Schneier on Security

JANUARY 3, 2023

A group of Chinese researchers have just published a paper claiming that they can—although they have not yet done so—break 2048-bit RSA. This is something to take seriously. It might not be correct, but it’s not obviously wrong. We have long known from Shor’s algorithm that factoring with a quantum computer is easy. But it takes a big quantum computer, on the orders of millions of qbits, to factor anything resembling the key sizes we use today.

Encryption 363

Encryption Government Information Security 363

Joseph Steinberg

JANUARY 4, 2023

Zero Trust is a term that is often misunderstood and misused, which is why I wrote an article not long ago entitled Zero Trust: What These Overused Cybersecurity Buzz Words Actually Mean – And Do Not Mean. But, even those who have a decent grasp on the meaning of Zero Trust seem to frequently confuse the term with Zero Trust Network Architecture (ZTNA).

Architecture 361

Architecture Artificial Intelligence Encryption Cybersecurity 361

Troy Hunt

JANUARY 5, 2023

Strap yourself in, this is a big one! Big video, big breach (scrape?), and a big audience today. The Twitter incident consumed a heap of my time before, during and after this live stream, but then I go and get a sudden itch to do stuff like the number plate capturing and, well, there goes even more hours I don't have. But hey, I love what I do and I have no regrets, I hope you enjoy watching this week's vid 😊 Oh - one more thing: today I set up an official Mastodon account for

Password Management 230

Password Management Accountability Passwords 230

The Last Watchdog

JANUARY 3, 2023

For the average user, the Internet is an increasingly dangerous place to navigate. Related: Third-party snooping is widespread. Consider that any given website experiences approximately 94 malicious attacks a day , and that an estimated 12.8 million websites are infected with malware. So, in response to these numbers, users are seeking ways to implement a more secure approach to web browsing.

Malware 214

Malware Advertising Engineering Authentication 214

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Schneier on Security

JANUARY 6, 2023

This group has found a ton of remote vulnerabilities in all sorts of automobiles. It’s enough to make you want to buy a car that is not Internet-connected. Unfortunately, that seems to be impossible.

Internet 299

Internet Internet Hacking 299

Joseph Steinberg

JANUARY 2, 2023

“May the present year’s curses end as it ends, and may the upcoming year’s blessings begin as it begins.”. This ancient aphorism from the Talmud is one of my favorite pieces of advice regarding the start of a new year. While many people interpret the saying as a wish or a prayer – and it certainly can be understood as expressing hope for a better future – I understand it also to be a call to action.

Artificial Intelligence 312

Artificial Intelligence Accountability Cybersecurity 312

eSecurity Planet

JANUARY 5, 2023

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. “In 2022, governments fought wars online, businesses were affected by multiple ransomware gangs, and regular users’ data was constantly on hackers’ radars,” said NordVPN CTO Marijus Briedis. 2023, he predicted, “will not be any easier when it comes to keeping users’

Ransomware 145

Ransomware CISO Software Cybercrime 145

Schneier on Security

JANUARY 6, 2023

I’m not sure why, but Audiobooks.com is offering the audiobook version of Schneier on Security at 50% off until January 17.

253

253

Bleeping Computer

JANUARY 4, 2023

A data leak described as containing email addresses for over 200 million Twitter users has been published on a popular hacker forum for about $2. BleepingComputer has confirmed the validity of many of the email addresses listed in the leak. [.].

Technology 145

Technology 145

Tech Republic Security

JANUARY 6, 2023

A spate of zero-day exploits against Twitter, Rackspace and others late last year showed the limits of a cybersecurity workforce under duress, a step behind and understaffed with some 3.4 million vacant seats. The post Recent 2022 cyberattacks presage a rocky 2023 appeared first on TechRepublic.

Cybersecurity 203

Cybersecurity 203

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Security Boulevard

JANUARY 2, 2023

In the fintech industry, Cloud Computing has emerged as a new trend that has greatly impacted the needs of the financial sector and given it a huge potential to expand. Fintech is predicted to have a $124.3 billion global market by the end of 2025, with a compound annual growth rate of 23.84%. So why […]. The post How Cloud Computing Affects Fintech?

Marketing 145

Marketing 145

Identity IQ

JANUARY 4, 2023

5 Things You Should Not Share on Social Media. IdentityIQ. Social media has become some of the most popular platforms people spend their time on. Whether you want to check up on your family members, post photos or even meet new people, social media is the way to go. Even businesses take up social media to promote their products and services. What you post on social media today is important, so make sure you try to avoid these types of posts. 1.

Media 142

Media Identity Theft Accountability Risk 142

We Live Security

JANUARY 3, 2023

With many children spending a little too much time playing video games, learn to spot the signs things may be spinning out of control. The post Gaming: How much is too much for our children? appeared first on WeLiveSecurity.

142

142

Tech Republic Security

JANUARY 5, 2023

Google, Microsoft and Proton launched new end-to-end encryption products to confront the 50% increase in ransomware, phishing and other email-vector attacks from the first half of 2022. The post Cloud email services bolster encryption against hackers appeared first on TechRepublic.

Encryption 183

Encryption Phishing Ransomware VPN 183

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Boulevard

JANUARY 2, 2023

With so many digital wallet options, Fintech Cybersecurity Risks like fraudulent transactions, extortion, denial of service attacks, and credit card fraud have increased. These cyberattacks are powerful enough to put the financial sector at systemic risk. Some of the most well-known cyberattacks the financial sector has seen to date have impacted critical economic infrastructures.

Cybersecurity 145

Cybersecurity Risk 145

Graham Cluley

JANUARY 3, 2023

Do you use the LastPass password manager? Did you know they suffered a data breach, and that your passwords may be at risk? You do now. Here's what you need to know.

Password Management 145

Password Management Data breaches Passwords Hacking 145

CyberSecurity Insiders

JANUARY 6, 2023

By Tyler Reguly, senior manager, security R&D at cybersecurity software and services provider Fortra. The pandemic ushered in an unprecedented wave of online purchasing, as people around the world became far more comfortable with virtual shopping. In fact, the U.S. Census Bureau’s latest  Annual Retail Trade Survey  reports e-commerce expenditures rose from $571.2 billion in 2019 to $815.4 billion in 2020, a 43% increase.

Antivirus 138

Antivirus Retail Software Accountability 138

Tech Republic Security

JANUARY 4, 2023

Meta has violated GDPR with illegal personal data collection practices for targeted ads. Learn about this latest violation and Meta's rocky GDPR history. The post Meta violates GDPR with non-compliant targeted ad practices, earns over $400 million in fines appeared first on TechRepublic.

Data collection 164

Data collection Big data VPN 164

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Boulevard

JANUARY 6, 2023

Nearly half (49%) of cybersecurity professionals citied digital business transformation issues as the top factor driving an increase in cybersecurity costs, according to a survey conducted by Dimensional Research on behalf of Deepwatch, a provider of managed detection and response services. The survey of 107 IT security professionals working at organizations with more 1,000 employees.

Digital transformation 138

Digital transformation Cybersecurity CISO Cryptocurrency 138

CSO Magazine

JANUARY 4, 2023

Every business needs a secure way to collect, manage, and authenticate passwords. Unfortunately, no method is foolproof. Storing passwords in the browser and sending one-time access codes by SMS or authenticator apps can be bypassed by phishing. Password management products are more secure, but they have vulnerabilities as shown by the recent LastPass breach that exposed an encrypted backup of a database of saved passwords.

Authentication 129

Authentication Password Management Backups Passwords 129

CyberSecurity Insiders

JANUARY 6, 2023

By Geert van der Linden, EVP & Head of Global Cybersecurity Practice at Capgemini. You might feel like we live in an age of permacrisis. The past year has brought about rising geopolitical tensions, mass digitalization, more hybrid working, and a skilled labor shortage. Adding to these challenges is the new era of almost limitless connectivity, which is changing the way we live and work, all the while causing havoc for cybersecurity teams.

