Schneier on Security

JUNE 14, 2024

This is really neat demo of the security problems arising from reusing nonces with a symmetric cipher in GCM mode.

Encryption 313

Encryption 313

Tech Republic Security

JUNE 14, 2024

From saving on flights and hotels to protecting your data when working online, these tips could save you money in the long run.

VPN 168

VPN Mobile Network Security 168

Schneier on Security

JUNE 14, 2024

This is a current list of where and when I am scheduled to speak: I’m appearing on a panel on Society and Democracy at ACM Collective Intelligence in Boston, Massachusetts. The conference runs from June 26 through 29, 2024, and my panel is at 9:00 AM on Friday, June 28. I’m speaking on “Reimagining Democracy in the Age of AI” at the Bozeman Library in Bozeman, Montana, USA, July 18, 2024.

300

300

Tech Republic Security

JUNE 14, 2024

An upcoming blog post for members of the Windows Insider Program will explain how to get the AI-powered Recall feature.

Artificial Intelligence 167

Artificial Intelligence Software 167

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Penetration Testing

JUNE 14, 2024

Security researchers are raising the alarm as proof-of-concept (PoC) exploit code targeting a recently patched high-severity vulnerability (CVE-2024-26229) in Microsoft Windows has surfaced on GitHub. The vulnerability could allow attackers to gain SYSTEM privileges,... The post CVE-2024-26229: Windows Elevation of Privilege Flaw Weaponized, PoC Exploit on GitHub appeared first on Cybersecurity News.

Cybersecurity 145

Cybersecurity 145

Security Boulevard

JUNE 14, 2024

The rise in U.S.-politics-themed scams indicates that adversarial nation states understand the significance of election years. The post Chinese Threats Aim for Government Sector appeared first on Security Boulevard.

Government 135

Government Scams Security Awareness Cybersecurity 135

Security Boulevard

JUNE 14, 2024

PTaaS involves outsourcing penetration testing activities to a trusted third-party service provider, saving busy internal teams valuable time and offering an objective outsider’s perspective of their systems. The post Penetration-Testing-as-a-Service: An Essential Component of the Cybersecurity Toolkit appeared first on Security Boulevard.

Penetration Testing 130

Penetration Testing Cybersecurity Security Awareness 130

The Hacker News

JUNE 14, 2024

Google's plans to deprecate third-party tracking cookies in its Chrome web browser with Privacy Sandbox has run into fresh trouble after Austrian privacy non-profit noyb (none of your business) said the feature can still be used to track users.

Advertising 130

Advertising 130

Security Affairs

JUNE 14, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-32896 Android Pixel Privilege Escalation Vulnerability CVE-2024-26169 Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerabi

Firmware 129

Firmware Authentication Hacking Cybersecurity 129

Security Boulevard

JUNE 14, 2024

Copilot Plus? More like Copilot Minus: Redmond realizes Recall requires radical rethink. The post Recall ‘Delayed Indefinitely’ — Microsoft Privacy Disaster is Cut from Copilot+ PCs appeared first on Security Boulevard.

Digital transformation 128

Digital transformation Artificial Intelligence Social Engineering Data privacy 128

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

The Hacker News

JUNE 14, 2024

As cyber threats loom large and data breaches continue to pose increasingly significant risks. Organizations and industries that handle sensitive information and valuable assets make prime targets for cybercriminals seeking financial gain or strategic advantage.

Data breaches 125

Data breaches Cyber threats Risk 125

Bleeping Computer

JUNE 14, 2024

A former quality assurance employee of National Computer Systems (NCS) was sentenced to two years and eight months in prison for reportedly deleting 180 virtual servers after being fired. [.

120

120

Security Boulevard

JUNE 14, 2024

Companies are achieving revenue growth by addressing the needs of mid-market enterprises, offering tailored solutions that provide high value at a competitive price point. The post SASE Market Growth Continues, Led by Cisco, Zscaler appeared first on Security Boulevard.

Marketing 119

Marketing Cybersecurity 119

Bleeping Computer

JUNE 14, 2024

NHS England revealed today that multiple London hospitals impacted by last week's Synnovis ransomware attack were forced to cancel hundreds of planned operations and appointments. [.

Ransomware 116

Ransomware Healthcare 116

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Security Boulevard

JUNE 14, 2024

In today's rapidly evolving digital landscape, the importance of data security cannot be overstated. Organisations across the globe are increasingly seeking robust solutions to protect their sensitive information from cyber threats. Among the leaders in providing such solutions is comforte AG, a company renowned for its expertise in data-centric security.

Cyber threats 115

Cyber threats 115

Bleeping Computer

JUNE 14, 2024

Microsoft says it removed a Copilot app that was "incorrectly" added to Windows 10 and Windows 11 systems in April due to buggy Microsoft Edge updates. [.

