Krebs on Security

DECEMBER 16, 2019

The U.S. Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers. As it happens, for several years KrebsOnSecurity closely monitored the day-to-day communications and activities of the accused and his accomplices.

Cybercrime 240

Cybercrime Banking Small Business Accountability 240

Adam Levin

DECEMBER 17, 2019

New Orleans has declared a state of emergency following a ransomware attack. The city government has effectively been offline since December 13 when employees were instructed to turn off all computers and disconnect them from WiFi networks following reports of suspicious network activity. . “The city asks residents and vendors for their patience and understanding as our Information Technology team works to restore all operations to normal,” said New Orleans mayor LaToya Cantrell.

Ransomware 168

Ransomware Government Technology Cybersecurity 168

Troy Hunt

DECEMBER 16, 2019

Back in July last year, Scott Helme and I shipped a little pet project that tracked the world's largest websites not implementing HTTPS by default. We called it Why No HTTPS? and it gave people a way to see the largest websites not taking transport layer security seriously. We also broke the list down on a country-by-country basis and it quickly became a means of highlighting security gaps and serving as a "list of shame".

Firewall 166

Firewall 166

Tech Republic Security

DECEMBER 18, 2019

Jack Wallen shares cybersecurity predictions that might make your IT skin crawl. Find out what he thinks could be the silver lining to this security nightmare.

Cybersecurity 152

Cybersecurity 152

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Krebs on Security

DECEMBER 16, 2019

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. To make matters worse, one ransomware gang has now created a public Web site identifying recent victim companies that have chosen to rebuild their operations instead of quietly acquiescing to their tormentors.

Ransomware 222

Ransomware Data breaches Healthcare Cybercrime 222

Adam Levin

DECEMBER 19, 2019

Internal data breaches are on the rise, with 70% of security professionals reporting that it’s happened to them in the last five years. According to a survey conducted by email security company Egress , accidental internal breaches are one of the top three concerns for IT security decision makers along with external hacks and malware. Among the other findings in the report, fewer than than 40% (39.6%) of organizations train best cybersecurity practices and data hygiene to employees, and 26% of r

Data breaches 157

Data breaches Encryption Risk Malware 157

Tech Republic Security

DECEMBER 20, 2019

Find out what Jack Wallen predicts for the cloud and cloud-adjacent technology in 2020 and why he encourages you to dream big.

Technology 152

Technology 152

Security Affairs

DECEMBER 17, 2019

TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. TP-Link addressed a critical zero-day vulnerability ( CVE-2017-7405 ) in its TP-Link Archer routers that could be exploited by attackers to remotely take their control over LAN via a Telnet connection without authentication. “This is a zero-day flaw that was not previously reported and can affect both home and business environments.” explained

Passwords 98

Passwords Advertising Firmware Authentication 98

Thales Cloud Protection & Licensing

DECEMBER 18, 2019

Last month, I presented at the FCW Continuous Diagnostics Mitigation (CDM) Summit. The vision of the CDM program, created in 2012, is that all federal networks should be continuously scanned to identify and respond to threats and breaches. Consistent with the federal government’s deployment of Information Security Continuous Monitoring (ISCM), the CDM program is a dynamic approach to fortifying the cybersecurity of government networks and systems.

Digital transformation 90

Digital transformation CISO Government Cybersecurity 90

Schneier on Security

DECEMBER 17, 2019

New details : At the CyberwarCon conference in Arlington, Virginia, on Thursday, Microsoft security researcher Ned Moran plans to present new findings from the company's threat intelligence group that show a shift in the activity of the Iranian hacker group APT33, also known by the names Holmium, Refined Kitten, or Elfin. Microsoft has watched the group carry out so-called password-spraying attacks over the past year that try just a few common passwords across user accounts at tens of thousands

Passwords 167

Passwords Manufacturing Accountability Hacking 167

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Tech Republic Security

DECEMBER 19, 2019

83 users have already been affected by 65 malicious files disguised as copies of Star Wars: The Rise of Skywalker according to Kaspersky.

144

144

Security Affairs

DECEMBER 15, 2019

The largest hospital in New Jersey announced on Friday that a ransomware attack last week disrupted its network and that it paid a ransom. The largest hospital in New Jersey, the Hackensack Meridian Health, was the victim of a ransomware attack last week that disrupted its network, the IT staff decided to pay the ransom to decrypt the files. Hackensack Meridian operates 17 acute care and specialty hospitals, and the psychiatric facility Carrier Clinic, nursing homes, and outpatient centers.

Ransomware 98

Ransomware Computers and Electronics Advertising Insurance 98

WIRED Threat Level

DECEMBER 16, 2019

Jared Johns found out too late that swapping messages with the pretty girl from a dating site would mean serious trouble. If only he had known who she really was.

Hacking 94

Hacking 94

Schneier on Security

DECEMBER 16, 2019

Interesting research : SRLabs founder Karsten Nohl, a researcher with a track record of exposing security flaws in telephony systems, argues that RCS is in many ways no better than SS7 , the decades-old phone system carriers still used for calling and texting, which has long been known to be vulnerable to interception and spoofing attacks. While using end-to-end encrypted internet-based tools like iMessage and WhatsApp obviates many of those of SS7 issues, Nohl says that flawed implementations o

Encryption 165

Encryption Internet Internet 165

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

DECEMBER 15, 2019

Jack Wallen runs through 10 of the most important cybersecurity threats, breaches, tools, and news of the year.

Cybersecurity 152

Cybersecurity 152

Security Affairs

DECEMBER 16, 2019

Facebook informed its employees that hard drives containing information about its workers’ payroll were stolen from a car last month. On Friday, Facebook announced that hard drives containing information about its workers’ payroll were stolen from a car last month. According to the company, a thief stole unencrypted hard drives containing banking data belonging to 29,000 Facebook employees.

Identity Theft 98

Identity Theft Banking Advertising Media 98

Thales Cloud Protection & Licensing

DECEMBER 16, 2019

Nearly half (48%) of all corporate data is stored in the cloud according to the 2019 Thales Global Cloud Security Study conducted by the Ponemon Institute. Organizations admitted that on average, only about half (49%) of the data stored in the cloud is secured with encryption and only one-third (32%) believe protecting data in the cloud is their responsibility.

Encryption 111

Encryption Architecture Engineering Government 111

Schneier on Security

DECEMBER 14, 2019

This is a current list of where and when I am scheduled to speak: I'm speaking at SecIT by Heise in Hannover, Germany on March 26, 2020. The list is maintained on this page.

146

146

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Tech Republic Security

DECEMBER 19, 2019

Certain security flaws in 2G, 3G, and 4G have not been resolved, and 5G is vulnerable as well, says a new report from Positive Technologies.

Technology 132

Technology 132

Security Affairs

DECEMBER 16, 2019

Another year is ending and this is the right time to discover which are the worst passwords of 2019 by analyzing data leaked in various data breaches. Independent anonymous researchers, compiled and shared with security firm NordPass a list of 200 most popular passwords that were leaked in data breaches during 2019. The company collected 500 million passwords in total and the results were disconcerting.

Passwords 100

Passwords Data breaches Advertising Password Management 100

Spinone

DECEMBER 17, 2019

Ransomware is a sly, silent, and vicious criminal. It quietly makes its way past your security defenses into the heart of your data and keeps it hostage until you pay a ransom. But how do you get ransomware in the first place? This is what you, a potential ransomware victim, need to know to protect your data and your business in 2020. As cybersecurity experts, we want users to understand how ransomware infects a system and help you to protect your data from it.

Ransomware 83

Ransomware Passwords Encryption Phishing 83

Daniel Miessler

DECEMBER 16, 2019

[advanced_iframe src=”[link] width=”100%”] No related posts.

Information Security 100

Information Security 100

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Tech Republic Security

DECEMBER 19, 2019

Other poor choices include "password," "princess," "qwerty," "iloveyou" and "welcome," according to the 2019 list from SplashData.

Passwords 137

Passwords 137

Security Affairs

DECEMBER 19, 2019

Security researcher Bob Diachenko discovered more than 267 million Facebook user IDs, phone numbers and names in an unsecured database. Security expert Bob Diachenko, along with Comparitech, has discovered more than 267 million Facebook user IDs, phone numbers and names in an unsecured database. The huge trove of data is likely the result of an illegal scraping operation or Facebook API abuse by a group of hackers in Vietnam.

Advertising 98

Advertising Phishing Authentication Passwords 98

WIRED Threat Level

DECEMBER 18, 2019

Gerry Cotten took at least $137 million to the grave when he died without giving anyone the password to his encrypted laptop.

Encryption 97

Encryption Passwords Cryptocurrency 97

Dark Reading

DECEMBER 17, 2019

Protecting the places where application services meet is critical for protecting enterprise IT. Here's what security pros need to know about "the invisible glue" that keeps apps talking to each other.

67

67

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Tech Republic Security

DECEMBER 16, 2019

Experts say don't leave your devices open to cyberattacks from hackers anxious to steal your information.

152

152

Security Affairs

DECEMBER 17, 2019

Researchers spotted a new Remote Access Trojan (RAT), dubbed Dacls, that was used by the Lazarus APT group to target both Windows and Linux devices. Experts at Qihoo 360 Netlab revealed that the North-Korea Lazarus APT group used a new Remote Access Trojan (RAT), dubbed Dacls, to target both Windows and Linux devices. The activity of the Lazarus APT group (aka HIDDEN COBRA ) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware 102

Malware Advertising Encryption Hacking 102

WIRED Threat Level

DECEMBER 18, 2019

Thirty years ago, Cliff Stoll published The Cuckoo's Egg, a book about his cat-and-mouse game with a KGB-sponsored hacker. Today, the internet is a far darker place—and Stoll has become a cybersecurity icon.

Internet 82

Internet Internet Cybersecurity 82

eSecurity Planet

DECEMBER 20, 2019

2020 promises to be another strong year in the cybersecurity jobs market. Here are the security skills that will be most in demand.

Marketing 77

Marketing Cybersecurity 77

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity