Schneier on Security

MAY 28, 2024

Quantum computers are probably coming, though we don’t know when—and when they arrive, they will, most likely, be able to break our standard public-key cryptography algorithms. In anticipation of this possibility, cryptographers have been working on quantum-resistant public-key algorithms. The National Institute for Standards and Technology (NIST) has been hosting a competition since 2017, and there already are several proposed standards.

Encryption 300

Encryption Technology 300

Krebs on Security

MAY 28, 2024

The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5 , an online anonymity service that for many years was the easiest and cheapest way to route one’s Web traffic through malware-infected computers around the globe. KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later.

VPN 243

VPN Banking Cybercrime Internet 243

Tech Republic Security

MAY 28, 2024

Australia is grappling with this cyber security challenge that is resulting in frequent breaches across large companies. Here are possible solutions, including how cyber security pros can help.

Cybersecurity 165

Cybersecurity 165

The Last Watchdog

MAY 28, 2024

Spread spectrum technology helped prevent the jamming of WWII radio-controlled torpedoes and subsequently became a cornerstone of modern-day telecom infrastructure. For its next act, could spread spectrum undergird digital resiliency? I had an evocative discussion about this at RSAC 2024 with Dispersive CEO Rajiv Plimplaskar. For a full drill down, please give the accompanying podcast a listen.

Encryption 130

Encryption Internet Internet Technology 130

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Tech Republic Security

MAY 28, 2024

TechRepublic identified the top five emerging cloud technology trends that businesses in the U.K. should be aware of this year.

Technology 166

Technology Big data Artificial Intelligence Network Security 166

WIRED Threat Level

MAY 28, 2024

Thanks to a flaw in a decade-old version of the RoboForm password manager and a bit of luck, researchers were able to unearth the password to a crypto wallet containing a fortune.

Passwords 142

Passwords Password Management Cryptocurrency Hacking 142

The Last Watchdog

MAY 28, 2024

Cary, NC, May 28, 2024, CyberNewsWire — If there is a single theme circulating among Chief Information Security Officers (CISOs) right now, it is the question of how to get stakeholders on board with more robust cybersecurity training protocols. There are key points debated about why you should provide cybersecurity training to your IT professionals, like the alarming increase in cyberattacks (an increase of 72% over the all-time high in 2021, according to the Identity Theft Research Cente

CISO 113

CISO Cybersecurity Data breaches Cyber threats 113

Bleeping Computer

MAY 28, 2024

Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity. [.

Adware 133

Adware Banking Malware Mobile 133

Security Boulevard

MAY 28, 2024

Cyber attack tactics are evolving, according to a new report, from advanced campaigns to exploiting weaknesses, and cybersecurity teams should be optimally employed. The post HP Report Surfaces Shifts in Cyber Attack Tactics appeared first on Security Boulevard.

Cyber Attacks 130

Cyber Attacks Cybersecurity Cyber threats Security Awareness 130

Tech Republic Security

MAY 28, 2024

What is the best VPN provider in Canada? Use our guide to compare the pricing and features of our recommended VPNs for Canada.

VPN 139

VPN 139

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Security Affairs

MAY 28, 2024

Researchers released a proof-of-concept (PoC) exploit for remote code execution flaw CVE-2024-23108 in Fortinet SIEM solution. Security researchers at Horizon3’s Attack Team released a proof-of-concept (PoC) exploit for a remote code execution issue, tracked as CVE-2024-23108 , in Fortinet’s SIEM solution. The PoC exploit allows executing commands as root on Internet-facing FortiSIEM appliances.

Internet 137

Internet Internet Hacking Cybersecurity 137

Security Boulevard

MAY 28, 2024

OpenAI has a new Safety and Security Committee in place fewer than two weeks after disbanding its “superalignment” team, a year-old unit that was tasked with focusing on the long-term effects of AI. In a blog post Tuesday, the Microsoft-backed company said the new committee will comprise CEO Sam Altman and board of director members. The post OpenAI Launches Security Committee Amid Ongoing Criticism appeared first on Security Boulevard.

Social Engineering 126

Social Engineering Engineering Risk Cybersecurity 126

The Hacker News

MAY 28, 2024

The threat actors behind the CatDDoS malware botnet have exploited over 80 known security flaws in various software over the past three months to infiltrate vulnerable devices and co-opt them into a botnet for conducting distributed denial-of-service (DDoS) attacks.

DDOS 132

DDOS Malware Software 132

Security Boulevard

MAY 28, 2024

Pork Talk: “Pig butchering” scams are on the rise via social media. The post ‘Microsoft’ Scammers Steal the Most, says FTC appeared first on Security Boulevard.

Scams 127

Scams Media Social Engineering Banking 127

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Security Affairs

MAY 28, 2024

Threat actors are exploiting a WordPress plugin to insert malicious PHP code in e-commerce sites and steal credit card data. Sucuri researchers observed threat actors using a PHP snippet WordPress plugin to install malicious code in WooCommerce e-stores and harvest credit card details. In the campaign spotted by the experts, attackers use a very obscure WordPress plugin called Dessky Snippets , which has only a few hundred active installations at the time of writing.

eCommerce 138

eCommerce Firewall Malware Passwords 138

Security Boulevard

MAY 28, 2024

Need to get your audience’s attention so they listen to your cybersecurity lessons? Share these true stories to engage their attention and, perhaps, make them laugh. The post Using Scary but Fun Stories to Aid Cybersecurity Training appeared first on Security Boulevard.

Cybersecurity 119

Cybersecurity Social Engineering Engineering 119

Bleeping Computer

MAY 28, 2024

Many users report that YouTube videos automatically skip to the end or muting video if they are using an ad blocker, making it impossible for them to watch the video. [.

120

120

Security Affairs

MAY 28, 2024

Dutch bank ABN Amro discloses data breach following a ransomware attack hit the third-party services provider AddComm. Dutch bank ABN Amro disclosed a data breach after third-party services provider AddComm suffered a ransomware attack. AddComm distributes documents and tokens physically and digitally to clients and employees. The ransomware attack occurred last week and unauthorized parties may have obtained access to data of a limited number of ABN AMRO clients.

Data breaches 138

Data breaches Banking Ransomware Phishing 138

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Security Boulevard

MAY 28, 2024

The link between cybersecurity and personal reputation management for executives is significant. As leaders in their respective fields, executives are often the face of their company’s brand, and are responsible for maintaining the trust of customers, investors, and the public. However, with the rise of cyber threats, this trust can be quickly undermined if proper […] The post The Link Between Cybersecurity and Reputation Management for Executives appeared first on BlackCloak | Protect Your

Cybersecurity 115

Cybersecurity Cyber threats 115

The Hacker News

MAY 28, 2024

You’re probably familiar with the term “critical assets”. These are the technology assets within your company's IT infrastructure that are essential to the functioning of your organization. If anything happens to these assets, such as application servers, databases, or privileged identities, the ramifications to your security posture can be severe.

Technology 121

Technology 121

We Live Security

MAY 28, 2024

A new white paper from ESET uncovers the risks and opportunities of artificial intelligence for cyber-defenders and how it could transform the ways in which organizations protect, detect and respond to attacks.

Artificial Intelligence 111

Artificial Intelligence Cybersecurity Risk 111

The Hacker News

MAY 28, 2024

An Indian national has pleaded guilty in the U.S. over charges of stealing more than $37 million by setting up a website that impersonated the Coinbase cryptocurrency exchange platform. Chirag Tomar, 30, pleaded guilty to wire fraud conspiracy, which carries a maximum sentence of 20 years in prison and a $250,000 fine. He was arrested on December 20, 2023, upon entering the country.

Cryptocurrency 119

Cryptocurrency 119

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

Tech Republic Security

MAY 28, 2024

Cryptography engineers often collaborate with cybersecurity teams to integrate robust cryptographic solutions into software, hardware and network infrastructure, addressing potential vulnerabilities and mitigating risks associated with data breaches or cyberattacks. This hiring kit, written by Franklin Okeke for TechRepublic Premium, provides a practical framework you can use to hire the ideal cryptography engineer for your.

Engineering 92

Engineering Data breaches Software Risk 92

Bleeping Computer

MAY 28, 2024

First American Financial Corporation, the second-largest title insurance company in the United States, revealed on Tuesday that a December cyberattack led to a breach impacting 44,000 individuals. [.

Data breaches 100

Data breaches Insurance 100

WIRED Threat Level

MAY 28, 2024

Police are using subtle psychological operations against ransomware gangs to sow distrust in their ranks—and trick them into emerging from the shadows.

Ransomware 108

Ransomware Hacking 108

SecureWorld News

MAY 28, 2024

Threat actors are targeting Check Point Remote Access VPN devices in an ongoing campaign to breach enterprise networks, the company has warned in a new advisory. In the advisory , Check Point says the attackers are targeting security gateways with old local accounts using insecure password-only authentication, which should be used with certificate authentication to prevent breaches.

VPN 90

VPN Passwords Authentication Architecture 90

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity

SecureList

MAY 28, 2024

IT outsourcing market continues to demonstrate strong growth globally – such services are becoming increasingly popular. But along with the advantages, such as saved time and resources, delegating non-core tasks creates new challenges in terms of information security. By providing third-party companies (service providers or contractors) with access to their infrastructure, businesses increase the risk of trusted relationship attacks – T1199 in the MITRE ATT&CK classification.

VPN 91

VPN Accountability Passwords Antivirus 91

Security Boulevard

MAY 28, 2024

As threats increase in sophistication—in many cases powered by GenAI itself—GenAI will play a growing role in combatting them. The post The Rise of Generative AI is Transforming Threat Intelligence – Five Trends to Watch appeared first on Security Boulevard.

Social Engineering 90

Social Engineering Engineering Security Awareness Risk 90

Bleeping Computer

MAY 28, 2024

Christie's confirmed that it suffered a security incident earlier this month after the RansomHub extortion gang claimed responsibility and threatened to leak stolen data. [.

88

88

Penetration Testing

MAY 28, 2024

Palo Alto Networks’ Unit 42 threat research team has unveiled a sophisticated and persistent cyber espionage campaign, codenamed Operation Diplomatic Specter, attributed to a Chinese state-sponsored threat actor. The campaign has been targeting governmental... The post Operation Diplomatic Specter: Chinese State-Sponsored Cyber Espionage Campaign Targeting Governments Across Three Continents appeared first on Penetration Testing.

Government 87

Government Penetration Testing 87

Advertisement

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

Government