Krebs on Security
NOVEMBER 10, 2020
It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. On the evening of Monday, Nov. 9, an ad campaign apparently taken out by the Ragnar Locker Team began appearing on Facebook.
Schneier on Security
NOVEMBER 10, 2020
Over at Lawfare: “ 2020 Is An Election Security Success Story (So Far).” What’s more, the voting itself was remarkably smooth. It was only a few months ago that professionals and analysts who monitor election administration were alarmed at how badly unprepared the country was for voting during a pandemic. Some of the primaries were disasters.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Troy Hunt
NOVEMBER 13, 2020
This week's update had a load of questions so even whilst the planned content didn't consume a lot of time, audience engagement was great and I appreciate all the input. The big excitement for me was that Ubiquiti doorbell and whilst that might seem like a small thing, I'm absolutely loving it and the ability to answer it from anywhere whilst also integrating it into Home Assistant and triggering events like Sonos text to speech is really cool.
Adam Levin
NOVEMBER 10, 2020
The personal information of technology and culture website Mashable.com users has been discovered in a leaked database online. Mashable announced the leak late November 8, in an announcement on its website. “[W]e learned that a hacker known for targeting websites and apps had posted a copy of a Mashable database to the internet.The types of data in the database included first and last names, general location (such as city or country), email addresses, gender, date of registration, IP addresses,
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Krebs on Security
NOVEMBER 8, 2020
The body of a man found shot inside a burned out vehicle in Canada three years ago has been identified as that of Davis Wolfgang Hawke , a prolific spammer and neo-Nazi who led a failed anti-government march on Washington, D.C. in 1999, according to news reports. Homicide detectives said they originally thought the man found June 14, 2017 in a torched SUV on a logging road in Squamish, British Columbia was a local rock climber known to others in the area as a politically progressive vegan named
Schneier on Security
NOVEMBER 12, 2020
Apple will start requiring standardized privacy labels for apps in its app store, starting in December: Apple allows data disclosure to be optional if all of the following conditions apply: if it’s not used for tracking, advertising or marketing; if it’s not shared with a data broker; if collection is infrequent, unrelated to the app’s primary function, and optional; and if the user chooses to provide the data in conjunction with clear disclosure, the user’s name or accou
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Tech Republic Security
NOVEMBER 13, 2020
Fake shipping notices and charity frauds are two scams cited by the security company GreatHorn, which offers tips to consumers on how to avoid them.
Krebs on Security
NOVEMBER 10, 2020
Adobe and Microsoft each issued a bevy of updates today to plug critical security holes in their software. Microsoft’s release includes fixes for 112 separate flaws, including one zero-day vulnerability that is already being exploited to attack Windows users. Microsoft also is taking flak for changing its security advisories and limiting the amount of information disclosed about each bug.
Schneier on Security
NOVEMBER 13, 2020
It seems that this election season has not gone without fraud. In New Zealand, a vote for “Bird of the Year” has been marred by fraudulent votes : More than 1,500 fraudulent votes were cast in the early hours of Monday in the country’s annual bird election, briefly pushing the Little-Spotted Kiwi to the top of the leaderboard, organizers and environmental organization Forest & Bird announced Tuesday.
The Last Watchdog
NOVEMBER 11, 2020
As a tradeoff for enjoying our digital lives, we’ve learned to live with password overload and even tolerate two-factor authentication. But now, at long last, we’re on the brink of eliminating passwords altogether, once and for all. Related: CEOs quit Tweeting to protect their companies A confluence of technical and social developments points to username-and-password logons becoming obsolete over the next few years.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Tech Republic Security
NOVEMBER 10, 2020
The pandemic and 5G speed create wider attack capabilities. Phishing emails and other threats will continue to exploit COVID-19 and its side effects, says Check Point Research.
Javvad Malik
NOVEMBER 11, 2020
The last quarter of the year is also known as predictions season. It’s the time where those who consider themselves to be wise and enlightened rub their chin thoughtfully and spout the wisdom of what the future holds. I should know, in my days as an industry analyst I was often called upon as a digital Nostradamus. But predictions are no easy feat, and there is a dilemma associated with it… which I call the Predictions Dilemma (contact me for all your branding and marketing needs).
Schneier on Security
NOVEMBER 13, 2020
Earlier this year, I announced that I had joined Inrupt , the company commercializing Tim Berners-Lee’s Solid specification : The idea behind Solid is both simple and extraordinarily powerful. Your data lives in a pod that is controlled by you. Data generated by your things — your computer, your phone, your IoT whatever — is written to your pod.
Security Affairs
NOVEMBER 10, 2020
Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike and compromise the target networks. Ransomware operators are using malicious fake Microsoft Teams updates to deliver backdoors that lead the installation of the Cobalt Strike post-exploitation tool and compromise the target network. The ongoing COVID-19 pandemic is forcing a growing number of organizations and businesses in using videoconferencing solutions, and threat actors are attempting to exploit this scenario.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Tech Republic Security
NOVEMBER 13, 2020
With the shift to remote work amid the coronavirus pandemic, online learning related to mindfulness, cybersecurity, and hybrid tech capabilities surged, Udemy found.
CompTIA on Cybersecurity
NOVEMBER 12, 2020
CompTIA Security+ got a big upgrade to reflect the changes in cybersecurity. If you're pursuing a career in cybersecurity, we have answers to some of the biggest questions about the new CompTIA Security+.
Schneier on Security
NOVEMBER 11, 2020
Proctoring an online exam is hard. It’s hard to be sure that the student isn’t cheating, maybe by having reference materials at hand, or maybe by substituting someone else to take the exam for them. There are a variety of companies that provide online proctoring services, but they’re uniformly mediocre : The remote proctoring industry offers a range of services, from basic video links that allow another human to observe students as they take exams to algorithmic tools that use
Security Affairs
NOVEMBER 9, 2020
Many popular OS and applications have been hacked during this year’s edition of the Tianfu Cup hacking competition. This year’s edition of the Tianfu Cup hacking competition was very prolific, bug bounty hackers have discovered multiple vulnerabilities in multiple software and applications. The Tianfu Cup is the most important hacking contest held in China, the total bonus of the contest this year was up to 1 million US dollars.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Tech Republic Security
NOVEMBER 9, 2020
Many are looking to donate their spare computing devices to people who need them but can't afford to get them on their own. There is a safe and data-secure way to make your donation.
WIRED Threat Level
NOVEMBER 13, 2020
Last fall, a hacker gave Glenn Greenwald a trove of damning messages between Brazil’s leaders. Some suspected the Russians. The truth was far less boring.
Threatpost
NOVEMBER 9, 2020
A cloud misconfiguration affecting users of a popular reservation platform threatens travelers with identity theft, scams, credit-card fraud and vacation-stealing.
Security Affairs
NOVEMBER 12, 2020
Cybersecurity researchers spotted a new modular PoS malware, dubbed ModPipe, that targets PoS restaurant management software from Oracle. ESET researchers discovered a new modular backdoor, dubbed ModPipe, that was designed to target PoS systems running ORACLE MICROS Restaurant Enterprise Series (RES) 3700 , which is a management suite widely used in restaurant and hospitality sectors.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Tech Republic Security
NOVEMBER 9, 2020
If you're wondering what to do with devices you don't use anymore, Tom Merritt offers five suggestions for how to deal with them.
Dark Reading
NOVEMBER 11, 2020
Employees are often your first line of security defense when the bad guys come calling -- providing your workers are properly trained. Security leaders share how they're raising awareness.
Adam Shostack
NOVEMBER 13, 2020
I’m very excited that, on Monday, I’ll be giving a Distinguished Lecture, “ We Need A Discipline of Cyber Public Health ” at Ruhr University Bochum. It ties together some deeper analysis of where we are with the discipline of security engineering, some of the challenges we face, and how we can solve them. The abstract is: For all the tragedy the coronavirus has brought and difficulties in fighting it, we have a discipline of public health.
Security Affairs
NOVEMBER 9, 2020
The e-commerce software platform X-Cart suffered a ransomware attack at the end of October, e-stores hosted by the company went down. At the end of October, the e-commerce software platform X-Cart suffered a ransomware attack, the infection brought down customers’ e-stores hosted by the company on its platform. The software and services company X-Cart was recently acquired by Seller Labs, the premier software and services provider for Amazon sellers and brands.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Tech Republic Security
NOVEMBER 13, 2020
Training people to fill cybersecurity jobs is important, but teaching everyone safe practices is also essential.
Dark Reading
NOVEMBER 11, 2020
Disinformation campaigns are now designed not only to influence how voters fill out their ballots, but also how confident they are in the entire process. How do legislators, media organizations, security professionals, and voters respond?
Javvad Malik
NOVEMBER 11, 2020
I worked for a couple of years with Chris Doman when I was at AlienVault. In his spare time Chris ran a popular threat intelligence portal called ThreatCrowd which AlienVault acquired when they hired him. Chris is not only one of the smartest people I’ve worked with, but also one of the nicest. I enjoyed collaborating with him over the years and learnt a lot from him. .
Security Affairs
NOVEMBER 12, 2020
CostaRicto APT is targeting South Asian financial institutions and global entertainment companies with undocumented malware. Blackberry researchers have documented the activity of a hackers-for-hire group, dubbed CostaRicto , that has been spotted using a previously undocumented piece of malware to target South Asian financial institutions and global entertainment companies. “During the past six months, the BlackBerry Research and Intelligence team have been monitoring a cyber-espionage
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Expert insights. Personalized for you.
357 
Let's personalize your content