Krebs on Security
APRIL 3, 2023
John Clifton Davies , a 60-year-old con man from the United Kingdom who fled the country in 2015 before being sentenced to 12 years in prison for fraud, has enjoyed a successful life abroad swindling technology startups by pretending to be a billionaire investor. Davies’ newest invention appears to be “ CodesToYou ,” which purports to be a “full cycle software development company” based in the U.K.
Troy Hunt
APRIL 5, 2023
A quick summary first before the details: This week, the FBI in cooperation with international law enforcement partners took down a notorious marketplace trading in stolen identity data in an effort they've named "Operation Cookie Monster" They've provided millions of impacted email addresses and passwords to Have I Been Pwned (HIBP) so that victims of the incident can discover if they have been exposed.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
APRIL 6, 2023
New research: “ Achilles Heels for AGI/ASI via Decision Theoretic Adversaries “: As progress in AI continues to advance, it is important to know how advanced systems will make choices and in what ways they may fail. Machines can already outsmart humans in some domains, and understanding how to safely build ones which may have capabilities at or above the human level is of particular concern.
Lohrman on Security
APRIL 2, 2023
NATO countries are facing a growing breadth and depth of nation-state cyber attacks as Russia, China, Iran and other countries increase military cyber cooperation.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Tech Republic Security
APRIL 3, 2023
Some 43% of employees have been targeted with work-related phishing attacks on their personal devices, says a survey from SlashNext. The post BYOD and personal apps: A recipe for data breaches appeared first on TechRepublic.
Troy Hunt
APRIL 1, 2023
Most of this week's video went on talking about the UniFi Dream Wall. What a unit! I mean it's big, but then it wraps a lot of stuff up in the one device too. If you watch this and have thoughts on how I can integrate it into the new garage such that it doesn't clash with the dark theme, I'd love to hear about it. I'll share more once I set it up in the coming weeks but for now, enjoy this week's video 🙂 References The UniFi Dream Wall is an impressive unit
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Bleeping Computer
APRIL 7, 2023
Amazon has banned the sale of the Flipper Zero portable multi-tool for pen-testers as it no longer allows its sale on the platform after tagging it as a card-skimming device. [.
Tech Republic Security
APRIL 6, 2023
Two Russia-associated groups hit Israel and Finland with DDoS attacks, this week. Cybersecurity experts say the actions represent a marked increase in exploits and a harbinger of cyberattacks to come. The post DDoS attacks rise as pro-Russia groups attack Finland, Israel appeared first on TechRepublic.
Security Boulevard
APRIL 3, 2023
Déjà Vu: Hack of WD systems leads to My Cloud service outage. Owners unable to access files. The post Western Digital Hacked: ‘My Cloud’ Data Dead (Even Local Storage!) appeared first on Security Boulevard.
eSecurity Planet
APRIL 7, 2023
Kali Linux turns 10 this year, and to celebrate, the Linux penetration testing distribution has added defensive security tools to its arsenal of open-source security tools. It remains to be seen if Kali Purple will do for defensive open source security tools what Kali Linux has done for open source pentesting, but the addition of more than 100 open source tools for SIEM , incident response , intrusion detection and more should raise the profile of those defensive tools.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Bleeping Computer
APRIL 4, 2023
HP announced in a security bulletin this week that it would take up to 90 days to patch a critical-severity vulnerability that impacts the firmware of certain business-grade printers. [.
Tech Republic Security
APRIL 3, 2023
A new report for cybersecurity firm WithSecure suggests that most companies are investing in security solutions that are tactical and reactive, but not in line with strategic aims of an organization. The post Cybersecurity unaligned with business goals is reactive … and flawed: Study appeared first on TechRepublic.
Security Boulevard
APRIL 4, 2023
$8.50 per child: UK regulator punishes TikTok at 5.5% of revenue. Says app illegally tracked children. The post TikTok Abused Kids’ Data — UK Fines it $16 Million appeared first on Security Boulevard.
Dark Reading
APRIL 5, 2023
Using only ChatGPT prompts, a Forcepoint researcher convinced the AI to create malware for finding and exfiltrating specific documents, despite its directive to refuse malicious requests.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Bleeping Computer
APRIL 3, 2023
Hackers are adding malicious functionality to WinRAR self-extracting archives that contain harmless decoy files, allowing them to plant backdoors without triggering the security agent on the target system. [.
Tech Republic Security
APRIL 7, 2023
Joe Burton, CEO of digital identity company Telesign, talks to TechRepublic about how the “fuzzy” realm between statistical analysis and AI can fuel global, fast, accurate identity. The post Company that launched 2FA is pioneering AI for digital identity appeared first on TechRepublic.
Security Boulevard
APRIL 7, 2023
I guess I’m banned from Twitter now: Tesla employees mocked and memeified private photos and videos. Firm’s message boards were full of the stuff. The post Tesla Staff Shared Saucy Snaps of Customers (Sources Say) appeared first on Security Boulevard.
SecureList
APRIL 3, 2023
On March 29, Crowdstrike published a report about a supply chain attack conducted via 3CXDesktopApp, a popular VoIP program. Since then, the security community has started analyzing the attack and sharing their findings. The following has been discovered so far: The infection is spread via 3CXDesktopApp MSI installers. An installer for macOS has also been trojanized.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Bleeping Computer
APRIL 7, 2023
Apple has released emergency security updates to address two new zero-day vulnerabilities exploited in attacks to compromise iPhones, Macs, and iPads. [.
Tech Republic Security
APRIL 7, 2023
Google's Threat Analysis Group reported on a subset of APT43 called Archipelago and detailed how the company is trying to protect users. The post Cyberespionage threat actor APT43 targets US, Europe, Japan and South Korea appeared first on TechRepublic.
Security Boulevard
APRIL 1, 2023
The post What is the impact of AI on cyber security awareness? appeared first on Click Armor. The post What is the impact of AI on cyber security awareness? appeared first on Security Boulevard.
CyberSecurity Insiders
APRIL 5, 2023
Cybersecurity fatigue is genuine, and hackers are benefiting from it. The constant pressure to frequently update the software and stay precautionary of fraudulent emails is exhausting. Therefore, even minor mistakes can have critical consequences. Cybercrime risk is rising, security vulnerabilities are increasing, and the cybersecurity industry is rapidly developing.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
SecureList
APRIL 5, 2023
Telegram has been gaining popularity with users around the world year by year. Common users are not the only ones who have recognized the messaging app’s handy features — cybercrooks have already made it a branch of the dark web, their Telegram activity soaring since late 2021. The service is especially popular with phishers. They have become adept at using Telegram both for automating their activities and for providing various services — from selling phishing kits to helping with setting
Tech Republic Security
APRIL 5, 2023
Windscribe has functions you probably didn’t know you need and is offering new users best-on-web pricing for one-to-three-year subscriptions. The post Get two years of ultimate VPN protection on unlimited connections for only $60 appeared first on TechRepublic.
Security Boulevard
APRIL 7, 2023
As a cybersecurity professional, vulnerabilities and exploits can be exhausting, never-ending and the bane of your existence. It is hard to prioritize what matters to you and your organization when you are staring at thousands of vulnerabilities, especially when you also consider those that might impact your supply chain and third-party vendors! Earlier this year, The post Don’t Get Burned (Out) by Cloud Vulnerabilities appeared first on Security Boulevard.
SecureWorld News
APRIL 4, 2023
As if tax season is not stressful enough—and the filing deadline of Tuesday, April 18, is fast approaching—security researchers have discovered a malicious JavaScript file has existed for weeks on eFile.com, an IRS-authorized electronic filing software service provider. This security incident specifically concerns eFile.com and not identical sounding domains or IRS e-file infrastructure.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Bleeping Computer
APRIL 1, 2023
Fake extortionists are piggybacking on data breaches and ransomware incidents, threatening U.S. companies with publishing or selling allegedly stolen data unless they get paid. [.
Tech Republic Security
APRIL 7, 2023
Learn how IPFS is used in phishing attacks and why it’s especially tricky to remove the impacted pages, as well as how to protect from this security threat. The post More phishing campaigns are using IPFS network protocol appeared first on TechRepublic.
CyberSecurity Insiders
APRIL 7, 2023
In today’s world, almost everyone owns a smartphone. In fact, it has become a necessity rather than a materialistic want. To secure the device from fraudulent access, mobile operating system manufacturers are coming up with various security features, among which phone PIN is the most commonly used option. However, according to a research study carried out by the SANS Institute, the most commonly used PIN on mobile phones is 1234.
eSecurity Planet
APRIL 5, 2023
Effective vulnerability management is about knowing what you own and prioritizing what you need to fix. A new research report shows that millions of organizations are failing at those critical cybersecurity practices. Researchers at cybersecurity firm Rezilion found more than 15 million instances in which systems are vulnerable to the 896 flaws listed in the U.S.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Expert insights. Personalized for you.
222 
Let's personalize your content