Cybersecurity 138

Cybersecurity Manufacturing Education Technology 138

Tech Republic Security

JANUARY 5, 2023

With the self-hosted Passbolt password manager, you must configure an SMTP server to use the collaboration features. Learn how to do it. The post How to configure an SMTP server in a self-hosted instance Passbolt appeared first on TechRepublic.

Password Management 145

Password Management Passwords Software 145

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Security Boulevard

JANUARY 4, 2023

F5 has extended the reach of its cloud security platform to include the infrastructure that applications are deployed on using technology it gained with the acquisition of ThreatStack in late 2021. Chris Ford, regional vice president for F5, said F5 Distributed Cloud App Infrastructure Protection (AIP) expands the scope of the capabilities that the company.

Cybersecurity 137

Cybersecurity Technology Network Security 137

We Live Security

JANUARY 4, 2023

Are your virtual doctor visits private and secure? Here’s what to know about, and how to prepare for, connecting with a doctor from the comfort of your home. The post The doctor will see you now … virtually: Tips for a safe telehealth visit appeared first on WeLiveSecurity.

128

128

CyberSecurity Insiders

JANUARY 4, 2023

Adding more embarrassment to last year’s Twitter Data Breach, a new finding on the web has discovered a new database dump exposed on an online hacking forum. It appears to be a big data leak as information related to about 235 million users was found by a cyber intelligence firm named Hudson Rock, based in Israel. Exposed details include user names, email address, screen names, number of followers and date of account creation along with the linked phone number.

Identity Theft 137

Identity Theft Big data Manufacturing Healthcare 137

Bleeping Computer

JANUARY 1, 2023

The LockBit ransomware gang has released a free decryptor for the Hospital for Sick Children (SickKids), saying one of its members violated rules by attacking the healthcare organization. [.].

Ransomware 127

Ransomware Healthcare 127

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Security Boulevard

JANUARY 6, 2023

Insight #1. ". If your source code is leaked, the first thing you need to do is make sure the malicious actors are not still in your environment, do not worry about what is in your code. Get them out first.". . Insight #2. ". Transparency is the key to incident response and communication with those affected. Be as transparent as possible even with many unknowns.". .

CISO 129

CISO Cybersecurity Passwords 129

CSO Magazine

JANUARY 5, 2023

Autonomous intelligence, artificial intelligence (AI) that can act without human intervention, can help identify critical infrastructure cyberattack patterns and network activity, and detect malware to enable enhanced decision-making about defensive responses. That’s according to the preliminary findings of an international experiment of AI’s ability to secure and defend systems, power grids and other critical assets by cyber experts at the North Atlantic Treaty Organization’s (NATO) Cyber Coali

Artificial Intelligence 126

Artificial Intelligence Malware 126

CyberSecurity Insiders

JANUARY 6, 2023

By Doron Pinhas, Chief Technology Officer, Continuity. 2022 clearly demonstrated that attacks on data represent the greatest cyber-threat organizations face. The attack pace not only continued, it accelerated. Notable data breaches took place at Microsoft, News Corp., the Red Cross, FlexBooker, Cash App, GiveSendGo, and several crypto firms. Many of these attacks took advantage of known vulnerabilities and security misconfigurations in storage and backup systems.

Backups 136

Backups Ransomware Insurance Cyber Insurance 136

Cisco Security

JANUARY 6, 2023

Speaking to many CISOs, it’s clear that many security executives view zero trust as a journey that can be difficult to start, and one that even makes identifying successful outcomes a challenge. Simultaneously, the topic of security resilience has risen up the C-level agenda and is now another focus for security teams. So, are these complementary?

CISO 142

CISO Authentication Cybersecurity Risk 142

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity