Trending Articles

3 Bills Focus on Enhancing Electrical Grid Cybersecurity

Data Breach Today

Each Proposal Calls for a Different Approach to Mitigating Risks Lawmakers in the Senate and House have introduced legislation designed to improve and enhance the nation's electrical grid and respond to concerns that the country's power system is prone to cyberthreats

Malicious Office 365 Apps Are the Ultimate Insiders

Krebs on Security

Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

MY TAKE: Agile cryptography is coming, now that ‘attribute-based encryption’ is ready for prime time

The Last Watchdog

Encryption agility is going to be essential as we move forward with digital transformation. Refer: The vital role of basic research. All of the technical innovation cybersecurity vendors are churning out to deal with ever-expanding cyber risks, at the end of the day, come down to protecting encrypted data. But cryptography historically has been anything but agile; major advances require years, if not decades, of inspired theoretical research.

It's Time to Ditch Celebrity Cybersecurity

Dark Reading

High-profile attacks and solutions are shiny objects that can distract from the defenses that afford the greatest protection

The Unexpected Cost of Data Copies

This paper will discuss why organizations frequently end up with multiple data copies and how a secure "no-copy" data strategy enabled by the Dremio data lake service can help reduce complexity, boost efficiency, and dramatically reduce costs.

Tesla Remotely Hacked from a Drone

Schneier on Security

This is an impressive hack: Security researchers Ralf-Philipp Weinmann of Kunnamon, Inc.

More Trending

The Wages of Password Re-use: Your Money or Your Life

Krebs on Security

When normal computer users fall into the nasty habit of recycling passwords, the result is most often some type of financial loss. When cybercriminals develop the same habit, it can eventually cost them their freedom.

Cloud hosting provider Swiss Cloud suffered a ransomware attack

Security Affairs

Swiss cloud hosting provider Swiss Cloud has suffered a ransomware attack that seriously impacted its server infrastructure. On April 27 the Swiss cloud hosting provider was hit by a ransomware attack that brought down the company’s server infrastructure.

Cloud 111

7 Modern-Day Cybersecurity Realities

Dark Reading

Security pros may be working with a false sense of security. We explore seven places where old methods and techniques have to change to keep their organizations safe

Latest MITRE EDR Evaluations Contain Some Surprises

eSecurity Planet

MITRE Engenuity last month released the latest MITRE ATT&CK evaluations of endpoint security products, and the results contain some pretty big surprises.

Insights on Choosing an Identity Verification Solution Provider

Sort through today’s crowded identity verification solutions landscape with our guide, designed to help you choose the right provider based on your unique needs.

Chinese Group Apparently Targeted Russian Defense Contractor

Data Breach Today

Cybereason: Attack Used Previously Undocumented PortDoor Malware An attack group, likely based in China, recently conducted a spear-phishing attack against a defense contractor that develops nuclear submarine technology for the Russian Navy, according to the security firm Cybereason

Investment Scammer John Davies Reinvents Himself?

Krebs on Security

John Bernard , a pseudonym used by a convicted thief and con artist named John Clifton Davies who’s fleeced dozens of technology startups out of an estimated $30 million, appears to have reinvented himself again after being exposed in a recent investigative series published here.

Sales 130

A massive DDoS knocked offline Belgian government websites

Security Affairs

A massive distributed denial of service (DDoS) attack shut down Belgiums’ government websites, internal networks were also impacted.

Researchers Explore Active Directory Attack Vectors

Dark Reading

Incident responders who investigate attacks targeting Active Directory discuss methods used to gain entry, elevate privileges, and control target systems

104
104

Cassandra Data Modeling Guide to Best Practices

Are you a developer, database architect, or database administrator that's new to Cassandra but have been tasked with developing a Cassandra schema design? Learn the basic rules to keep in mind when designing your schema for Cassandra.

Then a Hacker Began Posting Patients’ Deepest Secrets Online

WIRED Threat Level

A family-run psychotherapy startup grew into a health care giant. It was a huge success—until the data breach and the anonymous ransom notes sent to clients. Backchannel Security Security / Cyberattacks and Hacks

GitHub Leaks: Lessons Learned

Data Breach Today

Experts Offer Advice on Avoiding Patient Data Exposure Recent incidents involving inadvertent exposure of patient data on GitHub, a software development platform, point to the need to ensure that data loss prevention tools are implemented, all available security controls are leveraged and employees are made aware of the risks involved.

Risk 222

German Federal Labor Court rules on the scope of the right to information under Art. 15 GDPR

DLA Piper Privacy Matters

Authors: Katharina Pauls and Katia Helbig. In a legal dispute to be decided by the German Federal Labor Court, the court had the opportunity to rule on the highly controversial scope of the right to information under Art. 15 GDPR. Specifically, the issue was whether or to what extent Art.

GDPR 89

Flaws in the BIND software expose DNS servers to attacks

Security Affairs

The Internet Systems Consortium (ISC) released updates for the BIND DNS software to patch several denial-of-service (DoS) and potential RCE flaws.

Use It, Save It, Or Lose It: Spring Cleaning for Information Governance

Speaker: Speakers Michelle Kirk of Georgia Pacific, Darla White of Sanofi, & Scott McVeigh of Onna

As an organization’s most valuable asset, data should be cared for and integrated, managed, archived, and deleted as appropriate. Join Onna, Georgia Pacific, and Sanofi for this on-demand webinar as they discuss proactive, practical steps for kicking off your organization's own digital cleanup.

Ransomware Task Force Publishes Framework to Fight Global Threat

Dark Reading

An 81-page report details how ransomware has evolved, along with recommendations on how to deter attacks and disrupt its business model

Don’t Buy Into Facebook’s Ad-Tracking Pressure on iOS 14.5

WIRED Threat Level

The company tells Apple users that tracking helps keep those platforms “free of charge,” but opting out now doesn't mean paying up later. Security Security / Privacy

DDoS Attack Knocks Belgian Websites Offline

Data Breach Today

ISP Belnet Targeted by Waves of Attacks The websites of about 200 public and private entities in Belgium were knocked fully or partially offline Tuesday by a distributed denial-of-service attack against the publicly funded internet service provider Belnet

191
191

New Spectre-Like Attacks

Schneier on Security

There’s new research that demonstrates security vulnerabilities in all of the AMD and Intel chips with micro-op caches, including the ones that were specifically engineered to be resistant to the Spectre/Meltdown attacks of three years ago.

Paper 81

Open Source & Open Standards: Navigating the Intricacies of a Symbiotic Partnership

Speaker: Guy Martin, Executive Director of OASIS Open

The COVID-19 global pandemic has raised the already bright visibility of technology to an even higher level. Join Guy Martin, Executive Director at OASIS Open, as he presents this webinar that will discuss how we can make open source and open standards even more effective by helping them recapture their strong partnership.

Hacking a Tesla Model X with a DJI Mavic 2 drone equipped with a WIFI dongle

Security Affairs

A security duo has demonstrated how to hack a Tesla Model X’s and open the doors using a DJI Mavic 2 drone equipped with a WIFI dongle. The scenario is disconcerting, hackers could use a drone to fly on your Tesla Model X and open the doors, a couple of researchers demonstrated.

Planning Our Passwordless Future

Dark Reading

All the talk that passwords could one day go away seemed too good to be true, yet the scales are finally started to tip to a passwordless reality. Part one of a two-part series

A Ransomware Group Hit DC Police—Then Pivoted to Extortion

WIRED Threat Level

Warrantless searches, tracking troops, and more of the week’s top security news. Security Security / Security News

NSA: OT Security Guidance in Wake of SolarWinds Attack

Data Breach Today

Agency Warns Attackers Could Use IT Exploits to Pivot to OT Systems The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and firms in the wake of the attack that targeted SolarWinds in 2020.

Leading Advertising and Analytics Company Outperforms With a Graph Database

Xandr, a division of AT&T, has built an identity graph that connects information on people, households, and more. The company is using this graph to provide advertisers an ability to deliver commercials more successfully than ever before. Learn more.

Serious MacOS Vulnerability Patched

Schneier on Security

Apple just patched a MacOS vulnerability that bypassed malware checks. The flaw is akin to a front entrance that’s barred and bolted effectively, but with a cat door at the bottom that you can easily toss a bomb through.

China-linked APT uses a new backdoor in attacks at Russian defense contractor

Security Affairs

China-linked APT group targets Russian nuclear sub designer with an undocumented backdoor. A China-linked cyberespionage group targets a Russian defense contractor involved in designing nuclear submarines for the Russian Navy.

Ghost Town Security: What Threats Lurk in Abandoned Offices?

Dark Reading

Millions of office buildings and campuses were rapidly abandoned during the pandemic. Now it's a year later. What happened in those office parks and downtown ghost towns? What security dangers lurk there now, waiting to ambush returning businesses