Sat.Jan 21, 2023 - Fri.Jan 27, 2023

article thumbnail

Survey: Cybersecurity budgets aren’t matching cybersecurity challenges

Tech Republic Security

A new study finds that due to the growing threat surface from hybrid work and third-party vendors, only half of organizations have the budget to meet current cybersecurity needs. The post Survey: Cybersecurity budgets aren’t matching cybersecurity challenges appeared first on TechRepublic.

article thumbnail

Kevin Mitnick Hacked California Law in 1983

Schneier on Security

Early in his career, Kevin Mitnick successfully hacked California law. He told me the story when he heard about my new book , which he partially recounts his 2012 book, Ghost in the Wires. The setup is that he just discovered that there’s warrant for his arrest by the California Youth Authority, and he’s trying to figure out if there’s any way out of it.

Hacking 343
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Experian Glitch Exposing Credit Files Lasted 47 Days

Krebs on Security

On Dec. 23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. Experian fixed the glitch, but remained silent about the incident for a month.

article thumbnail

Surprising Cyber Focus at the World Economic Forum

Lohrman on Security

In a series of reports released at the World Economic Forum gathering in Davos, Switzerland, this past week, the outlook for the global economy, and for cybersecurity worldwide, looked gloomy.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Weekly Update 332

Troy Hunt

Breaches all over the place today! Well, this past week, and there's some debate as to whether one of them is a breach, a scrape or if the term just doesn't matter anyway. Plus, we've been kitchen shopping, I'm helping friends out with connected doorbells and other random but somehow related things this week. Enjoy 😊 References I'll be "at" GOTO Aarhus in May (there online, but definitely speaking at the show) Following all the awesome input, we decided t

218
218
article thumbnail

A Guide to Phishing Attacks

Schneier on Security

This is a good list of modern phishing techniques.

Phishing 324

More Trending

article thumbnail

How hackers stole the personal data of 37 million T-Mobile customers

Tech Republic Security

The criminals took advantage of an API to grab personal details such as customer names, billing addresses, email addresses, phone numbers, dates of birth, and T-Mobile account numbers. The post How hackers stole the personal data of 37 million T-Mobile customers appeared first on TechRepublic.

Mobile 216
article thumbnail

GUEST ESSAY — How threat detection services for SMBs are continuing to evolve and improve

The Last Watchdog

Small and medium-sized businesses are facing immense security challenges and these are the same as those of mid-size or larger enterprises. Related: Myths about safe browsing Clearly, SMBs need to be alert for cyberattacks, but they also need to stay focused on their business and not sacrifice productivity. Organizations are confronted with a severe security threats landscape, and it is critical that they have the ability to prevent, detect and respond to these threats in a timely manner.

article thumbnail

No-Fly List Exposed

Schneier on Security

I can’t remember the last time I thought about the US no-fly list: the list of people so dangerous they should never be allowed to fly on an airplane, yet so innocent that we can’t arrest them. Back when I thought about it a lot, I realized that the TSA’s practice of giving it to every airline meant that it was not well protected, and it certainly ended up in the hands of every major government that wanted it.

article thumbnail

Massive Microsoft 365 outage caused by WAN router IP change

Bleeping Computer

Microsoft says this week's five-hour-long Microsoft 365 worldwide outage was caused by a router IP address change that led to packet forwarding issues between all other routers in its Wide Area Network (WAN). [.

145
145
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

FBI takes down Hive ransomware group

Tech Republic Security

Working with international law enforcement, the FBI said it has seized control of the servers the Hive group uses to communicate with members. The post FBI takes down Hive ransomware group appeared first on TechRepublic.

article thumbnail

SwiftSlicer: New destructive wiper malware strikes Ukraine

We Live Security

Sandworm continues to conduct attacks against carefully chosen targets in the war-torn country The post SwiftSlicer: New destructive wiper malware strikes Ukraine appeared first on WeLiveSecurity

Malware 145
article thumbnail

US Cyber Command Operations During the 2022 Midterm Elections

Schneier on Security

The head of both US Cyber Command and the NSA, Gen. Paul Nakasone, broadly discussed that first organization’s offensive cyber operations during the runup to the 2022 midterm elections. He didn’t name names, of course: We did conduct operations persistently to make sure that our foreign adversaries couldn’t utilize infrastructure to impact us,” said Nakasone. “We understood how foreign adversaries utilize infrastructure throughout the world.

article thumbnail

3 Ways ChatGPT Will Change Infosec in 2023

Dark Reading

OpenAI's chatbot has the promise to revolutionize how security practitioners work.

InfoSec 145
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

The risks of 5G security

Tech Republic Security

Unless you've been living under a rock for the past decade, you’ve probably heard of 5G telecommunications. But what is it? The post The risks of 5G security appeared first on TechRepublic.

Risk 202
article thumbnail

‘Hive’ Russian Ransomware Gang Shut Down by FBI, DoJ, Europol, Bundeskriminalamt, et al

Security Boulevard

Law enforcement agencies from several countries got together and took down the site. They also worked to decrypt victims’ data. The post ‘Hive’ Russian Ransomware Gang Shut Down by FBI, DoJ, Europol, Bundeskriminalamt, et al appeared first on Security Boulevard.

article thumbnail

Publisher’s Weekly Review of A Hacker’s Mind

Schneier on Security

Publisher’s Weekly reviewed A Hacker’s Mind —and it’s a starred review! “Hacking is something that the rich and powerful do, something that reinforces existing power structures,” contends security technologist Schneier ( Click Here to Kill Everybody ) in this excellent survey of exploitation. Taking a broad understanding of hacking as an “activity allowed by the system that subverts the… system,” Schneier draws on his background analyzing wea

Hacking 224
article thumbnail

AsyncRAT Analysis with ChatGPT

Quick Heal Antivirus

As cyber threats continue to evolve and become more sophisticated, it’s crucial for security researchers and professionals. The post AsyncRAT Analysis with ChatGPT appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Recent rise in SEO poisoning attacks compromise brand reputations

Tech Republic Security

A new research report from SentinelOne exposes a SEO poisoning attack campaign that hijacks brand names in paid search ads. The post Recent rise in SEO poisoning attacks compromise brand reputations appeared first on TechRepublic.

Media 201
article thumbnail

FTC Proposes Eliminating Non-Compete Clauses

Security Boulevard

The Federal Trade Commission (FTC) chair, Lina M. Khan, recently announced the commission’s intent to adjust a rule that would prohibit non-compete agreements by workers or independent contractors. Their rationale? Unfair competition—which, therefore, falls under the purview of the FTC. This could have a huge impact on the cybersecurity and IT industries, and open up.

article thumbnail

Microsoft urges admins to patch on-premises Exchange servers

Bleeping Computer

Microsoft urged customers today to keep their on-premises Exchange servers patched by applying the latest supported Cumulative Update (CU) to have them always ready to deploy an emergency security update. [.

144
144
article thumbnail

Vice Society Ransomware Group Targets Manufacturing Companies

Trend Micro

In this blog entry, we’d like to highlight our findings on Vice Society, which includes an end-to-end infection diagram that we were able to create using Trend Micro internal telemetry.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Kaspersky releases 2023 predictions

Tech Republic Security

A new report from Kaspersky details what their digital forensics and incident response teams predict as the main 2023 threats to corporations and government agencies. Learn more about it. The post Kaspersky releases 2023 predictions appeared first on TechRepublic.

article thumbnail

What is PSaaS and is it Worthwhile?

Security Boulevard

Cloud computing has been adopted more rapidly in recent years, and we see more cloud applications in security. As businesses return to the office, they need to rethink physical security to futureproof their security strategy against the constantly evolving security landscape. Is physical security-as-a-service (PSaaS) the solution for a futureproof security strategy?

article thumbnail

Bitwarden password vaults targeted in Google ads phishing attack

Bleeping Computer

Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials. [.

Passwords 142
article thumbnail

Apple patches are out – old iPhones get an old zero-day fix at last!

Naked Security

Don't delay, especially if you're still running an iOS 12 device. please do it today!

140
140
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

10 cybersecurity predictions for tech leaders in 2023

Tech Republic Security

From ransomware to third-party vendor security to software-defined perimeters, these cybersecurity topics should be on IT leaders’ radar. The post 10 cybersecurity predictions for tech leaders in 2023 appeared first on TechRepublic.

article thumbnail

Orgs Must Prepare for SEC Cybersecurity Requirements Aimed at Boards

Security Boulevard

Enterprises might want to spend the next few months checking and bolstering their boards’ cybersecurity chops—because by the end of 2023, the Security and Exchange Commission (SEC) is expected to finalize its proposal requiring them to attest to their boards’ cybersecurity acumen—as well as disclose their cybersecurity oversight efforts and information on attacks.

article thumbnail

5 valuable skills your children can learn by playing video games

We Live Security

Gaming can help your children build and sharpen a range of life skills that will stand them in good stead in the future The post 5 valuable skills your children can learn by playing video games appeared first on WeLiveSecurity

139
139
article thumbnail

GoTo says hackers stole customers' backups and encryption key

Bleeping Computer

GoTo (formerly LogMeIn) is warning customers that threat actors who breached its development environment in November 2022 stole encrypted backups containing customer information and an encryption key for a portion of that data. [.

Backups 138
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!