CSO Magazine
JULY 1, 2021
Dark web definition. The dark web is a part of the internet that isn't indexed by search engines. You've no doubt heard talk of the “dark web” as a hotbed of criminal activity — and it is. Researchers Daniel Moore and Thomas Rid of King's College in London classified the contents of 2,723 live dark web sites over a five-week period in 2015 and found that 57% host illicit material.
The Hacker News
JULY 1, 2021
The recent tsunami of ransomware has brought to life the fears of downtime and data loss cybersecurity pros have warned about, as attacks on the energy sector, food supply chain, healthcare industry, and other critical infrastructure have grabbed headlines.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
JUNE 30, 2021
64% of respondents to PwC's latest CEO survey expect a jump in reportable ransomware and software supply chain incidents this year, and only 55% are prepared to respond.
Schneier on Security
JULY 2, 2021
Two reports this week. The first is from Microsoft, which wrote : As part of our investigation into this ongoing activity, we also detected information-stealing malware on a machine belonging to one of our customer support agents with access to basic account information for a small number of our customers. The actor used this information in some cases to launch highly-targeted attacks as part of their broader campaign.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Krebs on Security
JULY 2, 2021
Some of Western Digital’s MyCloud-based data storage devices. Image: WD. Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015, as well as a previously unknown zero-day flaw. But there is a similarly serious zero-day flaw present in a much broader range of newer Western Digital MyCloud network storage devices that will remain unfixed for many customers who ca
Troy Hunt
JUNE 28, 2021
Today I'm very happy to welcome the 23rd national government to Have I Been Pwned, the Slovak Republic. As of now, CSIRT.sk has full and free access to query all their government domains via an API that returns all their email addresses impacted by each data breach in HIBP. Granting governments this level of access gives them visibility into not just the 11.4 billion records that are already in HIBP but provides an early warning system for the billions of records yet to come.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Schneier on Security
JUNE 29, 2021
Over at Lawfare, Susan Landau has an excellent essay on the risks posed by software used to collect evidence (a Breathalyzer is probably the most obvious example). Bugs and vulnerabilities can lead to inaccurate evidence, but the proprietary nature of software makes it hard for defendants to examine it. The software engineers proposed a three-part test.
Krebs on Security
JULY 1, 2021
Financial services giant Intuit this week informed 1.4 million small businesses using its QuickBooks Online Payroll and Intuit Online Payroll products that their payroll information will be shared with big-three consumer credit bureau Equifax starting later this year unless customers opt out by the end of this month. Intuit says the change is tied to an “exciting” and “free” new service that will let millions of small business employees get easy access to employment and i
Bleeping Computer
JULY 2, 2021
Microsoft now requires a computer to have a TPM 2.0 module to install Windows 11. However, new Registry entries have been discovered that allow you to bypass the TPM requirement and minimum memory and secure boot requirements. [.].
Tech Republic Security
JUNE 29, 2021
Expert says attacks are getting bigger and more aggressive than before. Instead of being like a burglary, they're more like a home invasion.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Schneier on Security
JULY 1, 2021
As ransomware becomes more common, I’m seeing more discussions about the ethics of paying the ransom. Here’s one more contribution to that issue: a research paper that the insurance industry is hurting more than it’s helping. However, the most pressing challenge currently facing the industry is ransomware. Although it is a societal problem, cyber insurers have received considerable criticism for facilitating ransom payments to cybercriminals.
Krebs on Security
JUNE 30, 2021
Imagine waking up each morning knowing the identities of thousands of people who are about to be mugged for thousands of dollars each. You know exactly when and where each of those muggings will take place, and you’ve shared this information in advance with the authorities each day for a year with no outward indication that they are doing anything about it.
Malwarebytes
JUNE 30, 2021
LinkedIn has reportedly been breached— again —following reports of a massive sale of information scraped from 500M LinkedIn user profiles in the underground in May. According to Privacy Shark, the VPN company who first reported on this incident , a seller called TomLiner showed them he was in possession of 700 million Linkedin user records. That means almost all (92 percent) of LinkedIn’s users are affected by this.
