Joseph Steinberg

JUNE 10, 2022

Last week, I attended an excellent briefing given by Tom Gillis, Senior Vice President and General Manager of VMware’s Networking and Advanced Security Business Group, in which he discussed various important cybersecurity-related trends that he and his team have observed. Gillis shared how VMware’s customers’ attitudes towards security appear to be evolving in light of both recent developments within the cybersecurity industry and events going on in the world at large; among the developmen

Cybersecurity 363

Cybersecurity Artificial Intelligence CISO Wireless 363

Krebs on Security

JUNE 7, 2022

Netflix has a new documentary series airing next week — “ Web of Make Believe: Death, Lies & the Internet ” — in which Yours Truly apparently has a decent amount of screen time. The debut episode explores the far-too-common harassment tactic of “ swatting ” — wherein fake bomb threats or hostage situations are phoned in to police as part of a scheme to trick them into visiting potentially deadly force on a target’s address.

Cybercrime 309

Cybercrime Internet Internet Web Fraud 309

Troy Hunt

JUNE 4, 2022

I somehow ended up blasting through an hour and a quarter in this week's video with loads of discussion on the CTARS / NDIS data breach then a real time "let's see what the fuss is about" with news that one of our state's digital driver's licenses (DDL) may be easily forgeable. I think the whole discussion is actually really interesting when looked at through the lens of how on balance, a digitised license compares to a physical one.

Data breaches 265

Data breaches Encryption 265

The Last Watchdog

JUNE 9, 2022

What is it about the elderly that makes them such attractive targets for cybercriminals? A variety of factors play a role. Related: The coming of bio-digital twins. Unlike many younger users online, they may have accumulated savings over their lives — and those nest eggs are a major target for hackers. Now add psychological variables to the mix of assets worth stealing.

Identity Theft 274

Identity Theft Scams Insurance Internet 274

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Joseph Steinberg

JUNE 9, 2022

The Tenafly, New Jersey, Public School District has canceled final exams for its high school students after a ransomware cyberattack crippled the district’s computer infrastructure. In addition to having cancelled finals, the district, which ranks in many surveys as being among the top 50 school districts in the country, has been forced to revert for its final days of instruction for the 201-2022 academic year to using paper, pencils, and pre-computer-era overhead projectors instead of its usual

Ransomware 363

Ransomware Artificial Intelligence Education Cybercrime 363

Krebs on Security

JUNE 10, 2022

At the outset of their federal criminal trial for hijacking vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct (now Amobee ) have pleaded guilty to lesser misdemeanor charges of fraud and misrepresentation via email. In October 2018, prosecutors in the Southern District of California named four Adconion employees — Jacob Bychak , Mark Manoogian , Petr Pacas , and Mohammed Abdul Qayyum

Government 285

Government Marketing Internet Internet 285

The Last Watchdog

JUNE 6, 2022

Reducing the attack surface of a company’s network should, by now, be a top priority for all organizations. Related: Why security teams ought to embrace complexity. As RSA Conference 2022 gets underway today in San Francisco, advanced systems to help companies comprehensively inventory their cyber assets for enhanced visibility to improve asset and cloud configurations and close security gaps will be in the spotlight.

Network Security 262

Network Security Cloud Migration Digital transformation Technology 262

Schneier on Security

JUNE 9, 2022

Twitter was fined $150 million for using phone numbers and email addresses collected for two-factor authentication for ad targeting.

Authentication 264

Authentication 264

Tech Republic Security

JUNE 7, 2022

Businesses now compete as ecosystems and the veracity of information must be protected, officials tell the audience at the RSA Conference Monday. The post Humans and identity are constants in the ever-changing world of cybersecurity appeared first on TechRepublic.

Cybersecurity 212

Cybersecurity 212

Digital Shadows

JUNE 8, 2022

Since the beginning of the Russia-Ukraine war, hacktivism has experienced a substantial resurgence, with many hacktivist groups being created in. The post Killnet: The Hactivist Group That Started A Global Cyber War first appeared on Digital Shadows.

DDOS 145

DDOS Government 145

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Security Affairs

JUNE 9, 2022

Researchers uncovered a high stealth Linux malware, dubbed Symbiote, that could be used to backdoor infected systems. Joint research conducted by security firms Intezer and BlackBerry uncovered a new Linux threat dubbed Symbiote. The name comes from the concept of symbiote which is an organism that lives in symbiosis with another organism, exactly like this implant does with the infected systems.

Malware 145

Malware DNS Antivirus Passwords 145

Schneier on Security

JUNE 8, 2022

People are leaking classified military information on discussion boards for the video game War Thunder to win arguments — repeatedly.

245

245

Tech Republic Security

JUNE 5, 2022

A new report from ISACA finds that 53% of respondents believe supply chain issues will stay the same or worsen over the next six months. The post Tech pros have low confidence in supply chain security appeared first on TechRepublic.

208

208

Security Boulevard

JUNE 7, 2022

While malicious email attachments are nothing new, there’s reason to be particularly cautious when it comes to the new zero-day vulnerability, dubbed Follina, found in Microsoft Word, for which the tech giant almost immediately issued a workaround. The reason this vulnerability is so serious is that all a user needs to do is open the. The post Microsoft Suggests Work-Around For ‘Serious’ Follina Zero-Day appeared first on Security Boulevard.

Social Engineering 144

Social Engineering Engineering Security Awareness Malware 144

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Affairs

JUNE 4, 2022

GitLab addresses a critical security vulnerability, tracked as CVE-2022-1680, that could be exploited by an attacker to take over users’ accounts. GitLab has fixed a critical security flaw in its GitLab Enterprise Edition (EE), tracked as CVE-2022-1680 (CVSS score 9.9), that could be exploited to take over an account. The vulnerability impacts all versions starting from 11.10 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. R

Accountability 145

Accountability Hacking Cybersecurity Information Security 145

Schneier on Security

JUNE 6, 2022

Long article about Joshua Schulte, the accused leaker of the WikiLeaks Vault 7 and Vault 8 CIA data. Well worth reading.

249

249

Tech Republic Security

JUNE 6, 2022

The internet-facing instances are currently being accessed by attackers who remove the vulnerable databases and leave a ransom note instead. The post Thousands of unprotected Elasticsearch databases are being ransomed appeared first on TechRepublic.

Internet 200

Internet Internet 200

CSO Magazine

JUNE 6, 2022

Every year, global security vendors use the RSA Conference (RSAC) to exhibit new products and capabilities. This year, the show returns as an in-person event (with a virtual component) in San Francisco after going all-virtual in 2021 due to the pandemic. At RSAC 2022, starting June 6, new product showcases are dominated by identity and access security, SaaS services and security operations center ( SOC ) enhancements.

Cybersecurity 144

Cybersecurity 144

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Affairs

JUNE 7, 2022

The QBot malware operation has partnered with Black Basta ransomware group to target organizations worldwide. Researchers from NCC Group spotted a new partnership in the threat landscape between the Black Basta ransomware group and the QBot malware operation. Black Basta has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. .

Ransomware 145

Ransomware Backups Malware Firewall 145

The Hacker News

JUNE 8, 2022

U.S. cybersecurity and intelligence agencies have warned about China-based state-sponsored cyber actors leveraging network vulnerabilities to exploit public and private sector organizations since at least 2020.

Cybersecurity 144

Cybersecurity 144

Tech Republic Security

JUNE 9, 2022

A large-scale phishing attack was uncovered by PIXM, as well as the person who had been carrying out the attacks. The post A cybercriminal stole 1 million Facebook account credentials over 4 months appeared first on TechRepublic.

Accountability 194

Accountability Phishing 194

eSecurity Planet

JUNE 10, 2022

About 90% of security buyers aren’t getting the efficacy from their products that vendors claim they can deliver, according to a panel at this week’s RSA Conference that also offered some solutions to begin to fix that problem. Joe Hubback of cyber risk management startup ISTARI led both the panel and the study, which was based on in-depth interviews with more than a hundred high-level security officials, including CISOs, CIOs, CEOs, security and tech vendors, evaluation organization

Marketing 143

Marketing Cyber Risk Technology CISO 143

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Security Affairs

JUNE 6, 2022

Resecurity, Inc. (USA) has identified an increase in activity within hacktivist groups conducted by a new group called “Cyber Spetsnaz”. Resecurity, Inc. (USA) has identified an increase in activity within hacktivist groups, they’re leveraging current geopolitical tensions between the Ukraine and Russia to perform cyber-attacks. Following the attacks of the Killnet Collective, the group responsible for the attacks against major government resources and law enforcement, a new group has been ident

Government 145

Government DDOS Cyber Attacks Hacking 145

Malwarebytes

JUNE 7, 2022

Account hijacking has sadly become a regular, everyday occurrence. But when it comes to hijacking accounts before they are even created? That’s something you’d never think possible—but it is. Two security researchers, Avinash Sudhodanan and Andrew Paverd, call this new class of attack a “ pre-hijacking attack. ” Unfortunately, many websites and online services, including high-traffic ones, are not immune to it.

Accountability 143

Accountability Passwords Authentication Media 143

Tech Republic Security

JUNE 6, 2022

Learn about the new features available with iOS 16, and how to download and install the latest version of Apple’s mobile operating system. The post iOS 16 cheat sheet: Complete guide for 2022 appeared first on TechRepublic.

Mobile 192

Mobile 192

Bleeping Computer

JUNE 10, 2022

A new hardware attack targeting Pointer Authentication in Apple M1 CPUs with speculative execution enables attackers to gain arbitrary code execution on Mac systems. [.].

Authentication 144

Authentication 144

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Security Affairs

JUNE 8, 2022

Black Basta ransomware gang implemented a new feature to encrypt VMware ESXi virtual machines (VMs) running on Linux servers. The Black Basta ransomware gang now supports encryption of VMware ESXi virtual machines (VMs) running on Linux servers. Researchers from Uptycs first reported the discovery of the new Black Basta ransomware variant that supports encryption of VMWare ESXi servers.

Encryption 145

Encryption Ransomware Malware Hacking 145

Dark Reading

JUNE 10, 2022

Next-generation AI products learn proactively and identify changes in the networks, users, and databases using "data drift" to adapt to specific threats as they evolve.

Artificial Intelligence 145

Artificial Intelligence 145

Tech Republic Security

JUNE 7, 2022

A recent survey reveals many organizations close either temporarily or permanently after a ransomware attack. Learn more about how you can protect your business ransomware attacks. The post A third of organizations hit by ransomware were forced to close temporarily or permanently appeared first on TechRepublic.

Ransomware 181

Ransomware 181

Bleeping Computer

JUNE 8, 2022

Malware that steals your passwords, credit cards, and crypto wallets is being promoted through search results for a pirated copy of the CCleaner Pro Windows optimization program. [.].

Malware 141

Malware Passwords 141

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity