Trending Articles

Russian Cyberattacks on Ukraine Underscored By Microsoft

Data Breach Today

Data Wipers and Phishing Remain Widely Used Attack Tools in the Kremlin's War A report from the company behind the world's most ubiquitous operating system depicts active cyber scrimmage between Russia and Ukraine and Russia and a slew of other countries.

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

Authorities in the United States, Germany, the Netherlands and the U.K.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

ISMG Editors: Are We Closing in on a Federal Privacy Law?

Data Breach Today

The State of Passwordless in 2022, New Identity Technologies In the latest weekly update, Jeremy Grant, coordinator of the Better Identity Coalition, joins three editors at ISMG to discuss important cybersecurity issues, including where we are with passwordless, if we are getting closer to a U.S.

GUEST ESSAY: Threat hunters adapt personas, leverage AI to gather intel in the Dark Web

The Last Watchdog

The Deep & Dark Web is a mystery to most in the mainstream today: many have heard about it, but few understand just a fraction of what’s going on there. Related: ‘IABs’ spread ransomware. Planning your roadmap, executing your projects, and keeping an eye on the barrage of ransomware headlines, it’s understandable if you and your team are feeling some anxiety. Cyber anxiety can indeed be paralyzing, but new software solutions have the potential to become game-changers for IT departments.

Cyber Security, Change Management and Enterprise Risk Management: Scaling Operations for Growth

Speaker: William Hord, Vice President of Risk Management and Compliance

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

Exclusive: Lithuania under cyber-attack after the ban on Russian railway goods

Security Affairs

Cyber Spetsnaz is targeting government resources and critical infrastructure in Lithuania after the ban of Russian railway goods.

IoT 110

More Trending

Securing Digital Payments in the Future

Data Breach Today

Mastercard's Nick Coleman Discusses 'Threatcasting' and Real-Time Payments Ten years from now, "the ability to transact on a global basis will continue," says Nick Coleman, CSO, real-time payments at MasterCard, who adds, "Maybe my car will buy stuff for me."

Symbiote Backdoor in Linux

Schneier on Security

Interesting : What makes Symbiote different from other Linux malware that we usually come across, is that it needs to infect other running processes to inflict damage on infected machines.

RSAC insights: How IABs — initial access brokers — help sustain, accelerate the ransomware plague

The Last Watchdog

Specialization continues to advance apace in the cybercriminal ecosystem. Related: How cybercriminals leverage digital transformation. Initial access brokers, or IABs , are the latest specialists on the scene. IABs flashed to prominence on the heels of gaping vulnerabilities getting discovered and widely exploited in Windows servers deployed globally in enterprise networks.

Access 141

Cybercriminals Use Azure Front Door in Phishing Attacks

Security Affairs

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. Resecurity, Inc. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft.

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

AI Is Not a Security Silver Bullet

Dark Reading

AI can help companies more effectively identify and respond to threats, as well as harden applications

The Evolution of Phishing From Email to SMS and Voice Hacks

Data Breach Today

KnowBe4's Roger Grimes on Why MFA Alone Isn't a Successful Hack Prevention Strategy Phishing is no longer restricted to just emails.

Hidden Anti-Cryptography Provisions in Internet Anti-Trust Bills

Schneier on Security

Two bills attempting to reduce the power of Internet monopolies are currently being debated in Congress: S. 2992, the American Innovation and Choice Online Act ; and S. 2710, the Open App Markets Act.

Fireside chat: New ‘SASE’ weapon chokes off ransomware before attack spreads laterally

The Last Watchdog

It’s stunning that the ransomware plague persists. Related: ‘SASE’ blends connectivity and security. Verizon’s Data Breach Incident Report shows a 13 percent spike in 2021, a jump greater than the past years combined; Sophos’ State of Ransomware survey shows victims routinely paying $1 million ransoms. In response, Cato Networks today introduced network-based ransomware protection for the Cato SASE Cloud.

Cloud 130

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

Russian APT28 hacker accused of the NATO think tank hack in Germany

Security Affairs

The Attorney General has issued an arrest warrant for a hacker who targeted a NATO think tank in Germany for the Russia-linked APT28.

Microsoft 365 Users in US Face Raging Spate of Attacks

Dark Reading

A voicemail-themed phishing campaign is hitting specific industry verticals across the country, bent on scavenging credentials that can be used for a range of nefarious purposes

Canada's Desjardins Settles Data Breach Lawsuit for $155M

Data Breach Today

Million Customers' Private Details Sold by 'Malicious' Insider for 26 Months Canada's Desjardins Group has reached an out-of-court settlement to resolve a data breach class action lawsuit.

