Schneier on Security

FEBRUARY 9, 2022

Researchers have calculated the quantum computer size necessary to break 256-bit elliptic curve public-key cryptography: Finally, we calculate the number of physical qubits required to break the 256-bit elliptic curve encryption of keys in the Bitcoin network within the small available time frame in which it would actually pose a threat to do so. It would require 317 × 10 6 physical qubits to break the encryption within one hour using the surface code, a code cycle time of 1 μ s, a reaction

Encryption 358

Encryption 358

Troy Hunt

FEBRUARY 5, 2022

I feel like perfect audio remains an unsolved problem for me. Somehow, a low "hiss" has slipped in over the last couple of weeks and messing around trying to solve it before recording this video only served to leave me without any audio at all on the first attempt, and the status quo remaining on the second attempt. And I still can't use my Apollo Twin DAC as an input device almost a year on from when I bought it.

296

296

Tech Republic Security

FEBRUARY 11, 2022

The federal agency says hundreds of victims have lost money due to scams over a two-year span. The post FBI: Criminals escalating SIM swap attacks to steal millions of dollars appeared first on TechRepublic.

Scams 210

Scams 210

eSecurity Planet

FEBRUARY 11, 2022

Machine learning (ML) and artificial intelligence (AI) have emerged as critical tools for dealing with the ever-growing volume and complexity of cybersecurity threats. Machines can recognize patterns to detect malware and unusual activity better than humans and classic software. The technology also predicts potential attacks and automatically responds to threats by identifying specific trends and cycles.

Cybersecurity 145

Cybersecurity Phishing Risk Artificial Intelligence 145

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Schneier on Security

FEBRUARY 11, 2022

A detailed report of the 2021 ransomware attack against Ireland’s Health Services Executive lists some really bad security practices : The report notes that: The HSE did not have a Chief Information Security Officer (CISO) or a “single responsible owner for cybersecurity at either senior executive or management level to provide leadership and direction.

Antivirus 309

Antivirus Hacking Ransomware CISO 309

We Live Security

FEBRUARY 10, 2022

A trip into the dark corners of Telegram, which has become a magnet for criminals peddling everything from illegal drugs to fake money and COVID-19 vaccine passes. The post Hidden in plain sight: How the dark web is spilling onto social media appeared first on WeLiveSecurity.

Media 145

Media Cybercrime 145

eSecurity Planet

FEBRUARY 11, 2022

Risk management is a concept that has been around as long as companies have had assets to protect. The simplest example may be insurance. Life, health, auto, and other insurance are all designed to help a person protect against losses. Risk management also extends to physical devices, such as doors and locks to protect homes and vehicles, vaults to protect money and precious jewels, and police, fire, and CCTV to protect against other physical risks.

Risk 145

Risk Cybersecurity Encryption Technology 145

Bleeping Computer

FEBRUARY 5, 2022

The Federal Bureau of Investigation (FBI) has released technical details and indicators of compromise associated with Lockbit ransomware attacks in a new flash alert published this Friday. [.].

Ransomware 145

Ransomware 145

Google Security

FEBRUARY 10, 2022

Posted by Sarah Jacobus, Vulnerability Rewards Team Last year was another record setter for our Vulnerability Reward Programs (VRPs). Throughout 2021, we partnered with the security researcher community to identify and fix thousands of vulnerabilities – helping keep our users and the internet safe. Thanks to these incredible researchers, Vulnerability Reward Programs across Google continued to grow, and we are excited to report that in 2021 we awarded a record breaking $8,700,000 in vulnerabilit

Internet 142

Internet Internet Manufacturing Hacking 142

Tech Republic Security

FEBRUARY 11, 2022

iPhones, iPads and the iPod Touch are all at risk, and it doesn’t matter what web browser you use: All of them could let an attacker execute arbitrary code on an infected device. The post iOS users: Patch now to avoid falling prey to this WebKit vulnerability appeared first on TechRepublic.

