Schneier on Security

DECEMBER 18, 2023

More unconstrained surveillance : Lawmakers noted the pharmacies’ policies for releasing medical records in a letter dated Tuesday to the Department of Health and Human Services (HHS) Secretary Xavier Becerra. The letter—signed by Sen. Ron Wyden (D-Ore.), Rep. Pramila Jayapal (D-Wash.), and Rep. Sara Jacobs (D-Calif.)—said their investigation pulled information from briefings with eight big prescription drug suppliers.

Surveillance 295

Surveillance Government Healthcare 295

Security Affairs

DECEMBER 18, 2023

An alleged Lockbit 3.0 ransomware attack on the Italian cloud service provider Westpole disrupted multiple services of local and government organizations and municipalities. A cyber attack hit on December 8, 2023 the Italian cloud service provider Westpole, which is specialized in digital services for public administration. The incident impacted a Westpole’s customer company named PA Digitale which offers its services to various local and government organizations that rely on its platform

Ransomware 144

Ransomware Cyber Attacks Government Media 144

WIRED Threat Level

DECEMBER 18, 2023

On Telegram, scammers are impersonating doctors to sell fake Covid-19 vaccination certificates and other products, showing how criminals are taking advantage of conspiracy theories.

129

129

Security Affairs

DECEMBER 18, 2023

Info stealers, the type of malware with its purpose in the name, can cripple businesses and everyday users alike. So, how do you protect against them? Info stealers, also known as information stealers, are a type of malicious software (malware) designed to covertly collect sensitive and personal information from a victim’s computer or network.

Banking 133

Banking Cybercrime Malware Accountability 133

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Bleeping Computer

DECEMBER 18, 2023

Comcast Cable Communications, doing business as Xfinity, disclosed on Monday that attackers who breached one of its Citrix servers in October also stole customer-sensitive information from its systems. [.

Data breaches 127

Data breaches Hacking 127

Security Boulevard

DECEMBER 18, 2023

With the holiday season well underway, a threat group with a history of gift card scams is ramping up its efforts, according to Microsoft. The vendor’s Threat Intelligence unit wrote in a posting on X (formerly Twitter) that it has seen a “significant surge in activity associated with the threat actor Storm-0539, known to target. The post Microsoft: Storm-0539 Group Behind a Surge of Gift Card Scams appeared first on Security Boulevard.

Scams 126

Scams Security Awareness Mobile Cybersecurity 126

The Last Watchdog

DECEMBER 18, 2023

Rehovot, Israel Dec. 18, 2023 – Salvador Technologies , the pioneering cyber-attack recovery platform provider for critical infrastructures and industrial organizations, today announced that it has secured $6m in funding. Salvador Technologies’ investment round was led by Pico Venture Partners with participation from existing investors, such as Pitango VC and Sarona Partners , who continue to play an essential role in shaping the company.

Technology 100

Technology Cyber Attacks Artificial Intelligence Manufacturing 100

Tech Republic Security

DECEMBER 18, 2023

Cyber scams pose a significant threat to organizations of all sizes, regardless of their industry or geographic location. This article from TechRepublic Premium digs into the nature of these scams while also highlighting the measures organizations can take to shield their employees from becoming victims. From the download: ESTABLISH STRONG PASSWORD POLICIES AND LEAST PRIVILEGED.

Scams 104

Scams Passwords 104

Security Boulevard

DECEMBER 18, 2023

They’ve been detailed, debated, and fretted about for months, but as of today, the Securities and Exchange Commission’s new set of rules dictating how and when public companies must disclose “material” cyberattacks go into effect. The new regulation and the SEC itself have gotten their share of blowback from companies worried that the rules –. The post Controversial SEC Cyber Disclosure Rules Take Effect appeared first on Security Boulevard.

Data privacy 115

Data privacy Data breaches Security Awareness Malware 115

Security Affairs

DECEMBER 18, 2023

Experts warn of a new phishing campaign distributing the QakBot malware, months after law enforcement dismantled its infrastructure. In August, the FBI announced that the Qakbot botnet was dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’ Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008.

Malware 131

Malware Phishing Ransomware Hacking 131

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

eSecurity Planet

DECEMBER 18, 2023

The impending holidays don’t mean a break from cybersecurity threats. This week’s news includes open-source software vulnerabilities, endangered data, and continued attacks from state-sponsored Russian threat groups. Google’s Dataproc security issues could be exploited not just through the analytics engine but through Google Compute Engine, too.

Backups 113

Backups Firewall Engineering Software 113

Hacker Combat

DECEMBER 18, 2023

Copying and pasting text and images on a Mac is easy using keyboard shortcuts or the contextual menu, yet sometimes files that have been copied over lose their formatting when. The post How to Copy and Paste on Mac? appeared first on Hacker Combat.

111

111

eSecurity Planet

DECEMBER 18, 2023

Cloud computing services, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS), each have unique security concerns. IaaS involves virtualized computing resources over the internet, with users responsible for securing the operating system, applications, data, and networks. Security concerns include data protection, network security, identity and access management, and physical security.

Encryption 113

Encryption Data breaches Data privacy Risk 113

Security Boulevard

DECEMBER 18, 2023

Automated tools simplify the Linux kernel patching process. Most distributions provide patches through system updates. Live patching eliminates the need to reboot the system. Debunking Myths about Linux Kernel Patching The kernel is the heart of the Linux operating system that powers a majority of computing devices around the globe. As […] The post Debunking Myths About Linux Kernel Patching appeared first on TuxCare.

Education 111

Education 111

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Bleeping Computer

DECEMBER 18, 2023

The KB5033375 cumulative update released during the December 2023 Patch Tuesday causes Wi-Fi connectivity issues on some Windows 11 devices. [.

124

124

Penetration Testing

DECEMBER 18, 2023

In the ever-evolving landscape of cybersecurity, a new threat has emerged, targeting the integrity of Secure Shell (SSH) communications – the Terrapin Attack. SSH, a vital tool for secure access to network services, is... The post CVE-2023-48795: SSH Flaw Lets Hackers Strip Secrets From Your Connection appeared first on Penetration Testing.

Penetration Testing 111

Penetration Testing Cybersecurity 111

Bleeping Computer

DECEMBER 18, 2023

The Federal Bureau of Investigation (FBI) says the Play ransomware gang has breached roughly 300 organizations worldwide between June 2022 and October 2023, some of them critical infrastructure entities. [.

Ransomware 110

Ransomware 110

Identity IQ

DECEMBER 18, 2023

How to Avoid Fake QR Code Scams IdentityIQ In today’s tech-driven world, QR (quick response) codes are everywhere. From facilitating contactless payments to accessing menus and websites, these quick response codes offer convenience and speed and are trusted by almost everyone. But how do you know what you’re getting with a QR code? Fake QR code scams have quickly become a massive issue.

Scams 105

Scams Identity Theft Phishing Malware 105

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Hacker Combat

DECEMBER 18, 2023

Instagram is an amazing social platform where you can stay in touch with your friends and influencers, but sometimes it can be too much. Taking a break may help. Instagram. The post How to Temporarily Deactivate Instagram? appeared first on Hacker Combat.

105

105

Penetration Testing

DECEMBER 18, 2023

Recently, a significant security vulnerability in the Linux NetFilter kernel has been discovered, allowing unprivileged local users to escalate their privileges, allowing complete control over a system. This flaw, designated as CVE-2023-6817, poses a... The post CVE-2023-6817: Linux Kernel NetFilter Flaw Opens Root Access appeared first on Penetration Testing.

Penetration Testing 110

Penetration Testing 110

Hacker Combat

DECEMBER 18, 2023

Keep your AirPods protected when not in use by keeping them inside a waterproof charging case to protect them from falling into liquid environments such as puddles, sinks or other. The post Why Your AirPods Aren’t Waterproof appeared first on Hacker Combat.

105

105

The Hacker News

DECEMBER 18, 2023

Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote code execution on the Outlook email service sans any user interaction.

Internet 107

Internet Internet 107

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

Hacker Combat

DECEMBER 18, 2023

Instagram doesn’t inform its users when their Story or Reel has been screengrabbed – no matter whether they have millions of followers or just an everyday account – which means. The post How to Know If Someone Screengrabs Your Instagram Story appeared first on Hacker Combat.

Accountability 104

Accountability 104

Bleeping Computer

DECEMBER 18, 2023

Four vulnerabilities, one of which is rated critical, have been discovered in the Perforce Helix Core Server, a source code management platform widely used by the gaming, government, military, and technology sectors. [.

Government 101

Government Technology 101

Hacker Combat

DECEMBER 18, 2023

The iPhone offers multiple ways of scanning QR codes, but the quickest and easiest method is using its built-in camera app. Open your camera app and point at a QR. The post How To Scan a QR Code On iPhone appeared first on Hacker Combat.

104

104

Bleeping Computer

DECEMBER 18, 2023

Mr. Cooper is sending notices of a data breach to customers who were impacted by a cyberattack the firm suffered in November 2023. [.

Data breaches 116

Data breaches 116

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity

Hacker Combat

DECEMBER 18, 2023

An inactive Facebook business page won’t do your brand any good; sometimes, it may be best to delete it and start fresh. Deleting a page is straightforward and can be. The post How To Delete a Facebook Business Page? appeared first on Hacker Combat.

103

103

Malwarebytes

DECEMBER 18, 2023

Database provider MongoDB has posted a security notice about a security incident in which attackers obtained unauthorized access to some of its corporate systems. The targeted system contained customer names, phone numbers, and email addresses among other customer account metadata, including system logs for one customer. That customer has been notified separately and there is no evidence that any other customers’ system logs were accessed.

Data breaches 97

Data breaches Social Engineering Phishing Authentication 97

Hacker Combat

DECEMBER 18, 2023

AirPods work well with Android, but the experience may be less satisfying or convenient compared to Apple’s ecosystem. Certain features are unavailable such as customizing double-tap functionality and access to. The post Do AirPods Work With Android? appeared first on Hacker Combat.

102

102

The Hacker News

DECEMBER 18, 2023

The threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023, according to a new joint cybersecurity advisory from Australia and the U.S.

Ransomware 100

Ransomware Encryption Cybersecurity 100

Advertisement

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

Government