Security Boulevard
SEPTEMBER 12, 2023
A survey identified cybersecurity as the biggest challenge small organizations face today, with 49% more concerned than they were six months ago. The post Cybersecurity the Biggest Challenge for Smaller Organizations appeared first on Security Boulevard.
Schneier on Security
SEPTEMBER 11, 2023
The robot revolution began long ago, and so did the killing. One day in 1979, a robot at a Ford Motor Company casting plant malfunctioned—human workers determined that it was not going fast enough. And so twenty-five-year-old Robert Williams was asked to climb into a storage rack to help move things along. The one-ton robot continued to work silently, smashing into Williams’s head and instantly killing him.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Krebs on Security
SEPTEMBER 13, 2023
In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “ USDoD ” had infiltrated the FBI ‘s vetted information sharing network InfraGard , and was selling the contact information for all 80,000 members. The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold.
The Last Watchdog
SEPTEMBER 14, 2023
In today’s digital age, trust has become a cornerstone of building a better Internet. Preserving privacy for a greater good The Internet was designed as a platform for peer research, not for the vast scale and diverse uses we see today. Over the decades, it’s grown in a way that has left it with many inherent vulnerabilities. These vulnerabilities, not borne out of malice, were the result of choices made with limited information available at the time.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Joseph Steinberg
SEPTEMBER 12, 2023
CyberSecurity and Artificial Intelligence Expert , Joseph Steinberg, will speak as part of a panel discussion on the intersection of CyberSecurity and Artificial Intelligence (AI), to take place on Tuesday, September 12, 2023 at 2 PM US Eastern time. Steinberg’s session, entitled Building Trust in AI: Addressing Security Fears in AI Adoption , will feature a discussion with three other notable figures from the world of AI: Yihua Liao, Ph.D.
Schneier on Security
SEPTEMBER 14, 2023
Google removed fake Signal and Telegram apps from its Play store. An app with the name Signal Plus Messenger was available on Play for nine months and had been downloaded from Play roughly 100 times before Google took it down last April after being tipped off by security firm ESET. It was also available in the Samsung app store and on signalplus[.]org, a dedicated website mimicking the official Signal.org.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Troy Hunt
SEPTEMBER 10, 2023
I'm in Spain! Alicante, to be specific, where we've spent the last few days doing family wedding things, and I reckon we scrubbed up pretty well: Getting fancy in Spain 😍 pic.twitter.com/iDFmBORnHa — Troy Hunt (@troyhunt) September 9, 2023 Next stop is Amsterdam and by the end of today, we'll be sipping cold beer canal side in the 31C heat 😎 Meanwhile, this week's video focuses mostly on the Dymocks breach and the noteworthiness of what appears to be ex
The Last Watchdog
SEPTEMBER 13, 2023
From Kickstarter to Wikipedia, crowdsourcing has become a part of everyday life. Sharing intel for a greater good Now one distinctive type of crowdsourcing — ethical hacking – is positioned to become a much more impactful component of securing modern networks. I had a terrific discussion about this at Black Hat USA 2023 with Casey Ellis, founder and CTO of Bugcrowd , a pioneer in the crowdsourced security market.
Schneier on Security
SEPTEMBER 13, 2023
Make sure you update your iPhones : Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group’s Pegasus commercial spyware onto fully patched iPhones. The two bugs, tracked as CVE-2023-41064 and CVE-2023-41061 , allowed the attackers to infect a fully-patched iPhone running iOS 16.6 and belonging to a Washington DC-based civil society organization via PassKit attachment
Lohrman on Security
SEPTEMBER 10, 2023
In this interview with Dick Wilkinson, CTO at Proof Labs, we explore the cyber threats in space and on the Internet of Things, and how they impact each of us.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Tech Republic Security
SEPTEMBER 12, 2023
Check Point's Global CISO discusses the firm's 2023 threat intelligence, including new AI malice and threat actors spreading malware by dropping flash drives.
The Last Watchdog
SEPTEMBER 11, 2023
In an era of global economic uncertainty, fraud levels tend to surge, bringing to light the critical issue of intellectual property (IP) theft. Related: Neutralizing insider threats This pervasive problem extends beyond traditional notions of fraud, encompassing both insider threats and external risks arising from partnerships, competitors, and poor IP management.
Schneier on Security
SEPTEMBER 12, 2023
A new Mozilla Foundation report concludes that cars, all of them, have terrible data privacy. All 25 car brands we researched earned our *Privacy Not Included warning label—making cars the official worst category of products for privacy that we have ever reviewed. There’s a lot of details in the report. They’re all bad. BoingBoing post.
The Hacker News
SEPTEMBER 11, 2023
Google on Monday rolled out out-of-band security patches to address a critical security flaw in its Chrome web browser that it said has been exploited in the wild. Tracked as CVE-2023-4863, the issue has been described as a case of heap buffer overflow that resides in the WebP image format that could result in arbitrary code execution or a crash.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Tech Republic Security
SEPTEMBER 14, 2023
Get technical details about how this new attack campaign is delivered via Microsoft Teams and how to protect your company from this loader malware.
Dark Reading
SEPTEMBER 15, 2023
ALPHV/BlackCat ransomware operators have used their leak site to "set the record straight" about the MGM Resorts cyberattack. Meanwhile, more attacks abusing Okta could be likely.
Schneier on Security
SEPTEMBER 15, 2023
Interesting article on technologies that will automatically identify people: With technology like that on Mr. Leyvand’s head, Facebook could prevent users from ever forgetting a colleague’s name, give a reminder at a cocktail party that an acquaintance had kids to ask about or help find someone at a crowded conference. However, six years later, the company now known as Meta has not released a version of that product and Mr.
The Hacker News
SEPTEMBER 9, 2023
Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that’s designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and exfiltrate names, user IDs, contacts, phone numbers, and chat messages to an actor-controlled server.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Tech Republic Security
SEPTEMBER 12, 2023
Written by: Kirstie McDermott Silicon Valley is just one of a number of key US startup ecosystems fueling startups, all of which drive investment and job creation: check where new opportunities are in the US right now.
Trend Micro
SEPTEMBER 12, 2023
In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method.
Schneier on Security
SEPTEMBER 14, 2023
This is a current list of where and when I am scheduled to speak: I’m speaking at swampUP 2023 in San Jose, California, on September 13, 2023 at 11:35 AM PT. The list is maintained on this page.
The Hacker News
SEPTEMBER 11, 2023
A new phishing attack is leveraging Facebook Messenger to propagate messages with malicious attachments from a "swarm of fake and hijacked personal accounts" with the ultimate goal of taking over the targets' Business accounts.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Tech Republic Security
SEPTEMBER 14, 2023
Updates are now available to patch a Chrome vulnerability that would allow attackers to run malicious code.
Security Affairs
SEPTEMBER 11, 2023
Zscaler ThreatLabz detailed a new malware loader, named HijackLoader, which has grown in popularity over the past few months HijackLoader is a loader that is gaining popularity among the cybercriminal community. The malware is not sophisticated, however, unlike other loaders, it has a modular structure that allows supporting code injection and execution.
Malwarebytes
SEPTEMBER 13, 2023
The consequences of last year's LastPass breach continue to be felt, with the latest insult to users coming in the form of a highly convincing phishing email. Although the " unauthorized party" that compromised LastPass users' data was able to steal password vaults, it's likely that they are having a hard time cracking them open. LastPass's own assessment was that "it would be extremely difficult to attempt to brute force guess master passwords for those customers who follow our password best pr
Graham Cluley
SEPTEMBER 12, 2023
Hotel and casino giant MGM Resorts has revealed that it is investigating a "cybersecurity incident" that has resulted in its website being taken offline, an outage of online booking systems, and even problems with slot machines. Read more in my article on the Hot for Security blog.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Tech Republic Security
SEPTEMBER 14, 2023
Red Box provides the open architecture for data capture. Uniphore then feeds that data into U-Capture, its conversational AI automation tool.
The Hacker News
SEPTEMBER 13, 2023
A new ransomware family called 3AM has emerged in the wild after it was detected in a single incident in which an unidentified affiliate deployed the strain following an unsuccessful attempt to deliver LockBit (attributed to Bitwise Spider or Syrphid) in the target network.
Security Affairs
SEPTEMBER 10, 2023
Rhysida Ransomware group added three more US hospitals to the list of victims on its Tor leak site after the PROSPECT MEDICAL attack. Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization. In early August, a cyberattack disrupted the computer systems of multiple hospitals operated by Prospect Medical Holdings , which are located in multiple states, including California, Tex
Bleeping Computer
SEPTEMBER 12, 2023
A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware. [.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Expert insights. Personalized for you.
124 
Let's personalize your content