Krebs on Security

AUGUST 18, 2022

Scammers are using invoices sent through PayPal.com to trick recipients into calling a number to dispute a pending charge. The missives — which come from Paypal.com and include a link at Paypal.com that displays an invoice for the supposed transaction — state that the user’s account is about to be charged hundreds of dollars. Recipients who call the supplied toll-free number to contest the transaction are soon asked to download software that lets the scammers assume remote cont

Phishing 311

Phishing Access IT 311

Dark Reading

AUGUST 19, 2022

To lessen burnout and prioritize staff resiliency, put people in a position to succeed with staffwide cybersecurity training to help ease the burden on IT and security personnel.

IT 137

IT Cybersecurity Security 137

KnowBe4

AUGUST 18, 2022

Tailgating or piggybacking is an old but effective social engineering technique to gain physical access to restricted areas, according to Rahul Awati at TechTarget. Tailgating is when a bad actor simply follows an employee through a door that requires authentication.

Access 110

Access Authentication 110

Security Affairs

AUGUST 18, 2022

Google announced to have blocked the largest ever HTTPs DDoS attack, which reached 46 million requests per second (RPS). Google announced to have blocked the largest ever HTTPs DDoS attack that hit one of its Cloud Armor customers. The IT giant revealed that the attack reached 46 million requests per second (RPS). The attack took place on June 1st, at 09:45, it started with more than 10,000 requests per second (rps) and targeted a customer’s HTTP/S Load Balancer.

Cloud 133

Cloud IT Security Information Security 133

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

The Last Watchdog

AUGUST 15, 2022

The top ransomware gangs have become so relentless that it’s not unusual for two or more of them to attack the same company within a few days – or even a few hours. Related: How ‘IABs’ foster ransomware. And if an enterprise is under an active ransomware attack, or a series of attacks, that’s a pretty good indication several other gangs of hacking specialists came through earlier and paved the way.

Ransomware 195

Ransomware Systems administration Encryption Paper 195

Krebs on Security

AUGUST 16, 2022

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The missive alleged that an auction on the site for data stolen from 10 million customers of Mexico’s second-largest bank was fake news and harming the bank’s reputation. The administrator responded to this empty threat by purchasing the stolen banking data and leaking it on the forum for everyone to download.

Data breaches 244

Data breaches Sales Marketing Cybersecurity 244

eSecurity Planet

AUGUST 17, 2022

A new Linux kernel exploitation called Dirty Cred was revealed at last week’s Black Hat security conference. Zhenpeng Lin, a PhD student, and a team of researchers worked on an alternative approach to the infamous Dirty Pipe vulnerability that affected Linux kernel versions 8 and later. Dity Pipe is a major flaw that allows attackers to elevate least-privileged accounts to the maximum level (root) by exploiting the way the kernel uses pipes to pass data.

Access 141

Access Risk Security IT 141

The Last Watchdog

AUGUST 17, 2022

Network security is in dire straits. Security teams must defend an expanding attack surface, skilled IT professionals are scarce and threat actors are having a field day. Related: The role of attack surface management. That said, Managed Security Services Providers – MSSPs — are in a position to gallop to the rescue. MSSPs arrived on the scene 15 years ago to supply device security as a contracted service: antivirus, firewalls, email security and the like.

Compliance 196

Compliance Cybersecurity Risk Security 196

Data Breach Today

AUGUST 16, 2022

Darktrace Talks Follow Recent Thoma Bravo Moves to Buy SailPoint and Ping Identity Thoma Bravo is eyeing its third take-private security deal of 2022, initiating talks with Darktrace months after agreeing to buy SailPoint and Ping Identity. The cybersecurity AI firm says it's in early discussions with private equity giant Thoma Bravo on a possible cash offer for the business.

Cybersecurity 291

Cybersecurity Security IT 291

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Schneier on Security

AUGUST 18, 2022

The USB Rubber Ducky is getting better and better. Already, previous versions of the Rubber Ducky could carry out attacks like creating a fake Windows pop-up box to harvest a user’s login credentials or causing Chrome to send all saved passwords to an attacker’s webserver. But these attacks had to be carefully crafted for specific operating systems and software versions and lacked the flexibility to work across platforms.

Passwords 135

Passwords IT Cybersecurity 135

eSecurity Planet

AUGUST 19, 2022

Cyber attackers continue to up their game. One new tactic hackers have been using is to steal cookies from current or recent web sessions to bypass multi-factor authentication (MFA). The new attack method, reported by Sophos researchers yesterday, is already growing in use. The “cookie-stealing cybercrime spectrum” is broad, the researchers wrote, ranging from “entry-level criminals” to advanced adversaries, using various techniques.

Authentication 141

Authentication Passwords Encryption Cybersecurity 141

The Last Watchdog

AUGUST 19, 2022

The sunsetting of Virtual Private Networks is underway. Related: VPNs as a DIY tool for consumers, small businesses. VPNs are on a fast track to becoming obsolete, at least when it comes to defending enterprise networks. VPNs are being replaced by zero trust network access, or ZTNA. VPNs encrypt data streams and protect endpoints from unauthorized access, essentially by requiring all network communications to flow over a secured pipe.

Cloud 184

Cloud Encryption Communications Access 184

Data Breach Today

AUGUST 17, 2022

Identity, observability, log management and cloud security have been CrowdStrike's biggest areas of investment during 2022, says CTO Michael Sentonas. The company protects against the abuse of identities through a stand-alone capability embedded on the Falcon sensor.

Cloud 277

Cloud Security 277

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

KnowBe4

AUGUST 15, 2022

Cisco has disclosed a security incident that occurred as a result of sophisticated voice phishing attacks that targeted employees, according to researchers at Cisco Talos. The researchers believe the attack was carried out by an initial access broker with the intent of selling access to the compromised accounts to other threat actors.

Phishing 131

Phishing Access Security 131

eSecurity Planet

AUGUST 15, 2022

Continuous integration and development (CI/CD) pipelines are the most dangerous potential attack surface of the software supply chain , according to NCC researchers. The presentation at last week’s Black Hat security conference by NCC’s Iain Smart and Viktor Gazdag, titled “RCE-as-a-Service: Lessons Learned from 5 Years of Real-World CI/CD Pipeline Compromise,” builds on previous work NCC researchers have done on compromised CI/CD pipelines.

Risk 134

Risk Access Security Encryption 134

Security Affairs

AUGUST 18, 2022

Apple released Safari 15.6.1 for macOS Big Sur and Catalina to address a zero-day vulnerability actively exploited in the wild. Safari 15.6.1 for macOS Big Sur and Catalina addressed an actively exploited zero-day vulnerability tracked as CVE-2022-32893. The flaw is an out-of-bounds write issue in WebKit and the IT giant fixed it with improved bounds checking.

IT 116

IT Security Information Security 116

Data Breach Today

AUGUST 17, 2022

Infoblox has invested in shifting left in the cybersecurity kill chain with on-premises, cloud and hybrid versions of its BloxOne Threat Defense tools, which help security practitioners find and identify threats earlier and mitigate risks, says President and CEO Jesper Andersen.

Cloud 263

Cloud Cybersecurity Risk Security 263

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Hunton Privacy

AUGUST 15, 2022

On June 10, 2022, New York became the first state to require attorneys to complete at least one credit of cybersecurity, privacy and data protection training as part of their continuing legal education (“CLE”) requirements. The new requirement will take effect July 1, 2023. The New York State Bar Association’s (“NYSBA”) Committee on Technology and the Legal Profession initially recommended the new requirement in a 2020 report.

Cybersecurity 114

Cybersecurity Privacy Data Privacy Data breaches 114

Schneier on Security

AUGUST 17, 2022

This vulnerability was reported to Zoom last December: The exploit works by targeting the installer for the Zoom application, which needs to run with special user permissions in order to install or remove the main Zoom application from a computer. Though the installer requires a user to enter their password on first adding the application to the system, Wardle found that an auto-update function then continually ran in the background with superuser privileges.

