Software and Technology - Cyber Security Informer

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Krebs on Security

SEPTEMBER 23, 2020

Tyler Technologies , a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations. Tyler Technologies declined to say how the intrusion is affecting its customers.

Technology

Technology Ransomware Software Government

FBI Raids Chinese Point-of-Sale Giant PAX Technology

Krebs on Security

OCTOBER 26, 2021

federal investigators today raided the Florida offices of PAX Technology , a Chinese provider of point-of-sale devices used by millions of businesses and retailers globally. FBI agents entering PAX Technology offices in Jacksonville today. Headquartered in Shenzhen, China, PAX Technology Inc. organizations. Source: WOKV.com.

Technology

Technology Retail Computers and Electronics Malware

Intel is Maintaining Legacy Technology for Security Research

Schneier on Security

NOVEMBER 30, 2021

Interesting : Intel’s issue reflects a wider concern: Legacy technology can introduce cybersecurity weaknesses. The warehouse stores around 3,000 pieces of hardware and software, going back about a decade. This creates a long tail of old products that remain in widespread use, vulnerable to attacks.

Technology

Technology Engineering Software Cybersecurity

News alert: Knocknoc raises seed funding to scale its just-in-time network access control technology

The Last Watchdog

MARCH 19, 2025

19, 2025, CyberNewswire — Sydney-based cybersecurity software company Knocknoc has raised a seed round from US-based venture capital firm Decibel Partners with support from CoAct and SomethingReal. Sydney, Australia, Mar. The funding will support go-to-market, new staff, customer onboarding and product development.

Technology

Technology Media Telecommunications Authentication

Monetization Monitor: Monetization Models and Pricing 2020

Advertiser: Revenera

Customers demand—and suppliers offer—a diverse mix of monetization models for Software and Digital Services related to IoT Devices. Approximately a third (34%) of respondents in this year’s annual software and IoT monetization survey still rely on homegrown solutions. Reliable insights aren’t getting easier as technology evolves.

IoT

News alert: INE secures spot in G2’s 2025 Top 50 education software rankings

The Last Watchdog

FEBRUARY 25, 2025

This category of awards ranks the worlds top 50 software education products based on authentic reviews from more than 100 million G2 users. Warn “We are thrilled to be recognized for a second consecutive year by G2’s Best Software Awards, said Dara Warn, CEO of INE. Cary, NC, Feb.

Education

Education Software Small Business Cybersecurity

Using Google Search to Find Software Can Be Risky

Krebs on Security

JANUARY 25, 2024

Google continues to struggle with cybercriminals running malicious ads on its search platform to trick people into downloading booby-trapped copies of popular free software applications. And by most accounts, the threat from bad ads leading to backdoored software has subsided significantly compared to a year ago. com , filezillasoft[.]com

Software

Software Advertising Malware Accountability

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Krebs on Security

JULY 8, 2021

The attackers exploited a vulnerability in software from Kaseya , a Miami-based company whose products help system administrators manage large networks remotely. Mandiant notified Kaseya after hearing about it from Alex Holden , founder and chief technology officer of Milwaukee-based cyber intelligence firm Hold Security.

Software

Software Ransomware System Administration Authentication

5 Best NIS2 Compliance Software and Solution Providers

Heimadal Security

FEBRUARY 10, 2025

Complying with the regulation involves a combination of changes to workflows, employee behavior, and technology. There isnt a single turnkey solution that will make you compliant on […] The post 5 Best NIS2 Compliance Software and Solution Providers appeared first on Heimdal Security Blog.

Software

Software Government Technology

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. All of these stats beg the question, “Do you know what’s in your software?”

Cybersecurity

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

As small businesses increasingly depend on digital technologies to operate and grow, the risks associated with cyber threats also escalate. INE Security advises businesses to secure their network by using firewalls, encrypting data, and regularly updating security software. Cary, NC, Oct.

Small Business

Small Business Data breaches Backups Passwords

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

AUGUST 29, 2023

Related: Pushing the fly-by-wire envelope This is especially true because systems are more interconnected and use more complex commercial software than ever before, meaning a vulnerability in one system could lead to a malicious actor gaining access to more important systems. Risks delineated Still, there have been many other incidents since.

Software

Software Risk Artificial Intelligence Cyber Attacks

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

Russia’s NKTsKI warns financial sector organizations about a breach at major Russian IT service and software provider LANIT. LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers. ” reads the security breach notification published by GosSOPKA.

Telecommunications

Telecommunications Software Technology Healthcare

The CrowdStrike Outage and Market-Driven Brittleness

Schneier on Security

JULY 25, 2024

As we experienced last week, a single problem in a small piece of software can take large swaths of the internet and global economy offline. In information technology, brittleness also results from the fact that hundreds of companies, none of which you;ve heard of, each perform a small but essential role in keeping the internet running.

Marketing

Marketing Software Internet Internet

Making Software Pirates Pay: An E-Commerce Playbook

Advertiser: Revenera

Vendors large and small have been using software intelligence to understand who is using unlicensed versions of their software so they can develop data-driven strategies to identify and convert unpaid users, generating new license revenue.

Software

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX. “This is the first time Mandiant has seen a software supply chain attack lead to another software supply chain attack,” reads the April 20 Mandiant report. Microsoft Corp.

Malware

Malware Software Technology Accountability

Fintech Giant Finastra Investigating Data Breach

Krebs on Security

NOVEMBER 19, 2024

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. The original October 31 post from abyss0, where they advertise the sale of data from several large banks that are customers of a large financial software company.

Data breaches

Data breaches Banking Cybercrime Advertising

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

DevHub is a platform designed for developers to access resources, tools, and APIs to build and integrate applications with Cisco’s technologies. It provides a range of development resources, including SDKs (Software Development Kits), documentation, sample code, and learning materials for networking, security, and cloud infrastructure.

Cybercrime

Cybercrime Data breaches Technology Banking

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

The Last Watchdog

MARCH 24, 2025

There are two sides to this: 1) assessing a technology vendors cryptoagility efforts in your RFPs as a part of determining third-party tech supplier risk, 2) assessing a technology vendors capability to help you in your PQC migration as technology functionality you can use.

Encryption

Encryption Financial Services Technology Risk

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows.

Government

Hacking Automobile Keyless Entry Systems

Schneier on Security

OCTOBER 17, 2022

Suspected members of a European car-theft ring have been arrested : The criminals targeted vehicles with keyless entry and start systems, exploiting the technology to get into the car and drive away. Among those arrested feature the software developers, its resellers and the car thieves who used this tool to steal vehicles.

Hacking

Hacking Manufacturing Marketing Software

Ted Chiang on the Risks of AI

Schneier on Security

MAY 12, 2023

as a broad set of technologies being marketed to companies to help them cut their costs, the question becomes: how do we keep those technologies from working as “capital’s willing executioners”? Yet such software could easily still cause as much harm as McKinsey has. If you think of A.I. Alternatively, if you imagine A.I.

Risk

Risk Software Technology Marketing

Black Hat Fireside Chat: Why grasping the context of code is a recipe for keeping software secure

The Last Watchdog

AUGUST 19, 2024

President Biden’s call for the mainstreaming of Software Bill of Materials (SBOMs) is a major step forward. He drew a vivid parallel between food safety and software security. The post Black Hat Fireside Chat: Why grasping the context of code is a recipe for keeping software secure first appeared on The Last Watchdog.

Software

Software Internet Internet Accountability

National Security Risks of Late-Stage Capitalism

Schneier on Security

MARCH 1, 2021

Early in 2020, cyberspace attackers apparently working for the Russian government compromised a piece of widely used network management software made by a company called SolarWinds. For a while, in 2019, the update server’s password for SolarWinds’s network management software was reported to be “solarwinds123.”

Risk

Risk Government Marketing Software

Another Event-Related Spyware App

Schneier on Security

NOVEMBER 15, 2022

The app also provides Egypt’s Ministry of Communications and Information Technology, which created it, with other so-called backdoor privileges, or the ability to scan people’s devices. It can also track people’s locations via smartphone’s built-in GPS and Wi-Fi technologies, according to two of the analysts.

Spyware

Spyware Technology Encryption Government

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

To wrap up our 2024 year-end roundtable, we turn our attention to new technologies and trends that are emerging to help bridge the gaps. Supply chain attacks will intensify through poisoned APIs and unchecked software dependencies. We can expect security teams feeling pressure to adopt new technology quickly.

Risk

Risk Threat Detection Technology Phishing

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Security Affairs

JANUARY 17, 2025

The Unified Extensible Firmware Interface (UEFI) is a specification that defines a software interface between an operating system and platform firmware. The Secure Boot mechanism allows the execution of only software that is trusted by the Original Equipment Manufacturer (OEM). Greenware Technologies, Radix Technologies Ltd.,

Firmware

Firmware Technology Software Manufacturing

On Not Fixing Old Vulnerabilities

Schneier on Security

MARCH 9, 2021

…26% of companies Positive Technologies tested were vulnerable to WannaCry, which was a threat years ago, and some even vulnerable to Heartbleed. “The most frequent vulnerabilities detected during automated assessment date back to 20132017, which indicates a lack of recent software updates,” the reported stated.

Technology

Technology Software Malware

How Phished Data Turns into Apple & Google Wallets

Krebs on Security

FEBRUARY 18, 2025

Rather, the missives are sent through the Apple iMessage service and through RCS , the functionally equivalent technology on Google phones. “The software can work from anywhere in the world,” Merrill said. Three individuals charged with using ghost tap software at an electronics store in Singapore.

Phishing

Phishing Mobile Scams Retail

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. Araneida Scanner. LinkedIn finds this same altugsara[.]com Neither Altug Sara nor Bilitro Yazilim responded to requests for comment.

Hacking

Hacking Cybercrime Advertising Data breaches

Maintaining & Updating Software

Adam Shostack

JANUARY 2, 2025

is unlikely that re-certifying on a new platform is less than weeks of work, and for larger products, it could easily extend to person years of work, to maintain software that's already been sold. We can demand that vendors pay, even many years after the software has shipped.

Software

Software Insurance Architecture Government

The NSA Has a Long-Lost Lecture by Adm. Grace Hopper

Schneier on Security

JULY 12, 2024

Grace Hopper titled “Future Possibilities: Data, Hardware, Software, and People.” With digital obsolescence threatening many early technological formats, the dilemma surrounding Admiral Hopper’s lecture underscores the critical need for and challenge of digital preservation. So they won’t do anything.

Technology

Technology Software

Identity Theft from 1965 Uncovered through Face Recognition

Schneier on Security

AUGUST 29, 2023

The facial recognition technology is used by the Maine Bureau of Motor Vehicles to ensure no one obtains multiple credentials or credentials under someone else’s name, said Emily Cook, spokesperson for the secretary of state’s office.

Identity Theft

Identity Theft Technology Software

Enhancing IT Support for Manufacturing Systems: Addressing Critical Gaps

SecureWorld News

DECEMBER 23, 2024

Manufacturing systems, especially the ones that work with SCADA technology (Supervisory Control and Data Acquisition), IoT devices, and other critical technologies, depend heavily on efficient IT support to ensure that the downtime is minimal, and the performance is optimal.

Manufacturing

Manufacturing IoT Data collection Technology

News Alert: Security Risk Advisors joins Microsoft Intelligent Security Association (MISA)

The Last Watchdog

JANUARY 7, 2025

Joining MISA represents a significant milestone, demonstrates the company’s ability to deliver impactful security solutions while increasing adoption of their SCALR XDR offering and helping clients maximize their investment in Microsoft Security technologies. Philadelphia, Pa.,

Risk

Risk Penetration Testing Marketing Technology

AIs as Computer Hackers

Schneier on Security

FEBRUARY 2, 2023

It’s a controlled setting for what computer hackers do in real life: finding and fixing vulnerabilities in their own systems and exploiting them in others’ It’s the software vulnerability lifecycle. The competition occurred in a specially designed test environment filled with custom software that had never been analyzed or tested.

Artificial Intelligence

Artificial Intelligence Technology Software Hacking

On the Zero-Day Market

Schneier on Security

MAY 24, 2024

The last ten years have seen a global market emerge for ready-made software that lets governments surveil their citizens and foreign adversaries alike and to do so more easily than when such work required tradecraft. The last ten years have also been marked by stark failures to control spyware and its precursors and components.

Marketing

Marketing Spyware Surveillance Government

A Security Vulnerability in the KmsdBot Botnet

Schneier on Security

DECEMBER 15, 2022

Security researchers found a software bug in the KmsdBot cryptomining botnet: With no error-checking built in, sending KmsdBot a malformed command—like its controllers did one day while Akamai was watching—created a panic crash with an “index out of range” error.

