CyberSecurity Insiders

MAY 5, 2021

This blog was written by an independent guest blogger. Without a doubt, digital transformation accelerated amid the pandemic and made it possible for employees to work remotely. However, it also intensified the threat landscape created by malicious attackers who jumped on the first opportunity to attack the more vulnerable home networks. As remote working becomes the new norm, it is paramount to have an agile infrastructure and team for security.

Digital transformation 103

Digital transformation Security Awareness Cybersecurity Cyber threats 103

We Live Security

MAY 6, 2021

Millions of Brits could be at risk of cyberattacks due to poor default passwords and a lack of firmware updates. The post Popular routers found vulnerable to hacker attacks appeared first on WeLiveSecurity.

Firmware 145

Firmware Passwords Risk 145

Schneier on Security

MAY 4, 2021

This is an impressive hack: Security researchers Ralf-Philipp Weinmann of Kunnamon, Inc. and Benedikt Schmotzle of Comsecuris GmbH have found remote zero-click security vulnerabilities in an open-source software component (ConnMan) used in Tesla automobiles that allowed them to compromise parked cars and control their infotainment systems over WiFi.

Hacking 356

Hacking Software 356

Krebs on Security

MAY 5, 2021

Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.

Accountability 345

Accountability Advertising Passwords Phishing 345

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Tech Republic Security

MAY 7, 2021

DevOps is speeding up software release cycles like never before. But according to GitLab's latest survey, finger-pointing over who should be in charge of security remains an issue.

Software 213

Software 213

SecurityTrails

MAY 3, 2021

Sitting down with Eric Head, one of the most successful bug bounty hunters, known online as todayisnew, to discuss his mindful practices and how to remain focused on your goals.

145

145

Krebs on Security

MAY 4, 2021

When normal computer users fall into the nasty habit of recycling passwords, the result is most often some type of financial loss. When cybercriminals develop the same habit, it can eventually cost them their freedom. Our passwords can say a lot about us, and much of what they have to say is unflattering.

Passwords 334

Passwords Cybercrime Accountability Password Management 334

Tech Republic Security

MAY 6, 2021

Scientists find that blaming employees is counterproductive and suggest creating a safe environment for people to admit their mistakes and learn from them. One company already puts that into practice.

Cybersecurity 209

Cybersecurity 209

Security Boulevard

MAY 7, 2021

A high-severity bug affects almost 40% of Android phones. The security hole is in Qualcomm modems. The post Very Many Qualcomm Phone Chips Hiding Very Nasty Vulnerability appeared first on Security Boulevard.

IoT 145

IoT Mobile Malware Cybersecurity 145

Schneier on Security

MAY 5, 2021

There’s new research that demonstrates security vulnerabilities in all of the AMD and Intel chips with micro-op caches, including the ones that were specifically engineered to be resistant to the Spectre/Meltdown attacks of three years ago. Details : The new line of attacks exploits the micro-op cache: an on-chip structure that speeds up computing by storing simple commands and allowing the processor to fetch them quickly and early in the speculative execution process, as the team explains

Engineering 323

Engineering 323

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Krebs on Security

MAY 7, 2021

John Bernard , a pseudonym used by a convicted thief and con artist named John Clifton Davies who’s fleeced dozens of technology startups out of an estimated $30 million, appears to have reinvented himself again after being exposed in a recent investigative series published here. Sources tell KrebsOnSecurity that Davies/Bernard is now posing as John Cavendish and head of a new “private office” called Hempton Business Management LLP.

Scams 290

Scams Cryptocurrency Advertising Marketing 290

Tech Republic Security

MAY 6, 2021

Patched on Qualcomm's end, the flaw could allow attackers to access your call history and text messages and eavesdrop on your phone conversations, says Check Point Research.

180

180

Hot for Security

MAY 7, 2021

Insurance giant AXA has said that it is no longer writing cyberinsurance policies in France that cover ransom payments to extortionists. AXA’s decision, which appears to be a first for the cyberinsurance industry, will still it still reimburse companies for the cost of responding and recovering from a ransomware attack – but will not cover the often significant sums of cryptocurrency demanded by criminal gangs after they have compromised a network, and encrypted or stolen data.

Insurance 145

Insurance Ransomware Retail Cryptocurrency 145

Schneier on Security

MAY 3, 2021

The person behind the Bitcoin Fog was identified and arrested. Bitcoin Fog was an anonymization service: for a fee, it mixed a bunch of people’s bitcoins up so that it was hard to figure out where any individual coins came from. It ran for ten years. Identifying the person behind Bitcoin Fog serves as an illustrative example of how hard it is to be anonymous online in the face of a competent police investigation: Most remarkable, however, is the IRS’s account of tracking down Sterlin

Cryptocurrency 309

Cryptocurrency Accountability 309

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Quick Heal Antivirus

MAY 7, 2021

Have you received an SMS with a link that says, “Register for vaccine using COVID-19 app”? Well, beware! The post Beware! Hackers target users with fake COVID-19 vaccine registration app appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

Malware 145

Malware Cybersecurity 145

Tech Republic Security

MAY 5, 2021

The first Thursday in May is World Password Day. Learn some tips for what your organization should do to foster good password management techniques.

Passwords 197

Passwords Password Management 197

SecureList

MAY 6, 2021

Windows rootkits, especially those operating in kernel space, are pieces of malware infamous for their near absolute power in the operating system. Usually deployed as drivers, such implants have high privileges in the system, allowing them to intercept and potentially tamper with core I/O operations conducted by the underlying OS, like reading or writing to files or processing incoming and outgoing network packets.

Malware 145

Malware Architecture Engineering Technology 145

Schneier on Security

MAY 6, 2021

Nice video of a talk by Chris Shore on the history of Colossus.

340

340

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Boulevard

MAY 4, 2021

Tens of billions of dollars each year are spent on cybersecurity, yet cybercriminals continue to succeed. There seems to be a never-ending stream of cybersecurity bad news. Companies constantly experience negative security events – Facebook, Verkada, and Elekta are recent examples. Cybersecurity failures become public relations, customer relations, and financial problems for companies.

Cybersecurity 145

Cybersecurity CISO 145

Tech Republic Security

MAY 3, 2021

Turns out, even the most sci-fi-inspired passwords still need the occasional capital letter and special character splashed in.

Passwords 194

Passwords 194

SC Magazine

MAY 3, 2021

(Justin Sullivan/Getty Images). Cisco’s Customer Experience organization reports that 44% of support cases are resolved in a day or less and 75% successfully reduce the risk of downtime. The Cisco Secure portfolio offers three distinct advantages: First, the breadth of its products and size of Cisco’s customer base means it has a large footprint in an industry where scale matters.

DNS 145

DNS Cyber threats Media Marketing 145

Malwarebytes

MAY 6, 2021

Most of our readers are well aware of the fact that the big tech corporations, especially those that run social media know a great deal about us and our behavior. But it rarely hits home how much personal data they have about us and how they can guess, quite correctly, even more. Lots more. Signal came up with an idea to drive that point home. A simple but very effective idea, nothing short of genius.

Advertising 145

Advertising Media Encryption Government 145

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Security Boulevard

MAY 4, 2021

The only constant is change. The ongoing effects of COVID-19 have taught us that change is inevitable to survive. One major area that has been affected during COVID-19 is how we interact with employees, and what we need those employees to know right now. Cybersecurity is one of those critical areas of this new world. The post The New Wave of Cybersecurity Awareness Training appeared first on Security Boulevard.

Cybersecurity 145

Cybersecurity Security Awareness Education 145

Tech Republic Security

MAY 3, 2021

Before you can use a camera app in Windows 10 you have to allow access to the camera itself. Only then can you allow access to the app. We walk you through it.

162

162

We Live Security

MAY 5, 2021

Another in our occasional series demystifying Latin American banking trojans. The post Ousaban: Private photo collection hidden in a CABinet appeared first on WeLiveSecurity.

Banking 145

Banking Malware 145

Hot for Security

MAY 4, 2021

Apple this week issued out-of-band updates for mobile customers to patch two zero-day vulnerabilities that let attackers execute remote code on their iDevices. The Cupertino-based tech giant says criminals “may” have already exploited the flaws. Available for most iDevices in circulation, iOS 14.5.1 (and the complementary iPadOS 14.5.1) fixes a critical memory corruption issue in the Safari WebKit engine where “processing maliciously crafted web content may lead to arbitrary code execution,” acc

VPN 144

VPN Adware Engineering Malware 144

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Security Boulevard

MAY 6, 2021

Having a framework for security helps organizations identify what is missing and what is needed for their existing security architecture. A recent article in Dark Reading covered some of the cyber security frameworks that are available. The post Choosing a Cyber Security Framework appeared first on K2io. The post Choosing a Cyber Security Framework appeared first on Security Boulevard.

Architecture 145

Architecture Cybersecurity 145

Tech Republic Security

MAY 6, 2021

Jack Wallen walks you through the steps of installing both Linux Malware Detection and ClamAV for a reliable one-two punch of malware and virus prevention.

Malware 157

Malware 157

Webroot

MAY 4, 2021

Typically, when cryptocurrency values change, one would expect to see changes in crypto-related cybercrime. In particular, trends in Bitcoin values tend to be the bellwether you can use to predict how other currencies’ values will shift, and there are usually corresponding shifts in crypto-based crime, such as ransomware, though it’s not necessarily the kind of change you might predict.

Cryptocurrency 143

Cryptocurrency Cybercrime Marketing Scams 143

Security Affairs

MAY 3, 2021

Which are the most common causes of a Data Breach and how to prevent It? How can organizations prevent it? Data breaches are highly damaging and equally embarrassing for businesses and consumers. If you look at Verizon’s 2020 Data Breach Investigations Report, you can find some of the most common causes of data breaches. However, you will also be surprised to learn that most breaches result from inadequate data security measures.

Data breaches 145

Data breaches Social Engineering Engineering Network Security 145

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity