Schneier on Security

JUNE 14, 2024

This is really neat demo of the security problems arising from reusing nonces with a symmetric cipher in GCM mode.

Encryption 292

Encryption 292

Tech Republic Security

JUNE 14, 2024

From saving on flights and hotels to protecting your data when working online, these tips could save you money in the long run.

VPN 171

VPN Mobile Network Security 171

Schneier on Security

JUNE 14, 2024

This is a current list of where and when I am scheduled to speak: I’m appearing on a panel on Society and Democracy at ACM Collective Intelligence in Boston, Massachusetts. The conference runs from June 26 through 29, 2024, and my panel is at 9:00 AM on Friday, June 28. I’m speaking on “Reimagining Democracy in the Age of AI” at the Bozeman Library in Bozeman, Montana, USA, July 18, 2024.

279

279

Tech Republic Security

JUNE 14, 2024

An upcoming blog post for members of the Windows Insider Program will explain how to get the AI-powered Recall feature.

Artificial Intelligence 169

Artificial Intelligence Software 169

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Penetration Testing

JUNE 14, 2024

Security researchers are raising the alarm as proof-of-concept (PoC) exploit code targeting a recently patched high-severity vulnerability (CVE-2024-26229) in Microsoft Windows has surfaced on GitHub. The vulnerability could allow attackers to gain SYSTEM privileges,... The post CVE-2024-26229: Windows Elevation of Privilege Flaw Weaponized, PoC Exploit on GitHub appeared first on Cybersecurity News.

Cybersecurity 145

Cybersecurity 145

The Hacker News

JUNE 14, 2024

An analysis of a hybrid biometric access system from Chinese manufacturer ZKTeco has uncovered two dozen security flaws that could be used by attackers to defeat authentication, steal biometric data, and even deploy malicious backdoors.

Manufacturing 139

Manufacturing Authentication 139

The Hacker News

JUNE 14, 2024

Google's plans to deprecate third-party tracking cookies in its Chrome web browser with Privacy Sandbox has run into fresh trouble after Austrian privacy non-profit noyb (none of your business) said the feature can still be used to track users.

Advertising 139

Advertising 139

Security Boulevard

JUNE 14, 2024

The rise in U.S.-politics-themed scams indicates that adversarial nation states understand the significance of election years. The post Chinese Threats Aim for Government Sector appeared first on Security Boulevard.

Government 135

Government Scams Security Awareness Cybersecurity 135

The Hacker News

JUNE 14, 2024

As cyber threats loom large and data breaches continue to pose increasingly significant risks. Organizations and industries that handle sensitive information and valuable assets make prime targets for cybercriminals seeking financial gain or strategic advantage.

Data breaches 136

Data breaches Cyber threats Risk 136

Security Affairs

JUNE 14, 2024

In January 2025, European financial and insurance institutions, their business partners and providers, must comply with DORA. In January 2025, financial and insurance institutions in Europe and any organizations that do business with them must comply with the Digital Operation Resilience Act, also known as DORA. This regulation from the European Union (EU) is intended to both strengthen IT security and enhance the digital resilience of the European financial market.

Insurance 131

Insurance Technology Risk Information Security 131

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Security Boulevard

JUNE 14, 2024

PTaaS involves outsourcing penetration testing activities to a trusted third-party service provider, saving busy internal teams valuable time and offering an objective outsider’s perspective of their systems. The post Penetration-Testing-as-a-Service: An Essential Component of the Cybersecurity Toolkit appeared first on Security Boulevard.

Penetration Testing 130

Penetration Testing Cybersecurity Security Awareness 130

Malwarebytes

JUNE 14, 2024

On Wednesday June 12, 2024, a well-known dark web data broker and cybercriminal acting under the name “Sp1d3r” offered a significant amount of data allegedly stolen from Truist Bank for sale. Truist is a US bank holding company and operates 2,781 branches in 15 states and Washington DC. By assets, it is in the top 10 of US banks. In 2020, Truist provided financial services to about 12 million consumer households.

Data breaches 128

Data breaches Banking Passwords Phishing 128

Security Boulevard

JUNE 14, 2024

Copilot Plus? More like Copilot Minus: Redmond realizes Recall requires radical rethink. The post Recall ‘Delayed Indefinitely’ — Microsoft Privacy Disaster is Cut from Copilot+ PCs appeared first on Security Boulevard.

Digital transformation 128

Digital transformation Artificial Intelligence Social Engineering Data privacy 128

The Hacker News

JUNE 14, 2024

Data is growing faster than ever. Remember when petabytes (that's 1,000,000 gigabytes!) were only for tech giants? Well, that's so last decade! Today, businesses of all sizes are swimming in petabytes. But this isn't just about storage anymore. This data is ALIVE—it's constantly accessed, analyzed, shared, and even used to train the next wave of AI.

125

125

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Bleeping Computer

JUNE 14, 2024

A former quality assurance employee of National Computer Systems (NCS) was sentenced to two years and eight months in prison for reportedly deleting 180 virtual servers after being fired. [.

121

121

Security Boulevard

JUNE 14, 2024

Companies are achieving revenue growth by addressing the needs of mid-market enterprises, offering tailored solutions that provide high value at a competitive price point. The post SASE Market Growth Continues, Led by Cisco, Zscaler appeared first on Security Boulevard.

Marketing 119

Marketing Cybersecurity 119

Bleeping Computer

JUNE 14, 2024

NHS England revealed today that multiple London hospitals impacted by last week's Synnovis ransomware attack were forced to cancel hundreds of planned operations and appointments. [.

Ransomware 117

Ransomware Healthcare 117

Security Boulevard

JUNE 14, 2024

In today's rapidly evolving digital landscape, the importance of data security cannot be overstated. Organisations across the globe are increasingly seeking robust solutions to protect their sensitive information from cyber threats. Among the leaders in providing such solutions is comforte AG, a company renowned for its expertise in data-centric security.

Cyber threats 115

Cyber threats 115

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Bleeping Computer

JUNE 14, 2024

Microsoft says it removed a Copilot app that was "incorrectly" added to Windows 10 and Windows 11 systems in April due to buggy Microsoft Edge updates. [.

116

116

SecureBlitz

JUNE 14, 2024

In this post, we will show you the Kaspersky Antivirus review. In an age where our digital lives are constantly under threat, antivirus software has become an essential tool for protecting our devices and personal information. Among the myriad of options available, Kaspersky Antivirus has consistently stood out for its robust security features and user-friendly […] The post Honest Kaspersky Antivirus Review appeared first on SecureBlitz Cybersecurity.

Antivirus 90

Antivirus Software Cybersecurity 90

Bleeping Computer

JUNE 14, 2024

Mozilla Firefox finally allows you to further protect local access to stored credentials in the browser's password manager using your device's login, including a password, fingerprint, pin, or other biometrics [.

Passwords 114

Passwords Password Management Software 114

Security Boulevard

JUNE 14, 2024

QR codes have been around for three decades, but it wasn’t until the COVID-19 pandemic hit in 2020 that they got wide use, with restaurants, health care facilities, and other businesses turning to them to customers contactless ways to read menus, buy items, or track the health of people in their buildings. Around the same. The post A New Tactic in the Rapid Evolution of QR Code Scams appeared first on Security Boulevard.

Scams 83

Scams Security Awareness Phishing Mobile 83

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Bleeping Computer

JUNE 14, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Windows vulnerability abused in ransomware attacks as a zero-day to its catalog of actively exploited security bugs. [.

Ransomware 107

Ransomware Cybersecurity 107

Heimadal Security

JUNE 14, 2024

A 28-year-old Russian man has been taken into custody by the Ukraine cyber police in Kyiv for his involvement in the Conti and LockBit ransomware operations, which involved making their malware impervious to antivirus software and carrying out at least one attack personally. The Dutch police, who responded to a ransomware attack and subsequent data […] The post Crypter Specialist Involved in the Conti and LockBit Attack Arrested appeared first on Heimdal Security Blog.

Antivirus 81

Antivirus Ransomware Malware Software 81

Bleeping Computer

JUNE 14, 2024

PCBA manufacturing giant Keytronic is warning it suffered a data breach after the Black Basta ransomware gang leaked 530GB of the company's stolen data two weeks ago. [.

Data breaches 94

Data breaches Ransomware Manufacturing 94

Security Boulevard

JUNE 14, 2024

Whether it be purely text-based social engineering, or advanced, image-based attacks, one thing's for certain — generative AI is fueling a whole new age of advanced phishing. The post The “Spammification” of Business Email Compromise Spells Trouble for Businesses Around the Globe appeared first on Security Boulevard.

Social Engineering 78

Social Engineering Engineering Phishing Security Awareness 78

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

Bleeping Computer

JUNE 14, 2024

The Scattered Spider gang has started to steal data from software-as-a-service (SaaS) applications and establish persistence through creating new virtual machines. [.

Software 91

Software 91

Digital Guardian

JUNE 14, 2024

In this week's Friday Five, read about the good and bad news regarding government-targeted cyberattacks, Microsoft President Brad Smith's recent testimony in front of Congress, a vishing campaign impersonating CISA staff, & more.

Government 75

Government 75

Bleeping Computer

JUNE 14, 2024

American financial services holding company Globe Life says attackers may have accessed consumer and policyholder data after breaching one of its web portals. [.

Insurance 81

Insurance Financial Services 81

Heimadal Security

JUNE 14, 2024

In the last decade, cybersecurity has come a long way. Once upon a time, keeping your IT environment secure largely required passwords, firewalls, and antivirus. In the days since, the move to cloud technology has thrown up a whole range of advanced tools and defenses to protect organizations that have employees and data distributed around […] The post The Top 7 Unified Endpoint Management Tools in 2024 appeared first on Heimdal Security Blog.

Antivirus 72

Antivirus Firewall Passwords Technology 72

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity