Lohrman on Security
JULY 16, 2023
The White House just released the new National Cybersecurity Strategy Implementation Plan. Here are the details, selected media coverage and what you need to know moving forward.
Joseph Steinberg
JULY 17, 2023
A simple, single-letter typo has caused perhaps as many as several million email messages sent by members of the US Military to be inappropriately delivered to the African country of Mali, an ally of Russia in which contractors from the infamous Russian military contractor, Wagner Group, have been assisting Mali’s armed forces. It appears that for as long as a decade, various users of military email systems sent messages to emails addresses using the top-level domain “.ML,” the domain for
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
JULY 19, 2023
Deepening interoperability of AI-infused systems – in our buildings, transportation grids, communications systems and medical equipment — portend amazing breakthroughs for humankind. Related: The coming of optical infrastructure But first businesses must come to grips with the quickening convergence of their internal and external computing resources.
Schneier on Security
JULY 21, 2023
Imagine a future in which AIs automatically interpret—and enforce—laws. All day and every day, you constantly receive highly personalized instructions for how to comply with the law, sent directly by your government and law enforcement. You’re told how to cross the street, how fast to drive on the way to work, and what you’re allowed to say or do online—if you’re in any situation that might have legal implications, you’re told exactly what to do, in real time.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Krebs on Security
JULY 21, 2023
Many things have changed since 2018, such as the names of the companies in the Fortune 100 list. But one aspect of that vaunted list that hasn’t shifted much since is that very few of these companies list any security professionals within their top executive ranks. The next time you receive a breach notification letter that invariably says a company you trusted places a top priority on customer security and privacy, consider this: Only four of the Fortune 100 companies currently list a sec
Tech Republic Security
JULY 18, 2023
Australia has an e-waste problem, and for all the conversations around climate change, energy use, plastics and other ESG matters, it's surprising that more isn't said about it.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Schneier on Security
JULY 17, 2023
Interesting forensics in connection with a serial killer arrest: Investigators went through phone records collected from both midtown Manhattan and the Massapequa Park area of Long Island—two areas connected to a “burner phone” they had tied to the killings. (In court, prosecutors later said the burner phone was identified via an email account used to “solicit and arrange for sexual activity.” The victims had all been Craigslist escorts, according to officials.
Security Boulevard
JULY 21, 2023
How to Tame Identity Sprawl: Strategies and solutions for managing digital identitiesIf your employees use different usernames and passwords for their computers, applications, other systems and accounts, your organization is experiencing identity sprawl. Identity sprawl is a problem that has increased significantly with the rise of identity-related attacks.
Tech Republic Security
JULY 21, 2023
The Europol report also reported on cybercriminals' use of cryptocurrencies and how their techniques are more sophisticated. However, there was good cybersecurity news, too.
eSecurity Planet
JULY 21, 2023
Living off the land (LOTL) attacks use legitimate programs that already exist on a computer, rather than installing malware from an external source onto a system. The stealthy nature of these attacks can make them effective — and difficult for security teams to detect and prevent. To prevent LOTL attacks, security teams must use sophisticated detection methods, as well as closing loops in popular computer programs with known vulnerabilities.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Schneier on Security
JULY 18, 2023
You can disable a self-driving car by putting a traffic cone on its hood: The group got the idea for the conings by chance. The person claims a few of them walking together one night saw a cone on the hood of an AV, which appeared disabled. They weren’t sure at the time which came first; perhaps someone had placed the cone on the AV’s hood to signify it was disabled rather than the other way around.
Security Boulevard
JULY 21, 2023
Two banks earlier this year were the targets of open source supply chain attacks, the first of their kind in the industry. The post Software Supply Chain Attackers Targeting Banks, Checkmarx Says appeared first on Security Boulevard.
Tech Republic Security
JULY 18, 2023
Newly discovered vulnerabilities in distributed control systems could allow attackers access to systems supporting industrial, energy, chemical and other operations.
eSecurity Planet
JULY 21, 2023
Incident response frameworks and practices are detailed action plans to resolve security breaches inside a business or organization. They give the business a thorough and proactive approach to security by methodically recording every aspect of an incident, including how it happened and the measures that were taken, and describing the subsequent steps to prevent such incidents in the future.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Schneier on Security
JULY 19, 2023
Gandalf is an interactive LLM game where the goal is to get the chatbot to reveal its password. There are eight levels of difficulty, as the chatbot gets increasingly restrictive instructions as to how it will answer. It’s a great teaching tool. I am stuck on Level 7. Feel free to give hints and discuss strategy in the comments below. I probably won’t look at them until I’ve cracked the last level.
Security Boulevard
JULY 21, 2023
For startups looking to win business and build trust with potential clients, a robust security program and effective response to security questionnaires are essential. Whether you’re new to security questionnaires or just need a refresher, we have you covered. With that, let’s get started. What are security questionnaires? Security questionnaires are sets of standardized questions […] The post Startups’ Guide to Security Questionnaires first appeared on TrustCloud.
Tech Republic Security
JULY 19, 2023
Make all of your computers and devices safer regardless of operating system with this VPN Unlimited: Lifetime Subscription for just $69.99.
eSecurity Planet
JULY 20, 2023
Kevin Mitnick, who turned legendary hacking exploits and two prison terms into a career as an esteemed cybersecurity leader, died Sunday at age 59 after a 14-month battle with pancreatic cancer, KnowBe4 revealed today. A memorial will be held August 1 in Las Vegas. Once dubbed “the world’s most wanted hacker” after his youthful exploits attacking Digital Equipment Corporation and Pacific Bell, Mitnick completed his decade-long transition to cybersecurity luminary when he joined
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Security Boulevard
JULY 21, 2023
Miscreants have ramped up their use of QR codes to phish for credentials, according to INKY threat researchers. The post The Rise of QR Codes Spurs Rise in ‘Fresh Phish’ appeared first on Security Boulevard.
Tech Republic Security
JULY 21, 2023
This is a comprehensive list of the top enterprise password managers. Use this guide to compare and choose which one is best for your business.
eSecurity Planet
JULY 19, 2023
APIs (application programming interfaces) allow applications to communicate with each other, a critically important function in the digital age. Their importance also makes them an attractive target for cyber criminals — according to Akamai, API and application attacks tripled last year. API security tools help protect the integrity of APIs and keep them safe from common attack vectors like local file inclusion (LFI), cross-site scripting ( XSS ) and SQL injection (SQLi).
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
We Live Security
JULY 18, 2023
There is a significant secondary marketplace where tickets can sell for several times their original value, opening the opportunity for scammers and fraud The post Protect yourself from ticketing scams ahead of the Premier League Summer Series USA Tour appeared first on WeLiveSecurity
Security Boulevard
JULY 20, 2023
In today’s fast-paced software development landscape, DevOps practices play a crucial role in achieving faster delivery, increased collaboration, and improved quality. AWS provides powerful services like CodePipeline and CodeDeploy that facilitate automated deployment pipelines and streamlined software releases. This comprehensive guide will walk you through the process of setting up and leveraging these AWS services […] The post DevOps Automation with AWS CodePipeline and AWS CodeDeploy appeare
Tech Republic Security
JULY 17, 2023
Snapshots are an effective way to improve the security of your data. Learn about different ways to use them to enhance your data security.
Bleeping Computer
JULY 19, 2023
Cyber Police Department of the National Police of Ukraine dismantled another massive bot farm linked to more than 100 individuals after searches at almost two dozen locations. [.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
We Live Security
JULY 19, 2023
Why is kids’ personal information in high demand, how do criminals steal it, and what can parents do to help prevent child identity theft? The post Child identity theft: how do I keep my kids’ personal data safe?
Security Boulevard
JULY 21, 2023
Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel. Permalink The post BSides Sofia 2023 – Georgi Gerganov – Keytap Acoustic Keyboard Eavesdropping appeared first on Security Boulevard.
Tech Republic Security
JULY 18, 2023
HealthEdge, a healthcare digital payer platform, shares strategies for combating cyber threats threatening the healthcare industry.
The Hacker News
JULY 15, 2023
With generative artificial intelligence (AI) becoming all the rage these days, it's perhaps not surprising that the technology has been repurposed by malicious actors to their own advantage, enabling avenues for accelerated cybercrime.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Expert insights. Personalized for you.
228 
Let's personalize your content