Technology

Technology Software

Newsweek Op-Ed: Banning Tik Tok And Other Chinese Apps Is Distracting Us From The Bigger Danger China Poses To American CyberSecurity

Joseph Steinberg

APRIL 25, 2023

It is hardly a secret that, for nearly 30 years, I have been warning about the danger posed to US national security by the simultaneous combination of our growing reliance on Chinese technology, and our general indifference to China’s huge technological “leaps forward” in the realm of cybersecurity.

Cybersecurity

Cybersecurity Artificial Intelligence Software Technology

Cisco states that the second data leak is linked to the one from October

Security Affairs

DECEMBER 30, 2024

DevHub is a platform designed for developers to access resources, tools, and APIs to build and integrate applications with Ciscos technologies. It provides a range of development resources, including SDKs (Software Development Kits), documentation, sample code, and learning materials for networking, security, and cloud infrastructure.

Data breaches

Data breaches Cybercrime Authentication Technology

MY TAKE: Black Hat USA 2024’s big takeaway – GenAI factors into the quest for digital resiliency

The Last Watchdog

AUGUST 12, 2024

This is all part of Generative AI and Large Language Models igniting the next massive technological disruption globally. Highlights of what I learned: Coding level The continual monitoring and hardening of business software as it is being rapidly developed, tested and deployed in the field has become a foundational best practice.

Software

Software Technology Mobile Cybersecurity

News alert: Aptori’s AI-driven platform reduces risk, ensures compliance — now on Google Marketplace

The Last Watchdog

MARCH 12, 2025

Unlike conventional tools, its proprietary semantic reasoning technology understands application logic and behavior in real-time, allowing it to detect complex security flawsincluding business logic vulnerabilities, API misconfigurations, and runtime threatsthat other solutions often miss.

Risk

Risk Engineering Digital transformation Technology

Chuck, Acme, and Remediation Avoidance

Adam Shostack

JANUARY 2, 2025

Now that Chuck has proven to Acme that even lightweight threat modeling can save money and time, Acme decides to give him a training course so that he can uplevel these skills and apply them consistently to all software he develops. With the right skills to manage the automation, you optimize the value of that technology investment.

Technology

Technology Penetration Testing Software Mobile

Sealed U.S. Court Records Exposed in SolarWinds Breach

Krebs on Security

JANUARY 7, 2021

The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) of the U.S.

Computers and Electronics

Computers and Electronics Software Engineering Accountability

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

FBI Raids Chinese Point-of-Sale Giant PAX Technology

Trending Sources

Intel is Maintaining Legacy Technology for Security Research

News alert: Knocknoc raises seed funding to scale its just-in-time network access control technology

Monetization Monitor: Monetization Models and Pricing 2020

News alert: INE secures spot in G2’s 2025 Top 50 education software rankings

Using Google Search to Find Software Can Be Risky

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

5 Best NIS2 Compliance Software and Solution Providers

Software Composition Analysis: The New Armor for Your Cybersecurity

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

Russia warns financial sector organizations of IT service provider LANIT compromise

The CrowdStrike Outage and Market-Driven Brittleness

Making Software Pirates Pay: An E-Commerce Playbook

3CX Breach Was a Double Supply Chain Compromise

Fintech Giant Finastra Investigating Data Breach

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Hacking Automobile Keyless Entry Systems

Ted Chiang on the Risks of AI

Black Hat Fireside Chat: Why grasping the context of code is a recipe for keeping software secure

National Security Risks of Late-Stage Capitalism

Another Event-Related Spyware App

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

On Not Fixing Old Vulnerabilities

How Phished Data Turns into Apple & Google Wallets

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Maintaining & Updating Software

The NSA Has a Long-Lost Lecture by Adm. Grace Hopper

Identity Theft from 1965 Uncovered through Face Recognition

Enhancing IT Support for Manufacturing Systems: Addressing Critical Gaps

News Alert: Security Risk Advisors joins Microsoft Intelligent Security Association (MISA)

AIs as Computer Hackers

On the Zero-Day Market

A Security Vulnerability in the KmsdBot Botnet

Newsweek Op-Ed: Banning Tik Tok And Other Chinese Apps Is Distracting Us From The Bigger Danger China Poses To American CyberSecurity

Cisco states that the second data leak is linked to the one from October

MY TAKE: Black Hat USA 2024’s big takeaway – GenAI factors into the quest for digital resiliency

News alert: Aptori’s AI-driven platform reduces risk, ensures compliance — now on Google Marketplace

Chuck, Acme, and Remediation Avoidance

Sealed U.S. Court Records Exposed in SolarWinds Breach

Stay Connected