Schneier on Security
OCTOBER 21, 2024
Tax farming is the practice of licensing tax collection to private contractors. Used heavily in ancient Rome, it’s largely fallen out of practice because of the obvious conflict of interest between the state and the contractor. Because tax farmers are primarily interested in short-term revenue, they have no problem abusing taxpayers and making things worse for them in the long term.
Tech Republic Security
OCTOBER 21, 2024
CISA advisor Nicole Perlroth closed out ISC2 Security Congress’ keynotes with a wake-up call for security teams to watch for nation-state-sponsored attacks.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Kali Linux
OCTOBER 21, 2024
The i386 architecture has long been obsolete, and from this week, support for i386 in Kali Linux is going to shrink significantly: i386 kernel and images are going away. Images and releases will no longer be created for this platform. Some terminology first Let’s start with the terms used in Kali Linux to talk about CPU architectures. These terms apply more generally to any Debian-based Linux distribution. amd64 refers to the x86-64 architecture, ie. the 64-bit version of the x86 instructi
The Hacker News
OCTOBER 21, 2024
The prolific Chinese nation-state actor known as APT41 (aka Brass Typhoon, Earth Baku, Wicked Panda, or Winnti) has been attributed to a sophisticated cyber attack targeting the gambling and gaming industry.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Tech Republic Security
OCTOBER 21, 2024
Macs may need additional antivirus protection in a business environment or high-risk use case. Bitdefender is the best overall Mac antivirus provider when it comes to protection, usability, and performance.
Security Affairs
OCTOBER 21, 2024
Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment. IntelBroker claimed to have gained access to Github projects, Gitlab Projects, SonarQube projects, Source code, hard coded credentials, Certificates, Customer SRCs, Cisco Confidential Documents, Jira tickets, API tokens, AWS Private buckets, Cisco Technology SRCs, Doc
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Affairs
OCTOBER 21, 2024
The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. The Internet Archive was breached via Zendesk, with users receiving warnings about stolen GitLab tokens due to improper token rotation after repeated alerts. BleepingComputer first reported the news of the incident, after it received several messages from people who received replies to their old Internet Archive removal requests, warning that the organization
Tech Republic Security
OCTOBER 21, 2024
Australia's Scam Prevention Framework aims to protect consumers by holding tech, banking, and telecom sectors accountable, with fines up to $50 million.
Security Boulevard
OCTOBER 21, 2024
Despite 80% of IT leaders expressing confidence that their organization won’t fall for phishing attacks, nearly two-thirds admitted they’ve clicked on phishing links themselves. This overconfidence is coupled with concerning behaviors, as 36% of IT leaders have disabled security measures on their systems, undermining organizational defenses. These were among the chief results of an Arctic.
The Hacker News
OCTOBER 21, 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation as a zero-day. The vulnerability in question, tracked as CVE-2024-9537 (CVSS v4 score: 9.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Boulevard
OCTOBER 21, 2024
Chinese researchers used a D-Wave quantum computer to crack a 22-bit encryption key, which can be used as a cautionary tale for what may lie ahead with future quantum systems but doesn't threaten the classical encryption being widely used today. The post Chinese Research Using Quantum System to Crack Encryption a ‘Cautionary Tale’ appeared first on Security Boulevard.
The Hacker News
OCTOBER 21, 2024
Hi there! Here’s your quick update on the latest in cybersecurity. Hackers are using new tricks to break into systems we thought were secure—like finding hidden doors in locked houses. But the good news? Security experts are fighting back with smarter tools to keep data safe. Some big companies were hit with attacks, while others fixed their vulnerabilities just in time.
Security Boulevard
OCTOBER 21, 2024
Authors/Presenters: Peiyu Wang Our sincere appreciation to DEF CON , and the Presenters/Authors for publishing their timely []DEF CON 32] 2 erudite content. Originating from the conference’s events located at the Las Vegas Convention Center ; and via the organizations YouTube channel. Permalink The post DEF CON 32 – AppSec Village – Web2 Meets Web3 Hacking Decentralized Applications appeared first on Security Boulevard.
Tech Republic Security
OCTOBER 21, 2024
There has been plenty of hype around secure access service edge. Some even say it is replacing legacy network and security architectures. Drew Robb, writing for TechRepublic Premium, lays out what it is, how it fits within the security and networking landscape, whether it is replacing SD-WAN, its benefits, its challenges, and how to implement.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
IT Security Guru
OCTOBER 21, 2024
October is widely regarded as Cybersecurity Awareness Month. While awareness is crucial in our increasingly perilous cyber landscape – where threats to both organisations and individuals are growing in scale and sophistication – action is now paramount. Recent research indicates that 95% of IT leaders believe cyber attacks are more advanced than ever, largely due to the accessibility of AI technologies.
The Hacker News
OCTOBER 21, 2024
Pentest Checklists Are More Important Than Ever Given the expanding attack surface coupled with the increasing sophistication of attacker tactics and techniques, penetration testing checklists have become essential for ensuring thorough assessments across an organization’s attack surface, both internal and external.
We Live Security
OCTOBER 21, 2024
Watch out for schemes where fraudsters trick people into sharing verification codes so they can gain access to their phone numbers
Digital Guardian
OCTOBER 21, 2024
Zero Trust is a cybersecurity model requiring verification of all internal and external access attempts, eliminating trust to prevent breaches. Learn more about what goes into a zero trust security model and zero trust network access (ZTNA) in this blog.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Security Boulevard
OCTOBER 21, 2024
In today’s data-driven world, data breaches are one of the most significant threats facing organizations, with the financial impact varying widely across industries. The cost of a data breach is often determined by the nature of the data involved and the regulatory landscape governing the industry. Sectors like healthcare and financial services, which handle highly […] The post Data Breach Statistics [2024] : Penalties and Fines for Major regulations first appeared on Accutive Security.
Trend Micro
OCTOBER 21, 2024
In this blog entry, we discuss how malicious actors are exploiting Docker remote API servers via gRPC/h2c to deploy the cryptominer SRBMiner to facilitate their mining of XRP on Docker hosts.
Zero Day
OCTOBER 21, 2024
The Amazon Fire TV Omni QLED offers great picture and audio quality for both streaming and console gaming. Save $150 on the 55-inch model, but you'll have to hurry because you might not see a deal this good again until Black Friday.
SecureWorld News
OCTOBER 21, 2024
Acquiring a security solution can be a complex process. Most organizations undergo a justification process to secure funding for the purchase. Some focus on the solution's problem-solving capabilities, suitability, and efficacy. In contrast, more mature organizations quantify risk, comparing the original risk against the cost of the solution and the residual risk after deployment to decide whether to proceed with the purchase.
Advertisement
Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.
SecureList
OCTOBER 21, 2024
Introduction Information stealers, which are used to collect credentials to then sell them on the dark web or use in subsequent cyberattacks, are actively distributed by cybercriminals. Some of them are available through a monthly subscription model, thus attracting novice cybercriminals. According to Kaspersky Digital Footprint Intelligence, almost 10 million devices, both personal and corporate, were attacked by information stealers in 2023.
Security Boulevard
OCTOBER 21, 2024
A survey of 510 IT security and risk practitioners finds 93% have access to a comprehensive inventory of human and non-human identities across their IT environments, with 85% having a clear line of visibility and monitoring into who is doing what. However, just under half (45%) also noted there has been some type of unauthorized. The post Survey Surfaces Depth and Scope of Identity Management Challenge appeared first on Security Boulevard.
SecureWorld News
OCTOBER 21, 2024
On October 15, 2024, Cisco issued a public statement acknowledging reports of an alleged security incident involving the unauthorized access of specific Cisco data and data belonging to its customers. While Cisco has maintained that no breach of its core systems occurred, the evolving situation highlights companies' persistent challenges in balancing transparency and security.
WIRED Threat Level
OCTOBER 21, 2024
A new document shows the Department of Homeland Security is concerned that Chinese investment in lithium batteries to power energy grids will make them a threat to US supply chain security.
Advertisement
IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.
Cisco Security
OCTOBER 21, 2024
Security software can be the first line of defense or the last, and the cost of failure is catastrophic. That's why quality is priority zero for Cisco. Security software can be the first line of defense or the last, and the cost of failure is catastrophic. That's why quality is priority zero for Cisco.
Zero Day
OCTOBER 21, 2024
ESR's new Qi2 car mount can wirelessly charge your iPhone at 15W while staying cool, thanks to its CryoBoost feature.
CompTIA on Cybersecurity
OCTOBER 21, 2024
Explore the transformative impact of DoD 8140.03 on IT workforce strategies, emphasizing continuous development and skill standardization. Explore how CompTIA certifications can help elevate your cyber workforce.
Zero Day
OCTOBER 21, 2024
Only weeks after Red Hat released Red Hat Enterprise Linux AI, the company rolled out the next version: RHEL AI 1.2.
Advertisement
Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.
Expert insights. Personalized for you.
201 
Let's personalize your content