Schneier on Security
JULY 7, 2022
Report by Georgetown’s Center on Privacy and Technology published a comprehensive report on the surprising amount of mass surveillance conducted by Immigration and Customs Enforcement (ICE). Our two-year investigation, including hundreds of Freedom of Information Act requests and a comprehensive review of ICE’s contracting and procurement records, reveals that ICE now operates as a domestic surveillance agency.
Javvad Malik
JULY 7, 2022
Over here in the UK we’ve had dozens of MPs (members of parliament) tender their resignation over the last day or so. While I’m not interested in politics, seeing so many resignation letters did provide me with the template to create the perfect letter. It consists of a few steps. 1. Yellow paper (not the white one peasants write on). 2.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Adam Levin
JULY 6, 2022
A firewall is a network security device or program designed to prevent unauthorized and malicious internet traffic from entering a private network or device. It is a digital safety barrier between public and private internet connections, allowing non-threatening traffic in and keeping malicious traffic out, which in theory includes malware and hackers.
Troy Hunt
JULY 6, 2022
11 years now, wow 😲 It's actually 11 and a bit because it was April Fool's Day in 2011 that my first MVP award came through. At the time, I referred to myself as "The Accidental MVP" as I'd no expectation of an award, it just came from me being me. It's the same again today, and the last year has been full of just doing the stuff I love; loads of talks (which, like the one above at AusCERT, are actually starting to happen in front of real live humans again), l
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Schneier on Security
JULY 6, 2022
NIST’s post-quantum computing cryptography standard process is entering its final phases. It announced the first four algorithms: For general encryption, used when we access secure websites, NIST has selected the CRYSTALS-Kyber algorithm. Among its advantages are comparatively small encryption keys that two parties can exchange easily, as well as its speed of operation.
The Last Watchdog
JULY 5, 2022
Gathering intelligence has always been a key tool for organisational decision making – understanding the external operating environment is the ‘101’ for business. How can you grasp the challenges and opportunities for your company without a deep understanding of all the contributing factors that make the company tick? Related: We’re in the golden age of cyber espionage.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Troy Hunt
JULY 4, 2022
Continuing the rollout of Have I Been Pwned (HIBP) to national governments around the world, today I'm very happy to welcome Poland to the service! The Polish CSIRT GOV is now the 34th onboard the service and has free and open access to APIs allowing them to query their government domains. Seeing the ongoing uptake of governments using HIBP to do useful things in the wake of data breaches is enormously fulfilling and I look forward to welcoming many more national CSIRTs in the future.
Schneier on Security
JULY 8, 2022
Apple has introduced lockdown mode for high-risk users who are concerned about nation-state attacks. It trades reduced functionality for increased security in a very interesting way.
Joseph Steinberg
JULY 7, 2022
A mischievous hacker, or group of hackers, took over Disneyland’s official Instagram and Facebook accounts earlier today, and, apparently, defaced them both with a series of profane and racist posts. Walt Disney Company has confirmed the breach, which appears to have occurred around 7 AM US Eastern time. The entertainment giant stated that it responded to the incident with zeal: “We worked quickly to remove the reprehensible content, secure our accounts, and our security teams are conducting an
Anton on Security
JULY 7, 2022
This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our third Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blog for #2 ). My favorite quotes from the report follow below: “Another common tactic that continues to be observed is when bad actors actively impersonate legitimate sounding organizations (especially in journalism or education) with the objective of in
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Troy Hunt
JULY 2, 2022
In a complete departure from the norm, this week's video is the much-requested "cultural differences" one with Charlotte. No tech (other than my occasional plug for the virtues of JavaScript), but lots of experiences from both of us living and working in different parts of the world. Most of it is what Charlotte has learned being thrown into the deep end of Aussieness (without the option of even getting out of the country until very recently), which I thought made for some pretty fu
Tech Republic Security
JULY 7, 2022
Cybercriminals found a way into a Shanghai National Police database, in the largest exploit of personal information in the country’s history. The post China suffers massive cybersecurity breach affecting over 1 billion people appeared first on TechRepublic.
Bleeping Computer
JULY 7, 2022
While Microsoft announced earlier this year that it would block VBA macros on downloaded documents by default, Redmond said on Thursday that it will roll back this change based on "feedback" until further notice. [.].
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Malwarebytes
JULY 8, 2022
When content creators flag one of their own videos as inappropriate for children, we expect YouTube’s AI moderator to accept this and move on. But the video streaming bot doesn’t seem to get it. Not only can it prevent creators from correcting a miscategorization, its synthetic will is also final—no questions asked—unless the content creator appeals.
Tech Republic Security
JULY 8, 2022
The adoption of cloud was a necessity for many companies, but they are now facing security risks. The post Global cloud market to reach $1 trillion but 63% of leaders report lack of resources appeared first on TechRepublic.
