Joseph Steinberg

MARCH 14, 2022

The cybersecurity term “secure workloads” seems to be gaining a lot of traction in marketing materials lately. Yet, it has become a ubiquitous catchphrase that is often misused. So, let’s cut through the fluff, and understand what “secure workloads” really are…. When it comes to cybersecurity, securing workloads means protecting all of the various components that make up an application (such as its database functionality).

Cybersecurity 363

Cybersecurity Artificial Intelligence Encryption Technology 363

Krebs on Security

MARCH 17, 2022

Researchers are tracking a number of open-source “ protestware ” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase files on computers that appear to be coming from Russian or Belarusian Internet addresses.

Malware 346

Malware Internet Internet Software 346

Schneier on Security

MARCH 18, 2022

My proof of COVID-19 vaccination is recorded on an easy-to-forge paper card. With little trouble, I could print a blank form, fill it out, and snap a photo. Small imperfections wouldn’t pose any problem; you can’t see whether the paper’s weight is right in a digital image. When I fly internationally, I have to show a negative COVID-19 test result. That, too, would be easy to fake.

Banking 297

Banking Surveillance Cybersecurity 297

Daniel Miessler

MARCH 13, 2022

A lot of people, especially in the security industry , are concerned that NFTs are a scam. And that’s for a good reason in many cases, since many of them are. In fact, I’d say it’s something like 95%. That’s not a real number, but that’s where I’d put the ratio. But I’m not trying to convince you that NFTs are scams.

Scams 287

Scams Marketing Manufacturing Engineering 287

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Lohrman on Security

MARCH 13, 2022

Cyber insurance is only getting more expensive, and the market is changing dramatically, with more changes to come. So what trends will drive adoption, rates and the wider future of cyber insurance?

Cyber Insurance 285

Cyber Insurance Insurance Marketing Government 285

Tech Republic Security

MARCH 18, 2022

If you are interested in pursuing a career in cybersecurity and don't know where to start, here's your go-to guide about salaries, job markets, skills and common interview questions in the field, as well as the top security software. The post How to become a cybersecurity pro: A cheat sheet appeared first on TechRepublic.

Cybersecurity 218

Cybersecurity Marketing Software 218

Security Boulevard

MARCH 17, 2022

Russian hackers are known as some of the world’s best, and the increase in tensions between the United States and Russia since the invasion of Ukraine has raised the prospect that Russian hackers may target U.S. citizens and organizations with cyberattacks. Our company, INKY Technology, provides cloud-based anti-phishing defense-in-depth to protect against email attacks.

Phishing 145

Phishing Technology Social Engineering Engineering 145

Bleeping Computer

MARCH 15, 2022

Russia faces a critical IT storage crisis after Western cloud providers pulled out of the country, leaving Russia with only two more months before they run out of data storage. [.].

Technology 145

Technology Government 145

Tech Republic Security

MARCH 15, 2022

NCC Group’s study outlines the use cases for BCIs as well as the security risks associated with using them. The post Brain Computer Interfaces may be the future, but will they be secure? appeared first on TechRepublic.

Risk 215

Risk 215

Schneier on Security

MARCH 17, 2022

Oops : Instead of telling you when it’s safe to cross the street, the walk signs in Crystal City, VA are just repeating ‘CHANGE PASSWORD.’ Something’s gone terribly wrong here.

Passwords 280

Passwords 280

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Security Boulevard

MARCH 18, 2022

Cloud security management issues are increasing the flood of false positive alerts and missed critical issues and contributing to higher burnout rates for IT teams. These were among the findings of an Orca Security survey of 800 IT professionals across five countries and 10 industries, which revealed more than half (55%) of respondents use three. The post Cloud Security Tool Sprawl Draining IT Teams appeared first on Security Boulevard.

Cybersecurity 144

Cybersecurity Network Security 144

Bleeping Computer

MARCH 15, 2022

A recently discovered botnet under active development targets Linux systems, attempting to ensnare them into an army of bots ready to steal sensitive info, installing rootkits, creating reverse shells, and acting as web traffic proxies. [.].

DNS 144

DNS 144

Tech Republic Security

MARCH 15, 2022

Don’t let mobile malware ruin your day or your device. Be aware of how this threat happens and take good precautions to avoid it. The post Mobile malware is on the rise: Know how to protect yourself from a virus or stolen data appeared first on TechRepublic.

Mobile 213

Mobile Malware 213

Security Affairs

MARCH 17, 2022

The collective Anonymous and its affiliated groups continue to target the Russian government and private organizations. The collective Anonymous, and other groups in its ecosystem, continue to target the Russian government and private organizations. Let’s summarize the most interesting attacks observed in the last few days. Yesterday Anonymous announced the hack of the website of the Ministry of Emergencies of Russia, the hackers defaced them and published the message: “Don’t t

Hacking 145

Hacking Government Media Information Security 145

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Graham Cluley

MARCH 15, 2022

Last month, the LAPSUS$ hacking group stole up to one terabyte of internal data, including hashed passwords, from graphics card maker NVIDIA. Of course, you would hope that any sensible NVIDIA employee would have chosen a sensible hard-to-crack password, and ensured that they weren’t using the same password anywhere else on the internet.

Passwords 143

Passwords Internet Internet Hacking 143

Bleeping Computer

MARCH 15, 2022

BSI, the federal cybersecurity authority in Germany, has issued a public statement to warn critical entities in the country against using Kaspersky antivirus software products. [.].

Antivirus 143

Antivirus Government Software Cybersecurity 143

Tech Republic Security

MARCH 17, 2022

CISA adds 15 known exploited vulnerabilities to its catalog and BlackBerry researchers warn of a new ransomware-as-a-service family. The post Cybersecurity news: LokiLocker ransomware, Instagram phishing attack and new warnings from CISA appeared first on TechRepublic.

Phishing 204

Phishing Ransomware Cybersecurity 204

CSO Magazine

MARCH 16, 2022

A new ransomware operation dubbed LokiLocker has slowly been gaining traction since August among cybercriminals, researchers warn. The malicious program uses a relatively rare code obfuscation technique and includes a file wiper component that attackers could use against non-compliant victims. "??LokiLocker is a relatively new ransomware family targeting English-speaking victims and Windows PCs.

Ransomware 142

Ransomware 142

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Graham Cluley

MARCH 13, 2022

Video game company Ubisoft, maker of hit titles like Assassin’s Creed and Just Dance says that it has “experienced a cyber security incident” - and as a consequence is changing its employees' passwords.

Passwords 141

Passwords Data breaches 141

Bleeping Computer

MARCH 17, 2022

Threat analysts following the activity of LightBasin, a financially motivated group of hackers, report the discovery of a previously unknown Unix rootkit that is used to steal ATM banking data and conduct fraudulent transactions. [.].

Banking 142

Banking 142

Tech Republic Security

MARCH 17, 2022

The first line of defense against ransomware lies with email authentication. Learn more information about how to take a proactive approach to cyber attacks. The post Email authentication helps governments and private companies battle ransomware appeared first on TechRepublic.

Authentication 196

Authentication Government Ransomware Cyber Attacks 196

Trend Micro

MARCH 16, 2022

This report discusses the technical capabilities of this Cyclops Blink malware variant that targets ASUS routers and includes a list of more than 150 current and historical command-and-control (C&C) servers of the Cyclops Blink botnet.

Malware 138

Malware IoT 138

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Security Boulevard

MARCH 16, 2022

The supply chain crisis is a reminder that the systems that power the global economy are frighteningly fragile. When COVID-19 hit, it interrupted logistics networks across the planet and caused shortages so severe that it prompted The New York Times to hyperbolically claim the world “ran out of everything” in 2021. We have seen the. The post Supply Chains are an Easy Target for Cybercriminals appeared first on Security Boulevard.

Security Awareness 139

Security Awareness Phishing Cybersecurity 139

Bleeping Computer

MARCH 17, 2022

The TrickBot trojan has just added one more trick up its sleeve, now using vulnerable IoT (internet of things) devices like modem routers as proxies for its C2 (command and control) server communication. [.].

IoT 139

IoT Internet Internet 139

Tech Republic Security

MARCH 14, 2022

One lesser-known aspect of non-fungible tokens is their vulnerability to cybercrime. Learn how you can protect yourself and your company from the potential risks of NFTs. The post NFTs: The growing cybercrime risks and how to avoid them appeared first on TechRepublic.

Cybercrime 193

Cybercrime Risk 193

Security Affairs

MARCH 16, 2022

In mere seconds, a hacker remotely accessed a computer belonging to a regional Russian Ministry of Health, taking advantage of sloppy cybersecurity practices to expose its entire network. Original post at [link]. Spielerkid89, who wished to remain anonymous, did not intend to harm the organization and left its systems intact. However, his experiment is a perfect example of how poor cyber hygiene can leave organizations vulnerable to cyber attacks.

Authentication 139

Authentication Cyber Attacks System Administration Internet 139

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Security Boulevard

MARCH 18, 2022

In May 2021, the U.S. national gas price average hit its highest level in six years. The cause: A ransomware attack on fuel distribution company Colonial Pipeline, made possible by the most common kind of attack—misused or stolen credentials. A stolen password belonging to a legacy VPN account led to the company paying a ransom. The post Zero-Trust’s Foundation is Identity and Access Management appeared first on Security Boulevard.

VPN 138

VPN Passwords Accountability Ransomware 138

Bleeping Computer

MARCH 18, 2022

Google's Threat Analysis Group (TAG) says the Chinese People's Liberation Army (PLA) and other Chinese intelligence agencies are trying to get more info on the ongoing Russian war in Ukraine. [.].

Government 138

Government 138

Tech Republic Security

MARCH 14, 2022

A new social engineering method is spreading this malware, and it’s very easy to fall for. Here’s what it’s doing and how to avoid it. The post Cybersecurity: Attacker uses websites’ contact forms to spread BazarLoader malware appeared first on TechRepublic.

Malware 188

Malware Social Engineering Cybersecurity Engineering 188

Security Affairs

MARCH 17, 2022

Researchers uncovered a new Linux botnet, tracked as B1txor20, that exploits the Log4J vulnerability and DNS tunnel. Researchers from Qihoo 360’s Netlab have discovered a new backdoor used to infect Linux systems and include them in a botnet tracked as B1txor20. The malware was first spotted on February 9, 2022, when 360Netlab’s honeypot system captured an unknown ELF file that was spreading by exploiting the Log4J vulnerability.

DNS 144

DNS Malware Technology Encryption 144

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity