Expert insights. Personalized for you.
Software Vendor's Infrastructure Penetrated by September 2019 Investigators probing the supply-chain attack that hit SolarWinds say attackers successfully hacked the company's Microsoft Visual Studio development tools to add a backdoor into Orion network-monitoring security software builds. MORE
193 
Researchers: OSAMiner Uses Run-Only AppleScripts for Obfuscation Sentinel Labs researchers have identified an updated version of the cryptominer OSAMiner that targets the macOS operating system to mine for monero. The latest iteration uses new techniques to help prevent detection by security tools MORE
New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company’s software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers. MORE
SWIFT's Guy Sheppard on the Challenges of Using AI to Enhance Security Many companies claim to be successfully using artificial intelligence for security, but the use cases are still not convincing because the technology is incapable of detecting unknown malware, says Guy Sheppard of SWIFT MORE
Researchers informed organization of a flaw that exposed GitHub credentials through the organization’s vulnerability disclosure program. Breach Government Hacks MORE
It's past time to begin charting insider risk indicators that identify risky behavior and stop it in its tracks MORE
Linking security budgets to breach-protection outcomes helps executives balance spending against risk and earns CISOs greater respect in the C-suite MORE
Terabytes of Videos, Images and Posts From Conservative Social Media Site Saved Terabytes' worth of posts, images and videos from conservative social media site Parler have been forcibly obtained by security researchers, who have archived the material for investigators in the wake of the violent riot at the U.S. Capitol. MORE
Demand for secure remote access has skyrocketed during the pandemic. Here Omdia profiles more secure alternatives to virtual private network (VPN) technology MORE
The “free speech” social network also allowed unlimited access to every public post, image, and video. Security Security / Privacy MORE
Capcom, the game developer behind Resident Evil, Street Fighter and Dark Stalkers, now says its recent attack compromised the personal data of up to 400,000 gamers. Breach Hacks Malware Web Security MORE
The world’s largest black marketplace on the dark web, DarkMarket, has been taken offline by law enforcement in an international operation. . MORE
Cyber security risk assessments are essential for organisations to protect themselves from malicious attacks and data breaches. After all, it’s only once you’re aware of the ways you’re vulnerable that you can put appropriate defences in place. But what exactly does a risk assessment do? MORE
Security firm Bitdefender released a tool that allows victims of the Darkside ransomware to recover their files without paying the ransom. Good news for the victims of the Darkside ransomware , they could recover their files for free using a tool that was released by the security firm Bitdefender. MORE
5 Data Security Firms Announce Acquisitions The new year has kicked off with a flurry of data security company acquisition activity; five deals have already been announced. MORE
Microsoft today released updates to plug more than 80 security holes in its Windows operating systems and other software, including one that is actively being exploited and another which was disclosed prior to today. MORE
Cybersecurity firm CrowdStrike announced to have discovered a third malware strain, named Sunspot , directly involved in the SolarWinds supply chain attack. MORE
Security researchers have disclosed a vulnerability they exploited to access more than 100,000 private employee records MORE
The European Medicines Agency (EMA) revealed that some of the Pfizer/BioNTech COVID-19 vaccine data were stolen from its servers. In December, a cyber attack hit the European Medicines Agency (EMA). MORE
Microsoft patched 83 bugs, including a Microsoft Defender zero-day and one publicly known elevation of privilege flaw MORE
Google Project Zero researchers uncovered a sophisticated hacking campaign that targeted Windows and Android users. The Google Project Zero team has recently launched an initiative aimed at devising new techniques to detect 0-day exploits employed in attacks in the wild. MORE
This is a clever side-channel attack: The cloning works by using a hot air gun and a scalpel to remove the plastic key casing and expose the NXP A700X chip , which acts as a secure element that stores the cryptographic secrets. MORE
A third piece of malware is uncovered, but there's still plenty of unknowns about the epic attacks purportedly out of Russia MORE
Data Breach Today
JANUARY 12, 2021
SWIFT's Guy Sheppard on the Challenges of Using AI to Enhance Security Many companies claim to be successfully using artificial intelligence for security, but the use cases are still not convincing because the technology is incapable of detecting unknown malware, says Guy Sheppard of SWIFT
Krebs on Security
JANUARY 12, 2021
New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company’s software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Krebs on Security
JANUARY 12, 2021
Microsoft today released updates to plug more than 80 security holes in its Windows operating systems and other software, including one that is actively being exploited and another which was disclosed prior to today.
Advertisement
In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.
Data Breach Today
JANUARY 12, 2021
Software Vendor's Infrastructure Penetrated by September 2019 Investigators probing the supply-chain attack that hit SolarWinds say attackers successfully hacked the company's Microsoft Visual Studio development tools to add a backdoor into Orion network-monitoring security software builds.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JANUARY 12, 2021
Terabytes of Videos, Images and Posts From Conservative Social Media Site Saved Terabytes' worth of posts, images and videos from conservative social media site Parler have been forcibly obtained by security researchers, who have archived the material for investigators in the wake of the violent riot at the U.S. Capitol.
