CyberSecurity Insiders
SEPTEMBER 26, 2022
Staffing shortages in some industries have worsened since the COVID-19 pandemic began wreaking havoc in 2020, especially in cybersecurity. Cyberattacks have increased in many sectors, primarily targeting education and healthcare. What can employers do for their businesses with attacks rising alongside the widening cybersecurity skills gap? What Is the Cybersecurity Skills Gap?
Krebs on Security
SEPTEMBER 30, 2022
Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. It’s not clear who’s behind this network of fake CISOs or what their intentions may be. But the fabricated LinkedIn identities are confusing search engine results for CISO roles at major companies, and they are being indexed as gospel by various downstream data-scraping sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
SEPTEMBER 28, 2022
The Atlantic Council has published a report on securing the Internet of Things: “Security in the Billions: Toward a Multinational Strategy to Better Secure the IoT Ecosystem.” The report examines the regulatory approaches taken by four countries—the US, the UK, Australia, and Singapore—to secure home, medical, and networking/telecommunications devices.
Troy Hunt
SEPTEMBER 30, 2022
How's this weeks video for a view?! It's a stunning location here in Bali and it's just been the absolute most perfect spot for a honeymoon, especially after weeks of guests and celebrations. But whoever hacked and ransom'd Optus didn't care about me taking time out and I've done more media in the last week than I have in a long time.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
The Last Watchdog
SEPTEMBER 27, 2022
Digital resiliency has arisen as something of a Holy Grail in the current environment. Related: The big lesson of Log4j. Enterprises are racing to push their digital services out to the far edge of a highly interconnected, cloud-centric operating environment. This has triggered a seismic transition of company networks, one that has put IT teams and security teams under enormous pressure.
Krebs on Security
SEPTEMBER 24, 2022
A 36-year-old Russian man recently identified by KrebsOnSecurity as the likely proprietor of the massive RSOCKS botnet has been arrested in Bulgaria at the request of U.S. authorities. At a court hearing in Bulgaria this month, the accused hacker requested and was granted extradition to the United States, reportedly telling the judge, “America is looking for me because I have enormous information and they need it.” A copy of the passport for Denis Kloster, as posted to his Vkontakte
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Tech Republic Security
SEPTEMBER 29, 2022
Enterprise software delivery company CloudBees has a new SaaS offering to discuss, and the firm's CEO gets philosophical. The post CloudBees CEO: Software delivery is now ‘release orchestration’ appeared first on TechRepublic.
The Last Watchdog
SEPTEMBER 26, 2022
Today’s enterprises are facing more complexities and challenges than ever before. Related: Replacing VPNs with ZTNA. Thanks to the emergence of today’s hybrid and multi-cloud environments and factors like remote work, ransomware attacks continue to permeate each industry. In fact, the 2022 Verizon Data Breach Investigation Report revealed an alarming 13 percent increase in ransomware attacks overall – greater than past five years combined – and the inability to properly manage identities and pri
Troy Hunt
SEPTEMBER 24, 2022
Wow, what a week! Of course there's lots of cyber / tech stuff in this week's update, but it was really only the embedded tweet below on my mind so I'm going to leave you with this then come to you from somewhere much more exotic than usual (and I reckon that's a pretty high bar for me!) next week 😎 Absolutely over the moon to formally make @Charlotte_Hunt_ a part of our family ❤️ 💍 pic.twitter.com/XfahXElboC — Troy Hunt (@troyhunt) Septem
Schneier on Security
SEPTEMBER 29, 2022
Found documents in Poland detail US spying operations against the former Soviet Union. The file details a number of bugs found at Soviet diplomatic facilities in Washington, D.C., New York, and San Francisco, as well as in a Russian government-owned vacation compound, apartments used by Russia personnel, and even Russian diplomats’ cars. And the bugs were everywhere : encased in plaster in an apartment closet; behind electrical and television outlets; bored into concrete bricks and threaded into
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Tech Republic Security
SEPTEMBER 26, 2022
Jack Wallen details a recent hack and why he believes one aspect of two-factor authentication is part of the problem. The post Why 2FA is failing and what should be done about it appeared first on TechRepublic.
Lohrman on Security
SEPTEMBER 25, 2022
This review covers Mikko Hypponen’s latest book, If It’s Smart, It’s Vulnerable. This is an excellent book that is highly recommended.
WIRED Threat Level
SEPTEMBER 28, 2022
Want to speak up against Big Tech, unjust data collection, and surveillance? Here's how to be an activist in your community and beyond.
Security Affairs
SEPTEMBER 26, 2022
A previously undetected hacking group, tracked as Metador, has been targeting telecommunications, internet services providers (ISPs), and universities for about two years. SentinelLabs researchers uncovered a never-before-seen threat actor, tracked as Metador, that primarily targets telecommunications, internet service providers, and universities in several countries in the Middle East and Africa.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Tech Republic Security
SEPTEMBER 28, 2022
Microsoft investigated a new kind of attack where malicious OAuth applications were deployed on compromised cloud tenants before being used for mass spamming. The post Malicious Oauth app enables attackers to send spam through corporate cloud tenants appeared first on TechRepublic.
Bleeping Computer
SEPTEMBER 30, 2022
The Brave browser will soon allows users to block annoying and potentially privacy-harming cookie consent banners on all websites they visit. [.].
We Live Security
SEPTEMBER 26, 2022
Had your Instagram account stolen? Don’t panic – here’s how to get your account back and how to avoid getting hacked (again). The post What happens with a hacked Instagram account – and how to recover it appeared first on WeLiveSecurity.
Security Affairs
SEPTEMBER 30, 2022
Researchers from Mandiant have discovered a novel malware persistence technique within VMware ESXi Hypervisors. Mandiant detailed a novel technique used by malware authors to achieve administrative access within VMware ESXi Hypervisors and take over vCenter servers and virtual machines for Windows and Linux to perform the following actions: Send commands to the hypervisor that will be routed to the guest VM for execution Transfer files between the ESXi hypervisor and guest machines running benea
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Tech Republic Security
SEPTEMBER 30, 2022
A new malware named Chaos raises concerns as it spreads on multiple architectures and operating systems. The post New Chaos malware spreads over multiple architectures appeared first on TechRepublic.
Trend Micro
SEPTEMBER 27, 2022
The growing appearance of deepfake attacks is significantly reshaping the threat landscape. These fakes brings attacks such as business email compromise (BEC) and identity verification bypassing to new levels.
We Live Security
SEPTEMBER 28, 2022
Online predators increasingly trick or coerce youth into sharing explicit videos and photos of themselves before threatening to post the content online. The post Protecting teens from sextortion: What parents should know appeared first on WeLiveSecurity.
Security Affairs
SEPTEMBER 30, 2022
Security researchers are warning of a new Microsoft Exchange zero-day that are being exploited by malicious actors in the wild. Cybersecurity firm GTSC discovered two Microsoft Exchange zero-day vulnerabilities that are under active exploitation in attacks in the wild. Both flaws were discovered by the researchers as part of an incident response activity in August 2022, they are remote code execution issues.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Tech Republic Security
SEPTEMBER 30, 2022
Professional risk factors into career decisions, and successful women need to encourage other women to accept the risks, says Accenture. The post Report finds women are declining CISO/CSO roles appeared first on TechRepublic.
Security Boulevard
SEPTEMBER 28, 2022
Netography today added support for context labels and tagging to a software-as-a-service (SaaS) platform that provides deep packet inspection capabilities to identify cybersecurity threats in near-real-time. Netography CEO Martin Roesch said labels and tags will make it easier for cybersecurity teams to use flow logs to visualize and analyze network traffic by application, location, compliance.
We Live Security
SEPTEMBER 30, 2022
ESET researchers have discovered Lazarus attacks against targets in the Netherlands and Belgium that use spearphishing emails connected to fake job offers. The post Amazon‑themed campaigns of Lazarus in the Netherlands and Belgium appeared first on WeLiveSecurity.
Security Affairs
SEPTEMBER 25, 2022
OpIran: Anonymous launched Operation Iran against Teheran due to the ongoing crackdown on dissent after Mahsa Amini’s death. Anonymous launched OpIran against Iran due to the ongoing crackdown on dissent after Mahsa Amini’s death. The protests began after the death of Mahsa Amini from Saqqez in Kurdistan province after her arrest by Iran’s morality police for allegedly wearing her hijab too loosely.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Tech Republic Security
SEPTEMBER 29, 2022
Get a great deal on 110 hours of IT training in these online courses focused on tech basics in the CompTIA and Microsoft certification exams. The post Launch an IT career after taking these eight courses for under $50 appeared first on TechRepublic.
CSO Magazine
SEPTEMBER 26, 2022
In August, Patrick Hillman, chief communications officer of blockchain ecosystem Binance, knew something was off when he was scrolling through his full inbox and found six messages from clients about recent video calls with investors in which he had allegedly participated. “Thanks for the investment opportunity,” one of them said. “I have some concerns about your investment advice,” another wrote.
The Hacker News
SEPTEMBER 30, 2022
A Brazilian threat actor known as Prilex has resurfaced after a year-long operational hiatus with an advanced and complex malware to steal money by means of fraudulent transactions. "The Prilex group has shown a high level of knowledge about credit and debit card transactions, and how software used for payment processing works," Kaspersky researchers said.
Security Affairs
SEPTEMBER 29, 2022
The recently discovered malware builder Quantum Builder is being used by threat actors to deliver the Agent Tesla RAT. A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT), Zscaler ThreatLabz researchers warn. “Quantum Builder (aka “Quantum Lnk Builder”) is used to create malicious shortcut files.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Expert insights. Personalized for you.
122 
Let's personalize your content