attack impacted around 40 museums across France. The attack occurred on Sunday, and despite some affected venues are hosting Summer Olympics competitions, the incident had no impact on the Olympic Games.
WIRED Threat Level
AUGUST 6, 2024
As digital threats against US water, food, health care, and other vital sectors loom large, a new project called UnDisruptable27 aims to help fix cybersecurity weaknesses where other efforts have failed.
Security Boulevard
AUGUST 6, 2024
C-level executives have insights, access and control over privileged company data, systems and finances. Such information and access are highly coveted by cybercriminals, due to their potential for exploitation and illicit gain. The post The C-Suite Conundrum: Are Senior Executives the Achilles’ Heel of Cybersecurity? appeared first on Security Boulevard.
Penetration Testing
AUGUST 6, 2024
The hacker group APT28 recently launched a new campaign to distribute the HeadLace malware through a fake car sale advertisement. The campaign began in March 2024 and is likely targeting diplomats. This tactic is... The post Fake Car Ads Conceal APT28’s HeadLace Malware Attack appeared first on Cybersecurity News.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
SecureWorld News
AUGUST 6, 2024
A contentious clash has erupted between Delta Air Lines and cybersecurity firm CrowdStrike following the July 19th incident in which a faulty update to CrowdStrike's Falcon software caused more than 8.5 million Windows devices worldwide to crash and become unbootable. The impact was particularly severe for Delta, resulting in more than 5,000 flight cancellations over five days and an estimated $500 million in losses, according to Delta CEO Ed Bastian.
Security Boulevard
AUGUST 6, 2024
On July 10th, the White House released Memorandum M24-14, giving administrative agencies guidance for cybersecurity priorities when building FY26 budgets. The […] The post White House Memo Pushes Federal Agencies on Cybersecurity appeared first on Security Boulevard.
Bleeping Computer
AUGUST 6, 2024
Google has confirmed plans to implement Web Monetization in Chrome, allowing website owners to receive micro-payments as tips or rewards for their content as an additional way to generate revenue. [.
Security Boulevard
AUGUST 6, 2024
AWS details Mithra, its massive neural network graph model that runs on its internal systems and is used to identify and rank malicious domains that threaten the cloud giants systems that hold its customers' data. The post AWS’ Mithra Neural Network Detects, Ranks Malicious Domains appeared first on Security Boulevard.
Advertisement
Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.
Bleeping Computer
AUGUST 6, 2024
Samsung has launched a new bug bounty program for its mobile devices with rewards of up to $1,000,000 for reports demonstrating critical attack scenarios. [.
Security Boulevard
AUGUST 6, 2024
Organizations that operate on a global scale must adopt some special practices to ensure not just that they can manage endpoints effectively, but also that they do so in ways that ensure a smooth experience for end-users. The post 5 Best Practices for Managing Endpoints On a Global Scale appeared first on Security Boulevard.
Graham Cluley
AUGUST 6, 2024
Are you eager for your credit report to be "cleaned-up" so lenders and landlords will have a better opinion of your financial responsibility and creditworthiness? You might be wise to read my article on the Hot for Security blog.
Bleeping Computer
AUGUST 6, 2024
A global stop-payment mechanism created by INTERPOL successfully recovered over $40 million stolen in a BEC attack on a company in Singapore. [.
Advertisement
IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.
Expert insights. Personalized for you.
277 
Let's personalize your content