Tech Republic Security
JULY 2, 2021
Attention to detail, creativity and perseverance are key traits for a good white hat hacker. These positions are in high demand.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Schneier on Security
JUNE 28, 2021
It’s a series of vulnerabilities : Josep Rodriguez, a researcher and consultant at security firm IOActive, has spent the last year digging up and reporting vulnerabilities in the so-called near-field communications reader chips used in millions of ATMs and point-of-sale systems worldwide. NFC systems are what let you wave a credit card over a reader — rather than swipe or insert it — to make a payment or extract money from a cash machine.
We Live Security
JUNE 30, 2021
Are you on Facebook? So are scammers. Here are some of the most common con jobs on Facebook you should watch out for and how you can tell if you’re being scammed. The post Common Facebook scams and how to avoid them appeared first on WeLiveSecurity.
Bleeping Computer
JUNE 30, 2021
The US Cybersecurity and Infrastructure Security Agency (CISA) has released the Ransomware Readiness Assessment (RRA), a new module for its Cyber Security Evaluation Tool (CSET). [.].
Tech Republic Security
JUNE 29, 2021
The number of spam calls, the number of people losing money to them and the total amount of money lost In the past year are all record setting.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
The Hacker News
JUNE 28, 2021
Microsoft last week rolled out updates for the Edge browser with fixes for two security issues, one of which concerns a security bypass vulnerability that could be exploited to inject and execute arbitrary code in the context of any website. Tracked as CVE-2021-34506 (CVSS score: 5.
Hot for Security
JUNE 28, 2021
According to a newly-published report by the FBI’s Internet Crime Complaint Center (IC3), the elderly are more at risk from falling victim to online fraud and internet scammers than ever before. Read more in my article on the Hot for Security blog.
Security Boulevard
JULY 2, 2021
Primary care med-tech firm One Medical sent email to countless customers, with hundreds of other customer email addresses visible in the To: field. The post One Medical: Sorry-not-Sorry for Leaking your Personal Info appeared first on Security Boulevard.
Tech Republic Security
JUNE 30, 2021
Security is a big part of Windows 11, but so is delivering productivity and a good experience with all the security features turned on.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Bleeping Computer
JUNE 26, 2021
Microsoft has now confirmed signing a malicious driver being distributed within gaming environments. This driver, called "Netfilter," is in fact a rootkit that was observed communicating with Chinese command-and-control IPs. [.].
Security Affairs
JUNE 29, 2021
A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92% of the total 756M users. A new massive LinkedIn breach made the headlines, a database containing data of 700M users, more than 92% of the total 756M users, is available for sale on forums on the dark web. The exposed records include email addresses full names, phone numbers, physical addresses, geolocation records, LinkedIn username and profile URL, personal and professional experi
Security Boulevard
JULY 1, 2021
LinkedIn is fighting a crescendo of criticism over a huge data breach. But when is a breach not a “breach”? The post LinkedIn Leaks 93% of Users’ Data—Refuses Blame for Breach appeared first on Security Boulevard.
Tech Republic Security
JUNE 28, 2021
New survey finds that the attack also motivated more information sharing within the industry and improved supply chain security.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
We Live Security
JUNE 29, 2021
Information scraped from LinkedIn user profiles includes full names, gender, email addresses and phone numbers. The post Data for 700 million LinkedIn users up for grabs on hacker forum appeared first on WeLiveSecurity.
Bleeping Computer
JUNE 29, 2021
Russian state hackers compromised Denmark's central bank (Danmarks Nationalbank) and planted malware that gave them access to the network for more than half a year without being detected. [.].
Security Boulevard
JUNE 29, 2021
The “golden age of digital transformation” is upon us, and companies around the globe are scurrying to meet consumers on the digital frontier. For developers, it is a virtual gold rush, as businesses overhaul their infrastructure to meet consumers where they are—their mobile phones. For most, this means developing a mobile app. Unfortunately, the byproduct.
Tech Republic Security
JUNE 28, 2021
New survey finds that the attack also motivated more information sharing within the industry and improved supply chain security.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Expert insights. Personalized for you.
145 
Let's personalize your content