InfoSec and Internet - Cyber Security Informer

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

Daniel Miessler

NOVEMBER 6, 2020

2021-2030) A Surge in Demand for InfoSec people will result in many more professionals being trained and placed within companies, likely using more of a trade/certification model than a 4-year university model. That’s the distant future of InfoSec, with humans playing less and less a part in the equation as time goes on.

InfoSec

InfoSec Insurance Artificial Intelligence Cybersecurity

MY TAKE: Peerlyst shares infosec intel; recognizes Last Watchdog as a top cybersecurity influencer

The Last Watchdog

OCTOBER 3, 2019

Sharing intelligence for the greater good is an essential component of making Internet-centric commerce as safe and as private as it needs to be. Started by infosec professionals, Peerlyst takes the characteristics of B2B communications we’ve become accustomed to on Twitter and LinkedIn and directs it toward cybersecurity.

InfoSec

InfoSec B2B Cybersecurity Cyber Risk

The Irony of InfoSec’s Reaction to Crytpo, NFTs, and Web3

Daniel Miessler

FEBRUARY 2, 2022

There’s something strange about how our InfoSec community is reacting to cryptocurrency, NFTs, and Web3. Like, holy s**t, we could very well be in the BBS days of a new type of internet. Many of them are quiet about it because they don’t want to be ridiculed by their fellow InfoSec people. We can do better.

InfoSec

InfoSec Internet Internet Cryptocurrency

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

10 Things to NOT Say to Your Infosec Valentine…Ever

Security Boulevard

FEBRUARY 14, 2022

Love may be in the air for all in the month of February, but for us infosec folks there are a lot of other, less desirable things also floating over the air waves (I mean networks, internet, …). The post 10 Things to NOT Say to Your Infosec Valentine…Ever appeared first on Security Boulevard.

InfoSec

InfoSec CISO Internet Internet

CTO of Center for Internet Security Expounds on Transforming InfoSec

SecureWorld News

NOVEMBER 9, 2022

We have so much change happening and we can drive it to happen in a more positive way to reduce the resource needs for organizations and actually scale security for businesses of all sizes.".

InfoSec

InfoSec Internet Internet Encryption

Cybersecurity in wartime: how Ukraine's infosec community is coping

CSO Magazine

FEBRUARY 27, 2023

Power and internet outages are common. With Russia now controlling around 18% of Ukraine's territory including Donbas and Crimea, tech workers face formidable challenges. Air raid sirens blast all the time. Explosions are heard in the distance. Sometimes, code is written in a basement. To read this article in full, please click here

InfoSec

InfoSec Cybersecurity Internet Internet

Web3 and the Decentralized Internet

Security Boulevard

DECEMBER 31, 2021

What is it and what will it mean to have a decentralized Internet. The post Web3 and the Decentralized Internet appeared first on The Shared Security Show. The post Web3 and the Decentralized Internet appeared first on Security Boulevard.

Internet

Internet Internet Cryptocurrency Cybersecurity

Infosec Community Increasingly Concerned about SolarWinds Breach, Four Months In

Hot for Security

MARCH 30, 2021

Four months in, the infosec community is more concerned than ever about the infamous supply chain attack that resulted in the breach of more than 18,000 (confirmed) organizations. The reason? More details keep bubbling up as forensic investigations continue.

InfoSec

InfoSec Software Data breaches Cybersecurity

Weekly Update 109

Troy Hunt

OCTOBER 19, 2018

Given the interest after my pointing out a couple of little differences in the US compared to the rest of the world last week, after the usual tech and infosec intro this week I decided to focus a big whack of this week's video on what some of differences look like. So yeah, business as usual on the internet!

InfoSec

InfoSec Scams Data breaches Internet

Daniel Miessler on My Writings about IoT Security

Schneier on Security

JANUARY 9, 2018

Daniel Miessler criticizes my writings about IoT security: I know it's super cool to scream about how IoT is insecure, how it's dumb to hook up everyday objects like houses and cars and locks to the internet, how bad things can get, and I know it's fun to be invited to talk about how everything is doom and gloom.

IoT

IoT InfoSec Risk Internet

Missouri 'Hacking' Controversy: Here's How InfoSec Pros Are Responding

SecureWorld News

OCTOBER 18, 2021

When it comes to Missouri Governor Mike Parson's explosive reaction to a reporter "hacking" the state's web application, there is an outpouring of public figures, InfoSec professionals, and other tech experts telling the governor what they think. October 14, 2021. This mentality is the reason why cybersecurity is terrible everywhere.

InfoSec

InfoSec Hacking Education Cybersecurity

No Password Microsoft Accounts, Facebook Smart Glasses, Security.txt Internet Standard

Security Boulevard

SEPTEMBER 26, 2021

The post No Password Microsoft Accounts, Facebook Smart Glasses, Security.txt Internet Standard appeared first on The Shared Security Show. The post No Password Microsoft Accounts, Facebook Smart Glasses, Security.txt Internet Standard appeared first on The Shared Security Show.

Internet

Internet Internet Passwords Accountability

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.

Risk

Risk VPN Internet Internet

Graphics Card Web Tracking, Fake Job Ad Scams, Hacker Takes Down North Korea’s Internet

Security Boulevard

FEBRUARY 6, 2022

The post Graphics Card Web Tracking, Fake Job Ad Scams, Hacker Takes Down North Korea’s Internet appeared first on The Shared Security Show. The post Graphics Card Web Tracking, Fake Job Ad Scams, Hacker Takes Down North Korea’s Internet appeared first on Security Boulevard.

Scams

Scams Internet Internet InfoSec

BSides Berlin 2021 – Aditya K. Sood’s ‘(Internet of Things or Threats) Anatomizing The Structure Of loT Botnets’

Security Boulevard

JANUARY 11, 2022

Sood’s ‘(Internet of Things or Threats) Anatomizing The Structure Of loT Botnets’ appeared first on Security Boulevard. Our thanks to BSides Berlin for publishing their tremendous videos from the BSides Berlin 2021 Conference on the organization’s’ YouTube channel. The post BSides Berlin 2021 – Aditya K.

Internet

Internet Internet Education InfoSec

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

Cybersecurity professionals have various views on last week's news from the United States Securities and Exchange Commission (SEC) when it surprised the InfoSec community and the C-suites of corporate America. I recommend the TTX exercise or 'game' be created using the Center for Internet Security v8 control objectives and free templates.

CISO

CISO InfoSec Risk Cybersecurity

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

Consider that most of us spend more time navigating the Internet on our laptops and smartphones than we do behind the wheel of a car. But the larger point is that Xbash is just one of dozens of malware families circulating far and wide across the Internet. Credential stuffing campaigns have become part of the fabric of the Internet.

Passwords

Passwords Password Management Internet Internet

EDRi PrivacyCamp22 – Panel: ‘A Feminist Internet’

Security Boulevard

MARCH 1, 2022

The post EDRi PrivacyCamp22 – Panel: ‘A Feminist Internet’ appeared first on Security Boulevard. Sincere thanks to EDRi (European Digital Rights) for publishing their phenomenal videos from the EDRi PrivacyCamp22 Conference on the organization’s YouTube channel.

Internet

Internet Internet Education InfoSec

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

Security Affairs

JULY 13, 2020

Records of 45 Million+ travelers to Thailand and Malaysia Leaked on #Darkweb (Blog Link) [link] #infosec #leaks #CyberSecurity pic.twitter.com/zHOujQ8CMm — Cyble (@AuCyble) July 12, 2020. The huge trove of data was discovered by the researchers during their regular Deepweb and Darkweb monitoring activity.

Mobile

Mobile InfoSec Data breaches Advertising

Inside the Massive Alleged AT&T Data Breach

Troy Hunt

MARCH 18, 2024

It is undoubtedly in the hands of thousands of internet randos. The linked article talks about the author verifying the data with various people he knows, as well as other well-known infosec identities verifying its accuracy. So, let's focus on what we can prove, starting with the accuracy of the data.

Data breaches

Data breaches Encryption Identity Theft InfoSec

Infosec policy development

Notice Bored

APRIL 10, 2021

We're currently preparing some new information risk and security policies for SecAware.com. It's hard to find gaps in the suite of 81 policy templates already on sale (!)

InfoSec

InfoSec Penetration Testing Information Security Risk

I'm Testifying in Front of Congress in Washington DC about Data Breaches - What Should I Say?

Troy Hunt

NOVEMBER 21, 2017

Obviously, the work I've been doing with Have I Been Pwned (HIBP) has given me a heap of insight into this specific area of infosec over the last 4 years and the folks from DC felt my views on things might be helpful. That was all great and I was happy to share my thoughts from the other side of the world.

Data breaches

Data breaches InfoSec Backups IoT

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Security Affairs

JANUARY 19, 2020

The list appears to be the result of an Internet scan for devices using default credentials or easy-to-guess passwords. ” The lists leaked online are dated October-November 2019, let’s hope that Internet Service Providers will contact ZDNet to receive them and check if the devices belong to their network and secure them. .

IoT

IoT DDOS InfoSec Internet

BSides Knoxville 2023 – Zachary Hunsaker – Open Source Intelligence: What Does The Internet Know About You?

Security Boulevard

JULY 7, 2023

Permalink The post BSides Knoxville 2023 – Zachary Hunsaker – Open Source Intelligence: What Does The Internet Know About You? Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel. appeared first on Security Boulevard.

Internet

Internet Internet CISO Education

Microsoft Exchange ProxyNotShell vulnerability explained and how to mitigate it

CSO Magazine

DECEMBER 15, 2022

Last year, two high severity, easily exploitable Microsoft Exchange vulnerabilities dubbed ProxyLogon and ProxyShell made waves in the infosec sphere. Both vulnerabilities impact Microsoft Exchange Server on-premises and hybrid setups running Exchange versions 2013, 2016, and 2019 with an internet-exposed Outlook Web App (OWA) component.

InfoSec

InfoSec Authentication Internet Internet

Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs

DoublePulsar

OCTOBER 22, 2024

Back on October 13th, I started a Mastodon thread for something I’d come across: Kevin Beaumont (@GossiTheDog@cyberplace.social) The thread is a bit wild, I didn’t know about the FortiNet private notification as I’m just an InfoSec pleb (InfoSec porg?) My advice is don’t present FGFM to the internet in those situations.

Firewall

Firewall InfoSec Internet Internet

10 Funny Tweets to Promote #CybersecurityAwareness

SecureWorld News

OCTOBER 6, 2021

Follow For More >> @TowardsCybersec #cybersecurity #security #privacy #infosec #meme #internet #Threat #digital #tech #creativity #Hacked #people #Online #safety #data #informationtechnology #informationsecurity pic.twitter.com/tTAPWh4peR — Towards Cybersecurity (@TowardsCybersec). October 5, 2021. October 5, 2021.

InfoSec

InfoSec Passwords Cybersecurity Media

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

“The infosec industry is always trying to distinguish [the work] of one APT group from another. . “From what they chat about we can see this is a very competitive industry, where companies in this space are constantly poaching each others’ employees and tools,” Danowski said. But that’s getting harder to do.”

Government

Government Hacking Cyber threats Mobile

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

Hot for Security

FEBRUARY 16, 2021

Seismic monitoring devices linked to the internet are vulnerable to cyberattacks that could disrupt data collection and processing, according to Michael Samios of the National Observatory of Athens and his fellow colleagues who put together a new study published in Seismological Research Letters.

IoT

IoT InfoSec Data collection Encryption

CERIAS – Scott Shackelford’s ‘The Internet of Things: What Everyone Needs To Know’

Security Boulevard

APRIL 3, 2021

The post CERIAS – Scott Shackelford’s ‘The Internet of Things: What Everyone Needs To Know’ appeared first on Security Boulevard. Many thanks to CERIAS Purdue University for publishing their outstanding videos on the organization's YouTube channel. Enjoy and Be Educated Simultaneously!

Internet

Internet Internet Education InfoSec

Introducing Securepairs.org: Fighting Infosec FUD for the Right to Repair

The Security Ledger

APRIL 29, 2019

The post Introducing Securepairs.org: Fighting Infosec FUD for the Right to Repair appeared first on. » Related Stories Testimony: There’s No Internet of Things Risk in Repair Podcast 127: Donnie, Talk to China and Other Lessons from 2018 How Digital Transformation is forcing GRC to evolve. Read the whole entry. »

InfoSec

InfoSec Digital transformation Internet Internet

103,000 machines are still vulnerable to SMBGhost attacks

Security Affairs

NOVEMBER 1, 2020

The researcher Jan Kopriva published a post on the SANS ISC Infosec Forums and revealed that over 103 000 machines online are yet to be patched. This would mean that a vulnerable machine hides behind approximately 8% of all IPs, which have port 445 open.” ” reads the post.

InfoSec

InfoSec Advertising Malware Internet

Y2k + 20: risk, COVID and "the Internet issue"

Notice Bored

JANUARY 9, 2021

which leaves our organisations, management and society at large asking themselves "What have the infosec pros ever done for us? They are both global in scope and potentially disastrous in nature, and worse still they are both linked through the Internet - the big daddy of all information risks facing the planet right now. Yeah, right.

Internet

Internet Internet Risk InfoSec

Operation Fortify: A US Ransomware Plan

Daniel Miessler

OCTOBER 4, 2020

We could also have a massive network of technical support, using people in infosec who already have jobs. It’s just a placeholder graphic from the internet that I added the Fortify project name to. So basically the Fortify Operatives? who are deployed onsite can ask questions about installations, configs, etc.

Ransomware

Ransomware Small Business Government InfoSec

The 7 Biggest Cybersecurity Scoops from February 2015

SiteLock

AUGUST 27, 2021

Internet Explorer Vulnerability Discovered. Earlier this month, a security researcher discovered a major security flaw in Microsoft’s Internet Explorer browser. The Internet of Things and Cyber Security. The Infosec Institute recently wrote a topic on the subject, which can be read here. You can read it here.

Passwords

Passwords Cybersecurity Internet Internet

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

Joseph Steinberg

JUNE 10, 2022

As a result, cybersecurity programs must be crafted and implemented not only to defend against lateral movement through data systems by so called “authorized users” but also to treat users on internal networks as if they were no more trustworthy than users accessing via Internet-based connections emanating from halfway around the work.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Wireless

DEF CON 29 Biohacking Village – Mariam Elgabry’s ‘Internet Of Ingestible Things: Security By Design’

Security Boulevard

OCTOBER 5, 2021

The post DEF CON 29 Biohacking Village – Mariam Elgabry’s ‘Internet Of Ingestible Things: Security By Design’ appeared first on Security Boulevard. Our thanks to DEFCON for publishing their tremendous DEFCON Conference Biohacking Village videos on the groups' YouTube channel.

Internet

Internet Internet Education InfoSec

DEFCON 29 IoT Village – Juneau’s ‘Strategic Trust And Deception In The Internet Of Things’

Security Boulevard

NOVEMBER 24, 2021

The post DEFCON 29 IoT Village – Juneau’s ‘Strategic Trust And Deception In The Internet Of Things’ appeared first on Security Boulevard. Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel.

IoT

IoT Internet Internet Education

Top 8 Cybersecurity Podcasts of 2021

eSecurity Planet

APRIL 23, 2021

Since 2017, host Jack Rhysider has investigated some of the most noteworthy stories related to the darkside of the internet, specifically hacking, data breaches, and cybercrime. It requires some baseline industry knowledge, but it’s a great way to stay on top of InfoSec current events. Malicious Life. 5 stars, 670 ratings.

Cybersecurity

Cybersecurity InfoSec Cybercrime Hacking

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

The Last Watchdog

JANUARY 22, 2024

As part of ChargePoint’s commitment to customer security, the company encourages researchers to collaborate with ChargePoint InfoSec to identify potential new vulnerabilities in its products or environment. For more information, please email the InfoSec team at: infosec@chargepoint.com.

IoT

IoT InfoSec Firmware Manufacturing

Chik-fil-A Investigates 'Suspicious Activity' on Customer Accounts

SecureWorld News

JANUARY 9, 2023

chik-fil-a.com #cybersecurity #infosec @ChickfilA pic.twitter.com/kWSBpvQCNt — Dominic Alvieri (@AlvieriD). In the last week or so, several customers took to the internet to share their story of what happened to their CFA account. This has not been handled well. January 6, 2023.

Accountability

Accountability InfoSec Media Passwords

How Fake Accounts and Sneaker-Bots Took Over the Internet

Threatpost

JULY 8, 2021

Jason Kent, hacker-in-residence at Cequence Security, discusses fake online accounts, and the fraud they carry out on a daily basis.

Accountability

Accountability Internet Internet InfoSec

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

JULY 28, 2020

Luca is working as Principal Offensive Security Engineer and in his spare time is involved in InfoSec where the main fields of research are: Radio Networks, Hardware Reverse Engineering, Hardware Hacking, Internet of Things and Physical Security. About the author: Luca Bongiorni.

IoT

IoT Hacking Firmware Advertising

Hacking a X-RAY Machine with WHIDelite & EvilCrowRF

Security Affairs

APRIL 20, 2021

He is also actively involved in InfoSec where his main fields of research are: Radio Networks, Reverse Engineering, Hardware Hacking, Internet of Things, and Physical Security. The expert published a video PoC of the attack: Author Biography: Luca Bongiorni is working as Head of Offensive Security.

Hacking

Hacking InfoSec Engineering Internet

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

MY TAKE: Peerlyst shares infosec intel; recognizes Last Watchdog as a top cybersecurity influencer

Webinars

Trending Sources

The Irony of InfoSec’s Reaction to Crytpo, NFTs, and Web3

Webinars

10 Things to NOT Say to Your Infosec Valentine…Ever

CTO of Center for Internet Security Expounds on Transforming InfoSec

Cybersecurity in wartime: how Ukraine's infosec community is coping

Web3 and the Decentralized Internet

Infosec Community Increasingly Concerned about SolarWinds Breach, Four Months In

Weekly Update 109

Daniel Miessler on My Writings about IoT Security

Missouri 'Hacking' Controversy: Here's How InfoSec Pros Are Responding

No Password Microsoft Accounts, Facebook Smart Glasses, Security.txt Internet Standard

CISA Order Highlights Persistent Risk at Network Edge

Graphics Card Web Tracking, Fake Job Ad Scams, Hacker Takes Down North Korea’s Internet

BSides Berlin 2021 – Aditya K. Sood’s ‘(Internet of Things or Threats) Anatomizing The Structure Of loT Botnets’

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

EDRi PrivacyCamp22 – Panel: ‘A Feminist Internet’

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

Inside the Massive Alleged AT&T Data Breach

Infosec policy development

I'm Testifying in Front of Congress in Washington DC about Data Breaches - What Should I Say?

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

BSides Knoxville 2023 – Zachary Hunsaker – Open Source Intelligence: What Does The Internet Know About You?

Microsoft Exchange ProxyNotShell vulnerability explained and how to mitigate it

Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs

10 Funny Tweets to Promote #CybersecurityAwareness

New Leak Shows Business Side of China’s APT Menace

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

CERIAS – Scott Shackelford’s ‘The Internet of Things: What Everyone Needs To Know’

Introducing Securepairs.org: Fighting Infosec FUD for the Right to Repair

103,000 machines are still vulnerable to SMBGhost attacks

Y2k + 20: risk, COVID and "the Internet issue"

Operation Fortify: A US Ransomware Plan

The 7 Biggest Cybersecurity Scoops from February 2015

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

DEF CON 29 Biohacking Village – Mariam Elgabry’s ‘Internet Of Ingestible Things: Security By Design’

DEFCON 29 IoT Village – Juneau’s ‘Strategic Trust And Deception In The Internet Of Things’

Top 8 Cybersecurity Podcasts of 2021

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

Chik-fil-A Investigates 'Suspicious Activity' on Customer Accounts

How Fake Accounts and Sneaker-Bots Took Over the Internet

Hacking IoT & RF Devices with BürtleinaBoard

Hacking a X-RAY Machine with WHIDelite & EvilCrowRF

Stay Connected