Risk 186

Risk Mobile 186

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

CyberSecurity Insiders

FEBRUARY 10, 2022

Security Event and Information Management platforms (SIEMs) collect data from security logs and in doing so are supposed to identify blind spots, reduce noise and alert fatigue, and simplify detection and response to complex cyberattacks. However, SIEMs have not lived up to these promises. Now, the new idea is XDR – what are its advantages, and should it coexist with or replace a SIEM ?

Cybersecurity 143

Cybersecurity Firewall Data breaches Risk 143

Malwarebytes

FEBRUARY 10, 2022

If you’re unfortunate enough to be caught out by ransomware, the consequences can be devastating. You may be able to get rid of the infection, but the all-important files affected by such an attack will still be under lock and key. Without backups, which is more common than you may think, the files may be gone forever. A tiny slice of good fortune. Occasionally, we all catch the proverbial break.

Ransomware 143

Ransomware Malware Backups Cryptocurrency 143

eSecurity Planet

FEBRUARY 9, 2022

The next few years will see a surge in channel spending. According to Jay McBain, an analyst at Forrester Research, spending on IT and telecommunications will be worth about $7 trillion by 2030. The channel is destined to land at least a third of that. Competition is fierce. With about half a million VARs currently operating and roughly 75,000 MSPs, what opportunities exist for expansion?

Backups 140

Backups Firewall DDOS Antivirus 140

Tech Republic Security

FEBRUARY 5, 2022

Cybersecurity incident response is not only about handling an incident – it’s also about preparing for any possible incident and learning from it. Here are six steps for a successful and efficient cybersecurity incident response. The post Cybersecurity incident response: The 6 steps to success appeared first on TechRepublic.

Cybersecurity 180

Cybersecurity 180

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

CyberSecurity Insiders

FEBRUARY 9, 2022

By: Amit Kandpal, Director of Customer Experience, Netskope. The number one question I get from professionals in this field, and from executives or other stakeholders that are trying to build customer success programs for the first time, is how do I get to value creation/realization fastest. As a Customer Success leader, the below would be my key recommendations to any organization venturing into a security transformation exercise.

Risk 140

Risk Marketing Accountability Technology 140

Malwarebytes

FEBRUARY 11, 2022

Apple has released a security fix for a zero-day vulnerability ( CVE-2022-22620 ) that it says “may have been actively exploited.” According to the security update information provided by Apple the vulnerability exists in WebKit—the HTML rendering engine component of its Safari browser—and can be used by an attacker to create web content that may lead to arbitrary code execution.

Engineering 138

Engineering 138

Bleeping Computer

FEBRUARY 9, 2022

Researchers found three critical remote code execution (RCE) vulnerabilities in the PHP Everywhere plugin for WordPress, used by over 30,000 websites worldwide. [.].

138

138

Tech Republic Security

FEBRUARY 8, 2022

Proofpoint researchers have found that “phish kits” available for purchase online are beginning to adapt to MFA by adding transparent reverse proxies to their list of tools. The post Hackers have begun adapting to wider use of multi-factor authentication appeared first on TechRepublic.

Authentication 158

Authentication Phishing 158

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

CyberSecurity Insiders

FEBRUARY 9, 2022

A malicious cyber attack has reportedly hit Vodafone Portugal servers, bringing the 4G and 5G network across the country to a complete halt since February 7th,2022. And news is out that the company couldn’t restore its servers even after 24 hours, deeply affecting wired landline services, SMS, mobile internet, digital TV and call services on a wholesome note.

Cyber Attacks 138

Cyber Attacks Mobile Internet Internet 138

Security Boulevard

FEBRUARY 11, 2022

FireEye Failed, Mandiant is for Sale and it’s Time for Microsoft to Get Serious with Enterprise Security An autopsy of FireEye’s missteps and why Microsoft should Acquire Mandiant and create a Security Division It’s widely rumored that Microsoft (MSFT) is in talks to acquire Mandiant (MNDT), the company once known as FireEye (FEYE). As an. The post Mandiant is for Sale and Microsoft Should Get Serious with Enterprise Security appeared first on Security Boulevard.

Cybersecurity 132

Cybersecurity 132

Graham Cluley

FEBRUARY 7, 2022

Graham Cluley Security News is sponsored this week by the folks at Teleport. Thanks to the great team there for their support! You’re woken up at 3 am, only to discover your worst nightmare. The new intern just deleted the production database during routine maintenance by accident. You quickly restore from a backup. During the … Continue reading "Who dropped the DB?

Backups 132

Backups 132

Tech Republic Security

FEBRUARY 7, 2022

IBM developer advocate and the founder of Snyk talk about changing the way developers think about cybersecurity. The post IBM and Snyk: Developers must lead the charge on cybersecurity appeared first on TechRepublic.

Cybersecurity 155

Cybersecurity 155

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

CyberSecurity Insiders

FEBRUARY 8, 2022

Microsoft has made it official that it has disabled macros across its office products to block malware cyber attacks. The tech giant announced officially that from now on the macros feature in the Visual Basic for Applications (VBA) running across Word, PowerPoint, Excel, Access and Visio will be in disabled form and will have to be activated on a manual note by the admin or the device owner.

Cyber Attacks 137

Cyber Attacks Malware Identity Theft Cyber Risk 137

eSecurity Planet

FEBRUARY 7, 2022

The UK government recently started an open-source GitHub repository to help organizations scan networks for vulnerabilities. The idea behind the Scanning Made Easy project from the National Cyber Security Centre (NCSC) and its i100 industry partnership is to provide a collection of Nmap scripts to users, such as sysadmins, for detecting system vulnerabilities.

Penetration Testing 130

Penetration Testing Firewall Engineering Government 130

CSO Magazine

FEBRUARY 8, 2022

Enterprises are frequently deploying new security tools and services to address needs and threats. A key consideration is how to integrate these various offerings—in many cases provided by different vendors—into the existing infrastructure to support a cohesive security strategy. The move to the cloud has made security integration somewhat easier, but the process can still be a major hurdle for organizations as they try to build strong protection against the latest threats.

130

130

Tech Republic Security

FEBRUARY 9, 2022

To keep your Facebook Messenger conversations private and secured, you should start using the new end-to-end encryption feature. Jack Wallen shows you how. The post How to enable end-to-end encryption in Facebook Messenger appeared first on TechRepublic.

Encryption 151

Encryption Software 151

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

CyberSecurity Insiders

FEBRUARY 9, 2022

By Jenna Bunnell – Senior Manager, Content Marketing, Dialpad. With 53% of businesses saying it’s likely their enterprise will experience a cyberattack in the next 12 months, cybersecurity has never been more important. Software development companies can’t afford to release vulnerable products – but they also have to balance the time it takes to run security checks against the pressure to release software rapidly in a competitive market.

Cybersecurity 132

Cybersecurity Software Marketing Engineering 132

eSecurity Planet

FEBRUARY 11, 2022

Malwarebytes and Bitdefender are two of the most recognized names in the cybersecurity market for the latest antivirus software, endpoint detection and response (EDR), and endpoint protection platforms ( EPP ). Both vendors share a number of the same solution capabilities for potential clients, meaning there’s plenty to compare in terms of malware detection and analysis, supported endpoints, and incident response.

Antivirus 128

Antivirus Mobile Malware Threat Detection 128

Security Through Education

FEBRUARY 9, 2022

At Social-Engineer, LLC (SECOM), we define social engineering as “any act that influences a person to take an action that may or may not be in their best interest.” If you Google “social engineering,” you will get a very different and more negative definition. However, I prefer our definition, with more broad and general terms, because I feel that social engineering is not always negative.

Social Engineering 128

Social Engineering Engineering Scams Education 128

Tech Republic Security

FEBRUARY 7, 2022

Bringing big data governance and security up to the level of practice applied to structured data is critical. Here are five ways to get there. The post 5 ways to improve the governance of unstructured data appeared first on TechRepublic.

Unstructured Data 146

Unstructured Data Government Big data 146

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity