Trending Now
LATEST
#DTXNOW: Time to Remove Security from IT
#DTXNOW: Time to Remove Security from IT
Speaking on a session titled “Is top level security possible on a shoestring budget?” as part of Digital Transformation Expo, security specialists were asked by moderator Jeremy White what their top tips were...
Phishing pages leverage CAPTCHAs to fool users, evade detection
Cyberattackers targeting the hospitality industry were recently observed using a phishing page that featured CAPTCHA technology as a way to elude detection, as well as to give potential victims a false sense of security that the malicious site was...
#DTXNOW: Managing Uncertainty to Build Lasting Resilience in Security Teams
#DTXNOW: Managing Uncertainty to Build Lasting Resilience in Security Teams
IT and security teams must learn how to navigate to uncertain environments in order to build lasting resilience, according to Jordan Schroeder, deputy MD & managing CISO at Hefestis, speaking...
InterPlanetary Storm: Cross-platform P2P botnet infects computers and IoT devices
IoT botnets have come a long way since Mirai showed its devastating potential in 2016 with distributed denial-of-server attacks that exceeded in strength anything seen before then. Myriad malware programs now infect poorly secured or vulnerable routers, IP cameras,...
Cisco researchers explain how disinformation tactics use your emotions to spread lies about the election
Before you share an "is this true?" post on social media, ask these questions to figure out if the post is designed to engage your emotions or your brain.
Huawei’s UK code reviewers say the company is still crap at basic software security
Last year telcos scrambled to plug 'critical user-facing vuln' in Chinese network kit UK.gov security researchers examining Huawei source code have so far verified just eight firmware binaries out of more than 60 used across Britain's mobile phone networks,...
With API attacks rising, Cloudflare launches a free API security tool
Claudflare launches API Shield, a new service to protect web APIs against attacks.
Cybersecurity Awareness Month: Train employees to be first line of defense
This October looks quite different from previous years, as IT oversees staff who are no longer centrally located, creating a larger attack surface for bad actors. Awareness is key, experts say.
Integrating Security Awareness Training Into Employee Onboarding
Training your team on security awareness is an essential part of a successful security program. And, new employee onboarding is an optimal time to introduce your staff to your security best practices.
This is in large part due to the...
Imperva acquires database security startup jSonar
jSonar secured a $50 million investment from Goldman Sachs only a few months ago.
What to do first when your company suffers a ransomware attack
For many companies it would be a nightmare to discover that they are the latest unwitting victim of a ransomware attack, capable of crippling computer systems and locking up data if a payment isn’t made to cybercriminals.
There’s no magic...
New RiskLens Solution Helps Organizations Optimize Cybersecurity Spending
Cyber risk management solutions provider RiskLens on Thursday announced a new capability designed to help organizations improve investment and budget decisions.
read more
October is National Cybersecurity Awareness Month
Original release date: October 1, 2020October is National Cybersecurity Awareness Month (NCSAM), which is a collaborative effort between the Cybersecurity and Infrastructure Security Agency (CISA) and its public and private partners—including the National Cyber Security Alliance—to ensure every American...
Russian Gets 7 Years in Prison for Linkedin, Dropbox & Formspring Hacks
A Russian man received a seven-year prison sentence for having hacked into computers belonging to LinkedIn, Dropbox and Formspring. On September 30, Honorable William H. Alsup, U.S. District Judge for the Northern District of California, sentenced Yevgeniy Alexandrovich Nikulin,...
Detecting Deep Fakes with a Heartbeat
Researchers can detect deep fakes because they don’t convincingly mimic human blood circulation in the face:
In particular, video of a person’s face contains subtle shifts in color that result from pulses in blood circulation. You might imagine that these...
Anthem to Pay Nearly $40M Settlement Over 2015 Cyberattack
Health insurer Anthem has agreed to another multimillion-dollar settlement over a cyberattack on its technology that exposed the personal information of nearly 79 million people.
read more
#BeCyberSmart – why friends don’t let friends get scammed
Friends don't let friends get scammed. Because cybercrime hurts us all.
Why a Security Maturity Model Can Transform How You Use Analytics
With cyberattacks and breaches on the rise, security should be a major concern for all companies. In particular, enabling the development of an analytics maturity model is a useful addition to your traditional security information and event management (SIEM)-based...
Twitter Removes Iran-Linked Accounts Aimed at Disrupting U.S. Presidential Debate
Twitter on Wednesday announced that it removed 130 accounts originating from Iran that were aimed at disrupting the first 2020 U.S. presidential debate.
The accounts, the social media platform reveals, were removed after the Federal Bureau of Investigation (FBI) alerted...
Cybersecurity Awareness Month 2020: Key Insights From Industry Experts
Now in its 17th year, Cybersecurity Awareness Month continues to play a critical role in raising awareness of the online threats faced by both organisations and individuals alike. This year’s theme – ‘Think Before U Click’ (#ThinkB4UClick) focuses on...
Beware: New Android Spyware Found Posing as Telegram and Threema Apps
A hacking group known for its attacks in the Middle East, at least since 2017, has recently been found impersonating legitimate messaging apps such as Telegram and Threema to infect Android devices with a new, previously undocumented malware.
"Compared to...
Experts Warn of $15 Million Global BEC Campaign
Experts Warn of $15 Million Global BEC Campaign
Security experts have discovered a major new Business Email Compromise (BEC) campaign that has already stolen over $15 million from a possible 150 organizations.
Israeli incident response specialist Mitiga was first called...
Russian Who Hacked LinkedIn, Dropbox Sentenced to 7 Years in Prison
A Russian hacker who was found guilty of hacking LinkedIn, Dropbox, and Formspring over eight years ago has finally been sentenced to 88 months in United States prison, that's more than seven years by a federal court in San Francisco this week.
Yevgeniy Aleksandrovich...
Emerging Products: Deception Network Tools
SC Labs tested nine deception networks tools for October that have dramatically improved in their ability to help organizations proactively detect, hunt and respond to threats. (Source: Attivo) SC Labs took another look at deception network tools this month....
What it takes to be a transformational CISO
Brian Kelly, back when he was CISO of Quinnipiac University, felt the pressure to take a different tack.
To read this article in full, please click here(Insider Story)
LEADERS
What to do first when your company suffers a ransomware attack
For many companies it would be a nightmare to discover that they are the latest unwitting victim of a ransomware attack, capable of crippling computer systems and locking up data if a payment isn’t made to cybercriminals.
There’s no magic...
Detecting Deep Fakes with a Heartbeat
Researchers can detect deep fakes because they don’t convincingly mimic human blood circulation in the face:
In particular, video of a person’s face contains subtle shifts in color that result from pulses in blood circulation. You might imagine that these...
A complete stranger controlled this woman’s home security system, but they’re not the one she’s angry with
Imagine being contacted by a complete stranger via Facebook, and them telling you that they have complete control over the security system in your new home.
Read more in my article on the Hot for Securiy blog.
Smashing Security podcast #198: Chucky the coffee maker
Coffee machines catching ransomware, Blacklight shines a torch on website tracking, and a woman is freaked out that a complete stranger can turn off her home's security system.
All this and much more is discussed in the latest edition of...
Negotiating with Ransomware Gangs
Really interesting conversation with someone who negotiates with ransomware gangs:
For now, it seems that paying ransomware, while obviously risky and empowering/encouraging ransomware attackers, can perhaps be comported so as not to break any laws (like anti-terrorist laws, FCPA, conspiracy...