116

116

Malwarebytes

JUNE 14, 2024

On Wednesday June 12, 2024, a well-known dark web data broker and cybercriminal acting under the name “Sp1d3r” offered a significant amount of data allegedly stolen from Truist Bank for sale. Truist is a US bank holding company and operates 2,781 branches in 15 states and Washington DC. By assets, it is in the top 10 of US banks. In 2020, Truist provided financial services to about 12 million consumer households.

Data breaches 112

Data breaches Banking Passwords Phishing 112

Bleeping Computer

JUNE 14, 2024

Mozilla Firefox finally allows you to further protect local access to stored credentials in the browser's password manager using your device's login, including a password, fingerprint, pin, or other biometrics [.

Passwords 113

Passwords Password Management Software 113

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

The Hacker News

JUNE 14, 2024

Data is growing faster than ever. Remember when petabytes (that's 1,000,000 gigabytes!) were only for tech giants? Well, that's so last decade! Today, businesses of all sizes are swimming in petabytes. But this isn't just about storage anymore. This data is ALIVE—it's constantly accessed, analyzed, shared, and even used to train the next wave of AI.

111

111

SecureBlitz

JUNE 14, 2024

In this post, we will show you the Kaspersky Antivirus review. In an age where our digital lives are constantly under threat, antivirus software has become an essential tool for protecting our devices and personal information. Among the myriad of options available, Kaspersky Antivirus has consistently stood out for its robust security features and user-friendly […] The post Honest Kaspersky Antivirus Review appeared first on SecureBlitz Cybersecurity.

Antivirus 110

Antivirus Software Cybersecurity 110

Bleeping Computer

JUNE 14, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Windows vulnerability abused in ransomware attacks as a zero-day to its catalog of actively exploited security bugs. [.

Ransomware 106

Ransomware Cybersecurity 106

Heimadal Security

JUNE 14, 2024

A 28-year-old Russian man has been taken into custody by the Ukraine cyber police in Kyiv for his involvement in the Conti and LockBit ransomware operations, which involved making their malware impervious to antivirus software and carrying out at least one attack personally. The Dutch police, who responded to a ransomware attack and subsequent data […] The post Crypter Specialist Involved in the Conti and LockBit Attack Arrested appeared first on Heimdal Security Blog.

Antivirus 101

Antivirus Ransomware Malware Software 101

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Bleeping Computer

JUNE 14, 2024

PCBA manufacturing giant Keytronic is warning it suffered a data breach after the Black Basta ransomware gang leaked 530GB of the company's stolen data two weeks ago. [.

Data breaches 94

Data breaches Ransomware Manufacturing 94

Heimadal Security

JUNE 14, 2024

In the last decade, cybersecurity has come a long way. Once upon a time, keeping your IT environment secure largely required passwords, firewalls, and antivirus. In the days since, the move to cloud technology has thrown up a whole range of advanced tools and defenses to protect organizations that have employees and data distributed around […] The post The Top 7 Unified Endpoint Management Tools in 2024 appeared first on Heimdal Security Blog.

Antivirus 92

Antivirus Firewall Passwords Technology 92

Bleeping Computer

JUNE 14, 2024

The Scattered Spider gang has started to steal data from software-as-a-service (SaaS) applications and establish persistence through creating new virtual machines. [.

Software 91

Software 91

Security Boulevard

JUNE 14, 2024

QR codes have been around for three decades, but it wasn’t until the COVID-19 pandemic hit in 2020 that they got wide use, with restaurants, health care facilities, and other businesses turning to them to customers contactless ways to read menus, buy items, or track the health of people in their buildings. Around the same. The post A New Tactic in the Rapid Evolution of QR Code Scams appeared first on Security Boulevard.

Scams 83

Scams Security Awareness Phishing Mobile 83

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Bleeping Computer

JUNE 14, 2024

American financial services holding company Globe Life says attackers may have accessed consumer and policyholder data after breaching one of its web portals. [.

Insurance 80

Insurance Financial Services 80

We Live Security

JUNE 14, 2024

The spyware, called AridSpy by ESET, is distributed through websites that pose as various messaging apps, a job search app, and a Palestinian Civil Registry app

Spyware 78

Spyware 78

Security Boulevard

JUNE 14, 2024

Whether it be purely text-based social engineering, or advanced, image-based attacks, one thing's for certain — generative AI is fueling a whole new age of advanced phishing. The post The “Spammification” of Business Email Compromise Spells Trouble for Businesses Around the Globe appeared first on Security Boulevard.

Social Engineering 78

Social Engineering Engineering Phishing Security Awareness 78

Digital Guardian

JUNE 14, 2024

In this week's Friday Five, read about the good and bad news regarding government-targeted cyberattacks, Microsoft President Brad Smith's recent testimony in front of Congress, a vishing campaign impersonating CISA staff, & more.

Government 75

Government 75

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity