Thursday, October 1, 2020

Account takeover fraud rates skyrocketed 282% over last year

ATO is the weapon of choice for fraudsters leading up to the holiday shopping season, new data from Sift shows, and consumers place account security burden on businesses.

The state of security and the evolving role of CISOs in a pandemic

Cybersecurity leaders discuss business resiliency and identity challenges during a session at VMworld 2020.

Microsoft releases Digital Defense Report detailing increasingly advanced cyberattacks

There's been a surge in cybersecurity activity as companies continue to operate remotely and cybercriminals look to exploit the ongoing coronavirus pandemic.

How to handle cybersecurity amid a tight IT budget

There are ways to maintain and even enhance your security posture even when your tech budget is under stress, according to Kaspersky.

FBI says hackers want to stoke doubt about the 2020 election

In a PSA on Monday, the FBI and CISA warned about the potential for widespread disinformation campaigns in the run-up to November.

How to handle security risks in a hybrid work environment

Half of the organizations surveyed by Tessian were hit by a security incident while employees were working remotely. Here are some tips for mitigation.

5 more things to know about ransomware

Ransomware continues to be a cybersecurity threat. Tom Merritt lists five additional things to know about ransomware.

Google removes 17 Android apps designed to deploy Joker malware

The Joker malware has been a persistent thorn in Google's side as it keeps popping up in shady apps to infect users of the Google Play store.

Cybersecurity: How to properly perform vulnerability assessments in your organization

Assessing the security posture of devices is an important part of securing data and communications. Follow these steps to make sure you do it correctly.

How companies can meet the needs of the future workforce

The workforce is changing in the wake of a global pandemic. Learn some insights from industry executives about what companies and employees should be doing to evolve accordingly.

How to install common security tools via Homebrew on a Mac

We'll guide you through the process of using Homebrew package manager to install common security tools on macOS computers to assess and aid in hardening devices on your network.

Judge narrowly saves TikTok from latest US app store ban

The temporary ruling means that TikTok will still be available for downloading in the US, at least for now.

SpyCloud and CyberDefenses join forces on election security effort

A cybersecurity company providing services to one in five election jurisdictions across the United States has teamed up with another company to beef up digital protections.

Facebook removes a slew of accounts ahead of the US election

These campaigns used tailored messages to target audiences around the globe. As part of the announcement, Facebook also details account followers and advertising spending pertaining to these efforts.

How to install the Graylog system log manager on Ubuntu Server 20.04

Combing through logs on numerous servers can be a chore. Learn how to simplify that with the Graylog monitoring server.

#DTXNOW: Managing Uncertainty to Build Lasting Resilience in Security Teams

#DTXNOW: Managing Uncertainty to Build Lasting Resilience in Security Teams IT and security teams must learn how to navigate to uncertain environments in order to build lasting resilience, according to Jordan Schroeder, deputy MD & managing CISO at Hefestis, speaking...

InterPlanetary Storm: Cross-platform P2P botnet infects computers and IoT devices

IoT botnets have come a long way since Mirai showed its devastating potential in 2016 with distributed denial-of-server attacks that exceeded in strength anything seen before then. Myriad malware programs now infect poorly secured or vulnerable routers, IP cameras,...
The Register

Huawei’s UK code reviewers say the company is still crap at basic software security

Last year telcos scrambled to plug 'critical user-facing vuln' in Chinese network kit security researchers examining Huawei source code have so far verified just eight firmware binaries out of more than 60 used across Britain's mobile phone networks,...

With API attacks rising, Cloudflare launches a free API security tool

Claudflare launches API Shield, a new service to protect web APIs against attacks.
IBM Security

Integrating Security Awareness Training Into Employee Onboarding

Training your team on security awareness is an essential part of a successful security program. And, new employee onboarding is an optimal time to introduce your staff to your security best practices. This is in large part due to the...