CSO Magazine
JULY 4, 2022
Identity and access issues topped the list of concerns of IT pros in the Cloud Security Alliance's annual Top Threats to Cloud Computing: The Pandemic 11 report released earlier this month. "Data breaches and data loss were the top concerns last year," says CSA Global Vice President of Research John Yeoh. "This year, they weren't even in the top 11.
Bleeping Computer
JULY 5, 2022
A new ransomware operation called RedAlert, or N13V, encrypts both Windows and Linux VMWare ESXi servers in attacks on corporate networks. [.].
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Malwarebytes
JULY 7, 2022
Apple has announced a new feature of iOS 16 called Lockdown Mode. This new feature is designed to provide a safer environment on iOS for people at high risk of what Apple refers to as “mercenary spyware.” This includes people like journalists and human rights advocates, who are often targeted by oppressive regimes using malware like NSO Groups’ Pegasus spyware.
Tech Republic Security
JULY 6, 2022
Geographic Solutions Inc., the company handling the unemployment websites of several states, took the websites offline due to the attack. The post Cyberattacks interrupt unemployment benefits in multiple states appeared first on TechRepublic.
Security Affairs
JULY 4, 2022
Threat actors claim to have breached a database belonging to Shanghai police and stole the data of a billion Chinese residents. Unknown threat actors claimed to have obtained data of a billion Chinese residents after breaching a database of the Shanghai police. If the incident will be confirmed, this data breach is the largest one in the country’s history. “Shangai authorities have not publicly responded to the purported hack.
Security Boulevard
JULY 4, 2022
Find out top 10 risks answering why SMB's are doing cyber security wrong. We have also included fixes to help you understand the cybersecurity for SMB. The post The Top 10 SMB cyber security mistakes. Find out how to fix these security risks. appeared first on Cyphere | Securing Your Cyber Sphere. The post The Top 10 SMB cyber security mistakes.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
The Hacker News
JULY 7, 2022
Disclaimer: This article is meant to give insight into cyber threats as seen by the community of users of CrowdSec. What can tens of thousands of machines tell us about illegal hacker activities?
Tech Republic Security
JULY 6, 2022
The announcement follows a six-year effort to devise and then vet encryption methods to significantly increase the security of digital information, the agency said. The post NIST selects four encryption algorithms to thwart future quantum computer attacks appeared first on TechRepublic.
Malwarebytes
JULY 5, 2022
Google has released version 103.0.5060.114 for Chrome, now available in the Stable Desktop channel worldwide. The main goal of this new version is to patch CVE-2022-2294. CVE-2022-2294 is a high severity heap-based buffer overflow weakness in the Web Real-Time Communications (WebRTC) component which is being exploited in the wild. This is the fourth Chrome zero-day to be patched in 2022.
Security Affairs
JULY 7, 2022
US authorities have issued a joint advisory warning of North Korea-linked APTs using Maui ransomware in attacks against the Healthcare sector. The FBI, CISA, and the U.S. Treasury Department issued a joint advisory that warn of North-Korea-linked threat actors using Maui ransomware in attacks aimed at organizations in the Healthcare sector. “The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury (Treasury) are
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
We Live Security
JULY 4, 2022
One in five organizations have teetered on the brink of insolvency after a cyberattack. Can your company keep hackers at bay? The post Cyberattacks: A very real existential threat to organizations appeared first on WeLiveSecurity.
Tech Republic Security
JULY 5, 2022
Dirty data not only leads to poor business decisions but can also pose some security concerns in organizations. Learn dirty data cybersecurity concerns enterprises may contend with. The post Three dirty data cybersecurity concerns for business enterprises appeared first on TechRepublic.
Malwarebytes
JULY 8, 2022
Back in March, popular NFT battler Axie Infinity lay at the heart of a huge cryptocurrency theft inflicted on the Ronin network. From the Ronin newsletter : There has been a security breach on the Ronin Network. Earlier today, we discovered that on March 23rd, Sky Mavis’s Ronin validator nodes and Axie DAO validator nodes were compromised resulting in 173,600 Ethereum and 25.5M USDC drained from the Ronin bridge in two transactions.
Security Affairs
JULY 8, 2022
Emsisoft has released a free decryption tool that allows victims of the AstraLocker and Yashma ransomware to recover their files without paying a ransom. Cybersecurity firm Emsisoft released a free decryptor tool that allows victims of the AstraLocker and Yashma ransomware to recover their files without paying a ransom. The security firm states that the AstraLocker decryptor works for ransomware versions based on the Babuk malware that appends the.Astra or.babyk extensions to the name of the enc
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Expert insights. Personalized for you.
313 
Let's personalize your content