Passwords 111

Passwords IT 111

Security Affairs

AUGUST 18, 2022

Apple addressed two zero-day vulnerabilities, exploited by threat actors, affecting iOS, iPadOS , and macOS devices. Apple this week released security updates for iOS, iPadOS , and macOS platforms to address two zero-day vulnerabilities exploited by threat actors. Apple did not share details about these attacks. The two flaws are: CVE-2022-32893 – An out-of-bounds issue in WebKit which.

Security 110

Security IT Information Security 110

Data Breach Today

AUGUST 16, 2022

Not the First Time Ineptitude - or Blatant Lying - Invalidates Criminals' Claims The Cl0p ransomware group has been attempting to extort Thames Water, a public utility in England. Just one problem: the group attacked an entirely different water provider. Through ineptitude or outright lying, this isn't the first time that a ransomware group has claimed the wrong victim.

Ransomware 259

Ransomware 259

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Dark Reading

AUGUST 17, 2022

Especially if your e-commerce and CMS platforms are integrated, you risk multiple potential sources of intrusion, and the integration points themselves may be vulnerable to attack.

CMS 104

CMS Security Risk 104

IT Governance

AUGUST 16, 2022

South Staffordshire Water has announced that it has fallen victim to a cyber attack. The criminal hackers claimed to have access to the organisation’s SCADA systems, which control industrial processes at treatment plants. “It would be easy to change chemical composition for their water but it is important to note we are not interested in causing harm to people,” the group said.

Ransomware 105

Ransomware Education Government Phishing 105

Security Affairs

AUGUST 19, 2022

Threat actors are using the Bumblebee loader to compromise Active Directory services as part of post-exploitation activities. The Cybereason Global Security Operations Center (GSOC) Team analyzed a cyberattack that involved the Bumblebee Loader and detailed how the attackers were able to compromise the entire network. Most Bumblebee infections started by users executing LNK files which use a system binary to load the malware.

Access 107

Access Archiving Phishing Passwords 107

Data Breach Today

AUGUST 18, 2022

Advisory Comes in Midst of Recent Cyber Incidents Involving Cloud Providers With healthcare sector entities increasingly transitioning to cloud-based applications, storage and various other third-party hosted services, they must be proactive in addressing a list of associated security risks, U.S. federal authorities urge. What are the top recommendations?

Cloud 255

Cloud Security Risk 255

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

Customer Experience

DLA Piper Privacy Matters

AUGUST 17, 2022

Mobile apps pervade all aspects of life in Mainland China, and in turn remain a high enforcement priority for data privacy regulators in China. For the past couple of years, operators of mobile apps in China have had to comply with over thirty additional, specific privacy compliance obligations (i.e. over and above those applicable to general websites).

Privacy 105

Privacy Risk Personal data Data collection 105

IT Governance

AUGUST 18, 2022

Internal audits are essential for maintaining ISO 27001 compliance. The requirements for writing an internal audit report are outlined in Clause 9.2 of the Standard. But how do ISO 27001 audits work, and why do you need to document the results? We explain everything you need to know in this blog, including our top tips for writing an ISO 27001 internal audit report.

Compliance 105

Compliance Government Information Security Security 105

Security Affairs

AUGUST 19, 2022

Cisco addressed a high-severity escalation of privilege vulnerability ( CVE-2022-20871 ) in AsyncOS for Cisco Secure Web Appliance. Cisco Secure Web Appliance (formerly Secure Web Appliance (WSA)) offers protection from malware and web-based attacks and provides application visibility and control. Cisco has addressed a high-severity escalation of privilege vulnerability, tracked as CVE-2022-20871 , that resides in the web management interface of AsyncOS for Cisco Secure Web Appliance.

Security 107

Security Authentication IT Information Security 107