Schneier on Security

AUGUST 8, 2022

Quantum computing is a completely new paradigm for computers. A quantum computer uses quantum properties such as superposition, which allows a qubit (a quantum bit) to be neither 0 nor 1, but something much more complicated. In theory, such a computer can solve problems too complex for conventional computers. Current quantum computers are still toy prototypes, and the engineering advances required to build a functionally useful quantum computer are somewhere between a few years away and impossib

Encryption 351

Encryption Architecture Engineering Information Security 351

Krebs on Security

AUGUST 9, 2022

Microsoft today released updates to fix a record 141 security vulnerabilities in its Windows operating systems and related software. Once again, Microsoft is patching a zero-day vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows. Redmond also addressed multiple flaws in Exchange Server — including one that was disclosed publicly prior to today — and it is urging organizations that use Exchange for email to update as soon as possible and to en

Authentication 269

Authentication Internet Internet Cyber threats 269

Daniel Miessler

AUGUST 7, 2022

A number of security people have come out against Amazon buying One Medical. It’s to be expected, as most security people are rightly worried about big corporations getting a hold of more personal data. And the timing couldn’t have been worse, with the story about Amazon sharing Ring footage with police only a few weeks old. "Why is @Amazon acquiring @OneMedical bad news?

Small Business 250

Small Business Internet Internet Government 250

Lohrman on Security

AUGUST 7, 2022

What does it mean to be prepared for technology and business disruptions in the 2020s? How can your organization recover fast?

Government 256

Government Technology 256

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Schneier on Security

AUGUST 11, 2022

This is the first —of many, I assume—hack of Starlink. Leveraging a string of vulnerabilities, attackers can access the Starlink system and run custom code on the devices.

Hacking 256

Hacking 256

Tech Republic Security

AUGUST 8, 2022

A joint advisory from the U.S. and Australia offers tips on combating the top malware strains of 2021, including Agent Tesla, LokiBot, Qakbot, TrickBot and GootLoader. The post How to protect your organization from the top malware strains appeared first on TechRepublic.

Malware 218

Malware Ransomware Cybersecurity 218

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR, the EU’s flagship data privacy and “right to be forgotten” regulation, has made the stakes of a data breach higher than ever.

Data privacy 145

Data privacy Encryption Data breaches Insurance 145

Schneier on Security

AUGUST 12, 2022

Twitter accidentally exposed the personal information—including phone numbers and email addresses—for 5.4 million accounts. And someone was trying to sell this information. In January 2022, we received a report through our bug bounty program of a vulnerability in Twitter’s systems. As a result of the vulnerability, if someone submitted an email address or phone number to Twitter’s systems, Twitter’s systems would tell the person what Twitter account the submitted em

Accountability 249

Accountability Government Risk 249

Tech Republic Security

AUGUST 8, 2022

Security flaws dating back more than 10 years are still around and still pose a risk of being freely exploited, says Rezilion. The post How older security vulnerabilities continue to pose a threat appeared first on TechRepublic.

Risk 215

Risk 215

Security Boulevard

AUGUST 8, 2022

The IoT market is projected to hit the $1.5 Trillion mark by 2025. Doesn’t that number look staggering? Putting in perspective, it’s a 600% growth from 2019, when the IoT market was pegged at $250 Billion. It is expected that 25 billion devices will be a part of the IoT network by 2025 with smartphones […]. The post Complete guide to IoT Security appeared first on Security Boulevard.

IoT 145

IoT Marketing Manufacturing 145

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Security Affairs

AUGUST 7, 2022

A massive cyberattack hit the website of the German Chambers of Industry and Commerce (DIHK) this week. A massive attack hit the website of the German Chambers of Industry and Commerce (DIHK) forcing the organization to shut down its IT systems as a precautionary measure for security reasons. Aktuell wird intensiv an Lösung und Abwehr gearbeitet. Wir informieren Sie hier, welche Anwendungen wieder funktionsfähig sind: [link] #IHK #DIHK pic.twitter.com/5OHMOLH7Mz — DIHK (@DIHK_News) August

Cyber Attacks 144

Cyber Attacks Hacking Ransomware Information Security 144

Digital Shadows

AUGUST 10, 2022

While the Russian invasion of Ukraine has typically been met with a response of horror and condemnation across the globe, The post Meet DUMPS Forum: A pro-Ukraine, anti-Russia cybercriminal forum first appeared on Digital Shadows.

Data breaches 140

Data breaches DDOS Government Cybercrime 140

Tech Republic Security

AUGUST 9, 2022

Learn how to reset your Windows 10 password whether you use a Microsoft Account or a local account. The post How to reset your Windows 10 password when you forget it appeared first on TechRepublic.

Passwords 202

Passwords Accountability Software 202

Heimadal Security

AUGUST 9, 2022

Following a nationwide cyberattack that affected stores’ payment and checkout systems, 7-Eleven locations in Denmark closed their doors yesterday. 7-Eleven, Inc., styled as 7 ELEVEn, is an American multinational chain of retail convenience stores selling convenience foods, beverages, and gasoline, headquartered in Dallas, Texas. The American company has 78,029 stores in 19 countries and territories, […].

Retail 140

Retail Cybersecurity 140

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Affairs

AUGUST 9, 2022

Cybersecurity researchers from Kaspersky linked the Maui ransomware to the North Korea-backed Andariel APT group. Kaspersky linked with medium confidence the Maui ransomware operation to the North Korea-backed APT group Andariel , which is considered a division of the Lazarus APT Group, . North Korean nation-state actors used Maui ransomware to encrypt servers providing healthcare services, including electronic health records services, diagnostics services, imaging services, and intranet servic

Ransomware 144

Ransomware Computers and Electronics Healthcare Malware 144

CSO Magazine

AUGUST 11, 2022

In January 2018, the entire computer industry was put on alert by two new processor vulnerabilities dubbed Meltdown and Spectre that defeated the fundamental OS security boundaries separating kernel and user space memory. The flaws stemmed from a performance feature of modern CPUs known as speculative execution and mitigating them required one of the biggest patch coordination efforts in history, involving CPU makers, device manufacturers and operating system vendors.

Firmware 138

Firmware Manufacturing 138

Tech Republic Security

AUGUST 9, 2022

Scammers pretend to be highly skilled computer professionals and establish trust with their victim in order to obtain money or installation of fraudulent software. The post Technical support scam still alive and kicking appeared first on TechRepublic.

Scams 182

Scams Software Cybersecurity 182

Security Boulevard

AUGUST 11, 2022

An Open Cybersecurity Schema Framework (OCSF) launched this week at the Black Hat USA 2022 conference promises to finally address longstanding data sharing issues that conspire to limit the effectiveness of cybersecurity teams and increase overall costs. Led by Amazon Web Services (AWS), Splunk and IBM, the OCSF is the latest industry effort that attempts.

Cybersecurity 138

Cybersecurity Security Awareness Network Security 138

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Bleeping Computer

AUGUST 6, 2022

A new ransomware family called 'GwisinLocker' targets South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors, including support for encrypting VMware ESXi servers and virtual machines. [.].

Encryption 137

Encryption Ransomware Healthcare 137

CSO Magazine

AUGUST 8, 2022

While ransomware and business email compromise (BEC) are leading causes of security incidents for businesses, geopolitics and deepfakes are playing an increasing role, according to reports from two leading cybersecurity companies. VMware’s 2022 Global Incident Threat Response Report shows a steady rise in extortionary ransomware attacks and BEC, alongside fresh jumps in deepfakes and zero-day exploits.

Ransomware 137

Ransomware Cybersecurity 137

Tech Republic Security

AUGUST 8, 2022

Email is the top delivery method used by cybercriminals deploying geopolitically-motivated attacks to try and move laterally inside networks, a new VMware report finds. The post Deepfake attacks and cyber extortion are creating mounting risks appeared first on TechRepublic.

Risk 179

Risk Cybersecurity 179

Threatpost

AUGUST 11, 2022

Belgian researcher Lennert Wouters revealed at Black Hat how he mounted a successful fault injection attack on a user terminal for SpaceX’s satellite-based internet system.

Hacking 137

Hacking Internet Internet IoT 137

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

The State of Security

AUGUST 7, 2022

Life among America’s nearly 32 million small businesses has never been easy. According to the Small Business Administration, about 20% of small business startups fail in their first year and half succumb to failure within five years. Bigger businesses have always had more capital, better access to loans, and more staying power. Lately, survival has […]… Read More.

Small Business 136

Small Business Cybersecurity 136

Security Affairs

AUGUST 10, 2022

Cisco discloses a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. Cisco disclosed a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. The investigation conducted by Cisco Security Incident Response (CSIRT) and Cisco Talos revealed that threat actors compromised a Cisco employee’s credentials after they gained control of a personal Google account where credential

Ransomware 136

Ransomware Hacking VPN Phishing 136

Tech Republic Security

AUGUST 8, 2022

As technologies, hardware and infrastructure mature, metaverse-like apps will converge and with that comes the potential for cyberthreats, a new report from Trend Micro finds. The post The metaverse faces more than 8 potential cyberthreats appeared first on TechRepublic.

Technology 174

Technology Cybersecurity 174

Security Boulevard

AUGUST 9, 2022

Messaging apps like Discord and Telegram have become a conduit for malware, as their popularity grows among users who want to create and share programs on the platforms. These bots may facilitate automating tasks like gaming, media sharing and the moderation of channels, but they also provide cybercriminals with a platform from which to spread. The post Malware Families Love Telegram, Discord as Much as Users appeared first on Security Boulevard.

Malware 134

Malware Media Security Awareness Mobile 134

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

eSecurity Planet

AUGUST 10, 2022

From mass production of cheap malware to ransomware as a service (RaaS) , cyber criminals have industrialized cybercrime, and a new HP Wolf Security report warns that cybercriminals are adapting advanced persistent threat (APT) tactics too. That means hackers will increasingly mimic nation-state threat groups by establishing a long-term presence inside networks to mine highly sensitive data.

Ransomware 132

Ransomware Digital transformation Malware Internet 132

Security Affairs

AUGUST 7, 2022

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 millio

Spyware 142

Spyware Manufacturing Small Business Surveillance 142

Tech Republic Security

AUGUST 11, 2022

Google’s security guidelines also drew the majority of this year’s requests in apps, according to Kaspersky’s Privacy Checker website. The post 85% of Android users are concerned about privacy appeared first on TechRepublic.

Mobile 174

Mobile Cybersecurity 174

The Hacker News

AUGUST 9, 2022

As many as 121 new security flaws were patched by Microsoft as part of its Patch Tuesday updates for the month of August, which also includes a fix for a Support Diagnostic Tool vulnerability that the company said is being actively exploited in the wild. Of the 121 bugs, 17 are rated Critical, 102 are rated Important, one is rated Moderate, and one is rated Low in severity.

132

132

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity