Schneier on Security

NOVEMBER 22, 2024

Interesting analysis : We introduce and explore a little-known threat to digital equality and freedom­websites geoblocking users in response to political risks from sanctions. U.S. policy prioritizes internet freedom and access to information in repressive regimes. Clarifying distinctions between free and paid websites, allowing trunk cables to repressive states, enforcing transparency in geoblocking, and removing ambiguity about sanctions compliance are concrete steps the U.S. can take to ensur

DNS 232

DNS Internet Internet Risk 232

WIRED Threat Level

NOVEMBER 22, 2024

In a first, Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street.

Hacking 132

Hacking 132

Penetration Testing

NOVEMBER 22, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three actively exploited vulnerabilities affecting Apple and Oracle products. These flaws, added to CISA’s Known Exploited Vulnerabilities... The post CISA Sounds the Alarm on Actively Exploited Apple and Oracle Zero-Days appeared first on Cybersecurity News.

Cybersecurity 111

Cybersecurity 111

Security Boulevard

NOVEMBER 22, 2024

Nile is working to make Local Area Network (LAN) invulnerable by design; its latest effort to stop ransomware and lateral movement attacks. The networking-as-a-service vendor, on Thursday, announced the launch of Nile Trust Service, an add-on solution that it said will end the need to deploy a medley of localized point security solutions and provide.

Ransomware 103

Ransomware 103

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

The Hacker News

NOVEMBER 22, 2024

The threat actor known as Mysterious Elephant has been observed using an advanced version of malware called Asynshell. The attack campaign is said to have used Hajj-themed lures to trick victims into executing a malicious payload under the guise of a Microsoft Compiled HTML Help (CHM) file, the Knownsec 404 team said in an analysis published today.

Malware 100

Malware 100

Penetration Testing

NOVEMBER 22, 2024

Security researchers have uncovered a critical vulnerability in WinZip, a widely-used file archiving tool, that could allow attackers to bypass crucial security measures and potentially execute malicious code on users’... The post CVE-2024-8811: WinZip Flaw Allows Malicious Code Execution appeared first on Cybersecurity News.

Cybersecurity 98

Cybersecurity 98

Security Boulevard

NOVEMBER 22, 2024

U.S. law enforcement agencies seized the websites of four North Korean fake IT worker scams that were uncovered by SentinelOne threat researchers and linked to a larger network of Chinese front companies. The post U.S. Agencies Seize Four North Korean IT Worker Scam Websites appeared first on Security Boulevard.

Scams 93

Scams Security Awareness Cybersecurity Network Security 93

The Hacker News

NOVEMBER 22, 2024

Meta Platforms, Microsoft, and the U.S. Department of Justice (DoJ) have announced independent actions to tackle cybercrime and disrupt services that enable scams, fraud, and phishing attacks.

Cybercrime 90

Cybercrime Scams Phishing 90

Security Boulevard

NOVEMBER 22, 2024

Discover key phishing trends, tactics, and their impact on industries worldwide. Learn about the power of DMARC and how it can save your business. The post Email Phishing and DMARC Statistics appeared first on Security Boulevard.

Phishing 86

Phishing Security Awareness 86

Zero Day

NOVEMBER 22, 2024

This weird little device blew up on TikTok, but there's more to it than what lies on the surface. Here are some of the most useful features I've discovered.

90

90

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

SecureWorld News

NOVEMBER 22, 2024

The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group. The attacks have resulted in millions of dollars in theft, including cryptocurrency and sensitive corporate data, showcasing the ongoing threat of organized cybercrime.

Phishing 75

Phishing Identity Theft Cryptocurrency Cybercrime 75

Zero Day

NOVEMBER 22, 2024

Are you tired of remembering complex passwords across all your online services? A good password manager will do this for you. We tested the best password managers of 2024 to keep your credentials safe and simplify your login process.

Password Management 81

Password Management Passwords 81

The Hacker News

NOVEMBER 22, 2024

A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facilitate the delivery of the Cobalt Strike post-exploitation toolkit for follow-on information collection.

Media 74

Media 74

Zero Day

NOVEMBER 22, 2024

It's been an exciting year in the PC laptop industry, and we've gone hands-on with dozens of the best Windows laptops, putting their performance, battery life, and value to the test. Here are our top picks.

81

81

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

The Hacker News

NOVEMBER 22, 2024

Google Workspace has quickly become the productivity backbone for businesses worldwide, offering an all-in-one suite with email, cloud storage and collaboration tools. This single-platform approach makes it easy for teams to connect and work efficiently, no matter where they are, enabling seamless digital transformation that’s both scalable and adaptable.

Digital transformation 74

Digital transformation 74

Zero Day

NOVEMBER 22, 2024

This lifetime license bundle deal gives you access to the entire Microsoft Office Pro 2021 suite and Windows 11 Pro for just $55 for a limited time.

81

81

Security Boulevard

NOVEMBER 22, 2024

Quantum computing has long been a topic of intense research and debate, particularly regarding its potential impact on current cryptographic systems. The post The Race is on to Solve the Quantum Computing Security Challenge appeared first on Security Boulevard.

Security Awareness 72

Security Awareness Cybersecurity 72

BH Consulting

NOVEMBER 22, 2024

Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Microsoft moves to lock down admin accounts against exploits Microsoft is introducing a new security feature for Windows 11 called Admin Protection, designed to make admin accounts more secure during privileged or sensitive actions. Currently in testing, Admin Protection isolates high-level privileges within a locked ‘super admin’ account embedded in the operating system.

Accountability 72

Accountability Data privacy Scams Cybersecurity 72

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Boulevard

NOVEMBER 22, 2024

Implementing zero-trust is not straightforward — security teams can overlook critical items that impact zero-trust initiatives and limit their effectiveness. The post 5 Common Pitfalls to Avoid With Zero-Trust appeared first on Security Boulevard.

Architecture 71

Architecture VPN Cybersecurity 71

Zero Day

NOVEMBER 22, 2024

We tested and analyzed popular VPNs compatible with Apple's iPhone range and the iOS operating system to find the best options for protecting your privacy, streaming content, and more.

VPN 76

VPN 76

Security Boulevard

NOVEMBER 22, 2024

For small and mid-size businesses (SMBs), balancing IT and security resources can be both challenging and essential. With limited resources and personnel, SMBs often rely on multifunctional roles and streamlined operations. The post How Effective Network Management Enhances Collaboration Between IT and Security Teams appeared first on Security Boulevard.

Security Awareness 71

Security Awareness Cybersecurity Network Security 71

Heimadal Security

NOVEMBER 22, 2024

The FBI, the Australian Cyber Security Centre, and the U.S. Cybersecurity & Infrastructure Security Agency have issued a new advisory stating that the BianLian ransomware operation has changed its strategy and is now predominantly a data theft extortion gang. The same agencies issued a joint advisory in May that warned about BianLian’s shifting tactics, which […] The post CISA: BianLian Ransomware Focus Switches to Data Theft appeared first on Heimdal Security Blog.

Ransomware 68

Ransomware Cybersecurity 68

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Malwarebytes

NOVEMBER 22, 2024

Meta provided insight this week into the company’s efforts in taking down more than 2 million accounts that were connected to pig butchering scams on their owned platforms, Facebook and Instagram. Pig butchering scams are big business, with hundreds of millions of dollars involved every year. The numbers are not precise because some researchers see these scams as a special kind of romance scam , while others classify them as investment fraud , muddying the numbers based on which group is c

Accountability 68

Accountability Scams Cryptocurrency Identity Theft 68

Zero Day

NOVEMBER 22, 2024

Looking to get into vinyl but overwhelmed with where to start? Let ZDNET guide you to the best turntables, speakers, stereo receivers, and more.

105

105

Penetration Testing

NOVEMBER 22, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published an insightful report detailing the U.S. Department of Agriculture’s (USDA) successful implementation of phishing-resistant multi-factor authentication (MFA) using Fast IDentity Online... The post USDA Pioneers Phishing-Resistant MFA with Fast IDentity Online (FIDO) appeared first on Cybersecurity News.

Phishing 63

Phishing Authentication Cybersecurity 63

Zero Day

NOVEMBER 22, 2024

DeleteMe helps remove your address, phone number, and other personal information from online platforms to protect you from identity theft, robocalls, and data breaches -- and it's 25% off for Black Friday.

Identity Theft 72

Identity Theft Internet Internet Data breaches 72

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Penetration Testing

NOVEMBER 22, 2024

The cybercrime group known as Ignoble Scorpius has resurfaced with the BlackSuit ransomware, as detailed in a recent report from Unit 42 researchers. Emerging in May 2023 as a rebrand... The post Ignoble Scorpius Strikes Again: The Rise of BlackSuit Ransomware appeared first on Cybersecurity News.

Ransomware 63

Ransomware Cybercrime Cybersecurity Malware 63

Zero Day

NOVEMBER 22, 2024

Maintaining the correct tire pressure on your vehicle not only helps you save on gas, but also makes driving safer. Stay properly inflated with the Syncwire Tire Inflator.

66

66

Security Affairs

NOVEMBER 22, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-44308 Apple Multiple Products Code Execution Vulnerability CVE-2024-44309 Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability CVE-2024-21287 Oracle Agile Product Lifecycle Man

Spyware 64

Spyware Hacking Cybersecurity Risk 64

Zero Day

NOVEMBER 22, 2024

MSI's ultra-lightweight Prestige 13 AI Plus Evo can last an entire workday on one charge and delivers great performance - courtesy of its Lunar Lake processor.

74

74

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software