Dark Reading
JANUARY 12, 2021
A third piece of malware is uncovered, but there's still plenty of unknowns about the epic attacks purportedly out of Russia
Data Breach Today
JANUARY 12, 2021
International Law Enforcement Effort Leads to Arrest of Alleged Operator A global law enforcement operation has taken down DarkMarket, which Europol describes as the world's largest underground marketplace of illegal goods on the dark web.
Security Affairs
JANUARY 12, 2021
Cybersecurity firm CrowdStrike announced to have discovered a third malware strain, named Sunspot , directly involved in the SolarWinds supply chain attack.
Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit
You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. But how do you monitor your new program? Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.
Data Breach Today
JANUARY 12, 2021
Researchers: OSAMiner Uses Run-Only AppleScripts for Obfuscation Sentinel Labs researchers have identified an updated version of the cryptominer OSAMiner that targets the macOS operating system to mine for monero. The latest iteration uses new techniques to help prevent detection by security tools
Security Affairs
JANUARY 12, 2021
Security firm Bitdefender released a tool that allows victims of the Darkside ransomware to recover their files without paying the ransom. Good news for the victims of the Darkside ransomware , they could recover their files for free using a tool that was released by the security firm Bitdefender.
Data Breach Today
JANUARY 12, 2021
5 Data Security Firms Announce Acquisitions The new year has kicked off with a flurry of data security company acquisition activity; five deals have already been announced.
Security Affairs
JANUARY 12, 2021
Google Project Zero researchers uncovered a sophisticated hacking campaign that targeted Windows and Android users. The Google Project Zero team has recently launched an initiative aimed at devising new techniques to detect 0-day exploits employed in attacks in the wild.
Advertiser: Amplitude
As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.
Dark Reading
JANUARY 12, 2021
It's past time to begin charting insider risk indicators that identify risky behavior and stop it in its tracks
Security Affairs
JANUARY 12, 2021
The world’s largest black marketplace on the dark web, DarkMarket, has been taken offline by law enforcement in an international operation. .
Dark Reading
JANUARY 12, 2021
Security researchers have disclosed a vulnerability they exploited to access more than 100,000 private employee records
Security Affairs
JANUARY 12, 2021
The European Medicines Agency (EMA) revealed that some of the Pfizer/BioNTech COVID-19 vaccine data were stolen from its servers. In December, a cyber attack hit the European Medicines Agency (EMA).
Advertiser: UserTesting
Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.
Dark Reading
JANUARY 12, 2021
Microsoft patched 83 bugs, including a Microsoft Defender zero-day and one publicly known elevation of privilege flaw
Threatpost
JANUARY 12, 2021
Researchers informed organization of a flaw that exposed GitHub credentials through the organization’s vulnerability disclosure program. Breach Government Hacks
Dark Reading
JANUARY 12, 2021
Linking security budgets to breach-protection outcomes helps executives balance spending against risk and earns CISOs greater respect in the C-suite
Threatpost
JANUARY 12, 2021
The first Patch Tuesday security bulletin for 2021 from Microsoft includes fixes for one bug under active attack, possibly linked to the massive SolarWinds hacks. Vulnerabilities
Advertiser: ZoomInfo
Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!
Dark Reading
JANUARY 12, 2021
Companies continue to value security operations centers but the economics are increasingly challenging, with high analyst turnover and questions raised over return on investment
Threatpost
JANUARY 12, 2021
A sophisticated threat actor has hijacked email security connections to spy on targets. Hacks Web Security
Schneier on Security
JANUARY 12, 2021
This is a clever side-channel attack: The cloning works by using a hot air gun and a scalpel to remove the plastic key casing and expose the NXP A700X chip , which acts as a secure element that stores the cryptographic secrets.
Threatpost
JANUARY 12, 2021
Capcom, the game developer behind Resident Evil, Street Fighter and Dark Stalkers, now says its recent attack compromised the personal data of up to 400,000 gamers. Breach Hacks Malware Web Security
Advertiser: Amplitude
Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.
Dark Reading
JANUARY 12, 2021
Demand for secure remote access has skyrocketed during the pandemic. Here Omdia profiles more secure alternatives to virtual private network (VPN) technology
IG Guru
JANUARY 12, 2021
Check out the article here. Registration required. The post 15 leadership certificate programs to boost your career via CIO.com appeared first on IG GURU. Education Certificates Leadership
IT Governance
JANUARY 12, 2021
Cyber security risk assessments are essential for organisations to protect themselves from malicious attacks and data breaches. After all, it’s only once you’re aware of the ways you’re vulnerable that you can put appropriate defences in place. But what exactly does a risk assessment do?
Let's personalize your content