Blog, Cybersecurity and Information Security - Information Management Today

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

The Last Watchdog

OCTOBER 19, 2020

There is no shortage of innovative cybersecurity tools and services that can help companies do a much better job of defending their networks. alone, in fact, there are more than 5,000 cybersecurity vendors. All of this activity has put a strain on how companies buy and sell cybersecurity solutions.

Cybersecurity

Cybersecurity B2B Sales Compliance

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. Some requirements also apply specifically to larger covered entities falling under the “Class A companies” category.

Financial Services

Financial Services Cybersecurity Compliance Government

Italy announced its National Cybersecurity Strategy 2022/26

Security Affairs

MAY 26, 2022

Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of the country. The strategy recognizes the duty of the State in implementing measures to increase the security of the state, organizations, and its citizens in the digital domain.

Cybersecurity

Cybersecurity IT Risk Government

Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant

Security Affairs

JUNE 6, 2022

LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Today the LockBit ransomware gang has added the cybersecurity firm Mandiant to the list of victims published on its darkweb leak site. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Cybersecurity Archiving Security

Distribute Cybersecurity Tasks with Diffusion of Responsibility in Mind

Lenny Zeltser

NOVEMBER 3, 2023

After all, people outside the security team are the ones who deliver services, build products, or otherwise engage in business activities that require making security-related decisions. How might we distribute cybersecurity tasks and operationalize the perhaps utopian idea that "security is everyone's responsibility"?

Cybersecurity

Cybersecurity Security Authentication Compliance

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

JUNE 4, 2019

With the largest concentration of cybersecurity expertise –– the “oil” — in the world, Maryland is fast changing from the Old Line State into “Cybersecurity Valley.” The foundation of Silicon Valley was set, and today comparable technology development pieces are being laid in Maryland on the cybersecurity front.

Cybersecurity

Cybersecurity Computer and Electronics Data science Marketing

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

Data Matters

FEBRUARY 10, 2022

Securities and Exchange Commission (SEC), announced that he has asked SEC staff to provide sweeping rulemaking recommendations to modernize and expand the agency’s rules relating to cybersecurity. These SEC rules could broadly affect cybersecurity requirements across the U.S. Public Companies and Service Providers.

Cybersecurity

Cybersecurity Marketing Risk Compliance

Multiple Microsoft Office versions impacted by an actively exploited zero-day

Security Affairs

MAY 30, 2022

The cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) The popular cybersecurity expert Kevin Beaumont published an analysis of the flaw. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Cybersecurity

Cybersecurity Security IT Information Security

CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog

Security Affairs

MAY 25, 2022

US Critical Infrastructure Security Agency (CISA) adds 41 new vulnerabilities to its Known Exploited Vulnerabilities Catalog. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?. Follow me on Twitter: @securityaffairs and Facebook.

IT

IT Cybersecurity Risk Security

Black Basta ransomware now supports encrypting VMware ESXi servers

Security Affairs

JUNE 8, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Encryption

Encryption Ransomware Cybersecurity Security

Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers

Security Affairs

JUNE 12, 2022

Researchers from cybersecurity firm GreyNoise reported that 23 unique IP addresses were observed exploiting the Atlassian vulnerabilities. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Cybersecurity Encryption Security

A new WhatsApp OTP scam could allow the hijacking of users’ accounts

Security Affairs

MAY 30, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Cybersecurity

Cybersecurity Security IT Information Security

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks

Security Affairs

MAY 28, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Phishing

Phishing Cybersecurity Security IT

Reuters: Russia-linked APT behind Brexit leak website

Security Affairs

MAY 28, 2022

According to a Google cybersecurity official and the former head of UK foreign intelligence, the “Very English Coop d’Etat” website was set up to publish private emails from Brexit supporters, including former British MI6 chief Richard Dearlove, leading Brexit campaigner Gisela Stuart, and historian Robert Tombs. .””

Cybersecurity

Cybersecurity Authentication Security IT

LockBit ransomware attack impacted production in a Mexican Foxconn plant

Security Affairs

JUNE 2, 2022

The company’s cybersecurity team has been carrying out the recovery plan accordingly. The cybersecurity attack is estimated to have little impact on the Group’s overall operations. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Pierluigi Paganini.

Ransomware

Ransomware Manufacturing Cybersecurity Security

A Report Template for Incident Response

Lenny Zeltser

SEPTEMBER 13, 2023

Preparing for cybersecurity and data privacy incidents involves creating checklists and documented plans to enable the response team to do their best during the incident. I’m happy to share the public version of this template with the community in this blog post. What was the root cause? What was and remains to be done?

Cybersecurity

Cybersecurity Data Privacy Privacy Communications

Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club

Security Affairs

JUNE 5, 2022

” reads the analysis published by blockchain cybersecurity firm CertiK. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Phishing

Phishing Blockchain Cybersecurity Authentication

Italian National Cybersecurity Perimeter: With great power comes great responsibility!

Privacy and Cybersecurity Law

JUNE 23, 2021

On June 11, 2021, the Regulation on notifications of incidents affecting networks, information systems and IT services (“ Regulation ”) – adopted by means of the Decree of the President of the Council of Ministers (DPCM) of 14 April 2021, no. National and EU agenda for cybersecurity. 82, providing urgent provisions on cybersecurity.

Cybersecurity

Cybersecurity Communications Data breaches Security

GitLab addressed critical account take over via SCIM email change

Security Affairs

JUNE 4, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Cybersecurity

Cybersecurity Security IT Information Security

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Security Affairs

MAY 26, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) issued the Emergency Directive 22-03 to order federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 flaws or to remove the affected products from their networks by May 23, 2022. Searching on Shodan.io To nominate, please visit:?. Pierluigi Paganini.

Authentication

Authentication Cybersecurity Access Education

Security Affairs newsletter Round 369 by Pierluigi Paganini

Security Affairs

JUNE 12, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Security

Security Ransomware Cybersecurity Encryption

Three Nigerian men arrested in INTERPOL Operation Killer Bee

Security Affairs

MAY 30, 2022

Last week, the Interpol, the Nigeria Police Force, with the support of several cybersecurity companies (Group-IB, Palo Alto Networks Unit 42 and Trend Micro) has identified a 37-year-old Nigerian man that is believed to be one of the leaders of the SilverTerrier cybercrime group. To nominate, please visit:?. Pierluigi Paganini.

Cybersecurity

Cybersecurity Security Access IT

Internationa police operation led to the arrest of the SilverTerrier gang leader

Security Affairs

MAY 25, 2022

The Interpol, the Nigeria Police Force, with the support of several cybersecurity companies (Group-IB, Palo Alto Networks Unit 42 and Trend Micro) has identified a 37-year-old Nigerian man that is believed to be one of the leaders of the criminal organization. To nominate, please visit:?. Follow me on Twitter: @securityaffairs and Facebook.

Cybersecurity

Cybersecurity Phishing Security Government

Building cyber security careers

IT Governance

OCTOBER 21, 2021

The need for experienced and qualified cyber security professionals is a highlight of Cybersecurity Career Awareness Week , led by NICE (National Initiative for Cybersecurity Education). Information security is a broader category that protects all information assets, whether in hard copy or digital form.

Security

Security Information Security GDPR Data Privacy

Pwn2Own Vancouver 2022 D1: MS Teams exploits received $450,000

Security Affairs

MAY 19, 2022

This year, 17 contestants are attempting to exploit 21 targets across multiple categories. Pwn2Own Vancouver 2022 hacking contest has begun, it is the 15th edition of this important event organized by Trend Micro’s Zero Day Initiative (ZDI). The remaining exploits received a $40,000. To nominate, please visit:? link] .

Cybersecurity

Cybersecurity Security IT Information Security

Google announced its Mobile VRP (vulnerability rewards program)

Security Affairs

MAY 23, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog. We are in the final!

IT

IT Cloud Cybersecurity Security

Clipminer Botnet already allowed operators to make at least $1.7 Million

Security Affairs

JUNE 3, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Mining

Mining Archiving Cybersecurity Security

Experts warn of ransomware attacks against government organizations of small states

Security Affairs

MAY 31, 2022

Regardless, the global cybersecurity fraternity and policymakers must closely monitor ransomware gangs mobilizing their resources to strike at these nation’s foundations.” ” Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Pierluigi Paganini.

Ransomware

Ransomware Government Sales Cybersecurity

The Pwn2Own Vancouver 2022: Trend Micro and ZDI awarded $1,155,000

Security Affairs

MAY 22, 2022

This year, 17 contestants are attempted to exploit 21 targets across multiple categories and Trend Micro and ZDI awarded $1,155,000! Pwn2Own Vancouver 2022 hacking contest ended, it was the 15th edition of the important event organized by Trend Micro’s Zero Day Initiative (ZDI). They wan $270,000 and 27 points during the contest. link] .

Cybersecurity

Cybersecurity Security Access IT

Pro-Russian hacker group KillNet plans to attack Italy on May 30

Security Affairs

MAY 29, 2022

Stay tuned … Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. To nominate, please visit:?. Follow me on Twitter: @securityaffairs and Facebook.

Cybersecurity

Cybersecurity Risk Security Government

New DFSCoerce NTLM relay attack allows taking control over Windows domains

Security Affairs

JUNE 21, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Authentication

Authentication Cybersecurity Security IT

US man sentenced to 4 years in prison for his role in Infraud scheme

Security Affairs

MAY 29, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Sales

Sales Personal data Cybersecurity Security

Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability

Security Affairs

JUNE 13, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Government

Government Cybersecurity Security IT

Chaining Zoom bugs is possible to hack users in a chat by sending them a message

Security Affairs

MAY 25, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Security

Security Cybersecurity IT Information Security

Security Affairs newsletter Round 367 by Pierluigi Paganini

Security Affairs

MAY 29, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Security

Security Cybersecurity Ransomware Government

Unknown APT group is targeting Russian government entities

Security Affairs

MAY 25, 2022

.” Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. To nominate, please visit:?. Follow me on Twitter: @securityaffairs and Facebook.

Government

Government Phishing Archiving Cybersecurity

Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

Security Affairs

JUNE 6, 2022

According to Resecurity, such hacktivist campaigns typically have the goal to orchestrate certain information operations rather than a real cyber-attack that disrupts networks or the availability of critical resources. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Government

Government Cybersecurity IoT Security

Zyxel addresses four flaws affecting APs, AP controllers, and firewalls

Security Affairs

MAY 26, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Authentication

Authentication Access Cybersecurity Security

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Security Affairs

JUNE 6, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Phishing

Phishing Manufacturing Education Cybersecurity

Security Affairs newsletter Round 368 by Pierluigi Paganini

Security Affairs

JUNE 5, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Security

Security CMS Ransomware Cybersecurity

Microsoft shared workarounds for the Microsoft Office zero-day dubbed Follina

Security Affairs

MAY 31, 2022

” This week, the cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) The popular cybersecurity expert Kevin Beaumont, who named the bug Follina , published an analysis of the flaw. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Cybersecurity

Cybersecurity Security IT Access

New York Enacts Stricter Data Cybersecurity Laws

Data Matters

AUGUST 5, 2019

The law broadens the definition of “private information” which sets forth the information elements that, if breached, could trigger a notification obligation. More State Privacy and Cybersecurity Legal Developments on the Horizon. The law also allows affected New York residents to freeze their credit, free of charge.

Cybersecurity

Cybersecurity Data breaches Privacy Risk

China-linked TA413 group actively exploits Microsoft Follina zero-day flaw

Security Affairs

JUNE 1, 2022

This week, the cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Archiving

Archiving Cybersecurity Phishing Security

Android pre-installed apps are affected by high-severity vulnerabilities

Security Affairs

MAY 27, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Access

Access Security Cybersecurity IT

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Trending Sources

Italy announced its National Cybersecurity Strategy 2022/26

Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant

Distribute Cybersecurity Tasks with Diffusion of Responsibility in Mind

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

Multiple Microsoft Office versions impacted by an actively exploited zero-day

CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog

Black Basta ransomware now supports encrypting VMware ESXi servers

Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers

A new WhatsApp OTP scam could allow the hijacking of users’ accounts

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks

Reuters: Russia-linked APT behind Brexit leak website

LockBit ransomware attack impacted production in a Mexican Foxconn plant

A Report Template for Incident Response

Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club

Italian National Cybersecurity Perimeter: With great power comes great responsibility!

GitLab addressed critical account take over via SCIM email change

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Security Affairs newsletter Round 369 by Pierluigi Paganini

Three Nigerian men arrested in INTERPOL Operation Killer Bee

Internationa police operation led to the arrest of the SilverTerrier gang leader

Building cyber security careers

Pwn2Own Vancouver 2022 D1: MS Teams exploits received $450,000

Google announced its Mobile VRP (vulnerability rewards program)

Clipminer Botnet already allowed operators to make at least $1.7 Million

Experts warn of ransomware attacks against government organizations of small states

The Pwn2Own Vancouver 2022: Trend Micro and ZDI awarded $1,155,000

Pro-Russian hacker group KillNet plans to attack Italy on May 30

New DFSCoerce NTLM relay attack allows taking control over Windows domains

US man sentenced to 4 years in prison for his role in Infraud scheme

Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability

Chaining Zoom bugs is possible to hack users in a chat by sending them a message

Security Affairs newsletter Round 367 by Pierluigi Paganini

Unknown APT group is targeting Russian government entities

Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

Zyxel addresses four flaws affecting APs, AP controllers, and firewalls

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Security Affairs newsletter Round 368 by Pierluigi Paganini

Microsoft shared workarounds for the Microsoft Office zero-day dubbed Follina

New York Enacts Stricter Data Cybersecurity Laws

China-linked TA413 group actively exploits Microsoft Follina zero-day flaw

Android pre-installed apps are affected by high-severity vulnerabilities

Stay Connected