FBI Warns of Fraudsters on LinkedIn

KnowBe4

The US FBI has warned that scammers on LinkedIn are a “significant threat,” CNBC reports. Sean Ragan, the FBI’s special agent in charge of the San Francisco and Sacramento field offices, told CNBC in an interview that cryptocurrency scams have been particularly widespread recently.

93

Understanding Cadence Workflow for Developers and Architects

Explore the basics of Cadence and understand the benefits it can provide to your organization. This whitepaper will dive into a brief history of Cadence, how workflows can be put into practice, and how you can apply Cadence to your data infrastructure.

Q&A: The lesser role VPNs now play for enterprises, SMBs — in a post-pandemic world

The Last Watchdog

During the first two decades of this century, virtual private networks —VPNs—served as a cornerstone of network security. Related: Deploying human sensors. VPNs encrypt data streams and protect endpoints from unauthorized access, essentially by requiring all network communications to flow over a secured pipe. This worked extremely well for users accessing network resources remotely via their company-issued laptops and immobile home computers.

Cloud 122

New DFSCoerce NTLM relay attack allows taking control over Windows domains

Security Affairs

Experts discovered a new kind of Windows NTLM relay attack dubbed DFSCoerce that allows taking control over a Windows domain. Researchers warn of a new Windows NTLM relay attack dubbed DFSCoerce that can be exploited by threat actors to take control over a Windows domain.

Feds Take Down Russian 'RSOCKS' Botnet

Dark Reading

RSOCKS commandeered millions of devices in order to offer proxy services used to mask malicious traffic

111
111

Siemens Patches Vulnerabilities in Network Management System

Data Breach Today

15 Flaws Can Be Exploited for DoS and RCE Attacks, Credential Leaks Siemens is advising its SINEC NMS customers to update to version V1.0 SP2 or newer in order to prevent exploitation of vulnerabilities that could allow remote execution of malicious code.

Detect and Respond to Threats Across Your Applications, Networks, and Infrastructure

Understand how to solve cloud complexity challenges with threat detection tools, analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework with Datadog Security Monitoring.

The Importance of Data Governance and Compliance

IT Governance

Data governance and regulatory compliance go hand in hand. Organisations need robust governance practices if they are to stay on top of their legal requirements, while those obligations are designed to help them operate more effectively.

GUEST ESSAY: New SEC rules aim to help C-levels, board members quantify cyber risks

The Last Watchdog

The U.S. Securities and Exchange Commission (SEC) is taking steps to crack down on insufficient cyber risk reporting. Related : Making third-party risk audits actionable. Seeking to minimize cybersecurity threat effects, the SEC has proposed several amendments requiring organizations to report on cyber risk in a “fast, comparable, and decision-useful manner.”. Worryingly, threats are beginning to outpace organizations’ ability to effectively prevent and respond to them.

Risk 101

New ToddyCat APT targets high-profile entities in Europe and Asia

Security Affairs

Researchers linked a new APT group, tracked as ToddyCat, to a series of attacks targeting entities in Europe and Asia since at least December 2020.

Capital One Attacker Exploited Misconfigured AWS Databases

Dark Reading

After bragging in underground forums, the woman who stole 100 million credit applications from Capital One has been found guilty

110
110

The Ultimate Guide to Executive Recruiting

Sourcing the right executive candidates and filling key managerial roles in an organization can be difficult, even in the best of times. Download this eBook to level up your discovery process, talent sourcing, and strategies for reaching your best-fit candidates.

Cyberattack Blamed for Setting Off Rocket Sirens in Israel

Data Breach Today

Sirens Ring in Jerusalem, Eilat; System Used to Warn Citizens About Missile Attacks Iranian hackers may be responsible for rocket sirens sounding for almost an hour in two Israeli cities on Sunday night.

Tracking People via Bluetooth on Their Phones

Schneier on Security

We’ve always known that phones—and the people carrying them—can be uniquely identified from their Bluetooth signatures, and that we need security techniques to prevent that. This new research shows that that’s not enough.

Over 2000 Social Engineering Scammers Arrested in Multi-Country Crackdown on Fraud, BEC, and Money Laundering

KnowBe4

Thousands of members of cybercriminal groups were arrested in a sting that lasted 2 months and involved coordinated efforts of the law enforcement departments of 76 countries. Social Engineering Cybercrime

88