Sat.Oct 16, 2021 - Fri.Oct 22, 2021

Diversity, Equity and Inclusion Challenges in Cybersecurity

Data Breach Today

GUEST ESSAY: Silence on the front lines of strategic cyber assaults belies heightening tensions

The Last Watchdog

First released in the late 1920s, the novel “All Quiet on the Western Front” was publicly burned, banned, derided and censored for its “anti-war” and “unpatriotic” messages. Set in the final weeks of World War 1, the story swings heavily on the contrast between false security and the realities of war. Related: We’re in the golden era of cyber espionage. Today, we are talking about a different war dynamically morphing between a physical war and cyber war. President Joe Biden just told U.S.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The Simmering Cybersecurity Risk of Employee Burnout

Dark Reading

Why understanding human behavior is essential to building resilient security systems

Risk 111

Problems with Multifactor Authentication

Schneier on Security

Roger Grimes on why multifactor authentication isn’t a panacea : The first time I heard of this issue was from a Midwest CEO. His organization had been hit by ransomware to the tune of $10M. Operationally, they were still recovering nearly a year later.

Your Guide to Using Conversational Marketing to Drive Demand Generation

What is conversational marketing really about? This guide will examine the market forces at play, shifting buyer trends, how to leverage conversation marketing, and the tactics involved in adopting it for a B2B demand generation strategy.

Ransomware: Average Ransom Payment Stays Steady at $140,000

Data Breach Today

Big Game Hunting Is Out and 'Mid Game Hunting' Is In, Coveware Warns When a business, government agency or other organization hit by ransomware opted to pay a ransom to its attacker in Q3, the average payment was $140,000, reports ransomware incident response firm Coveware.

More Trending

What Squid Game Teaches Us About Cybersecurity

Dark Reading

When life inside the security operations center feels treacherous, here are some suggestions for getting out alive

Experts hacked a fully patched iOS 15 running on iPhone 13 at China’s Tianfu Cup hacking contest

Security Affairs

White hat hackers earned $1.88 million at the Tianfu Cup hacking contest by finding vulnerabilities in popular software. The Tianfu Cup is the most important hacking contest held in China, this year white hat hackers earned $1.88 Million on a total bonus of up to $1.5

CISA Leader Backs 24-Hour Timeline for Incident Reporting

Data Breach Today

Executive Director Wales Cites Colonial Pipeline's Rapid Notification to Customers A top leader of the U.S.

GUEST ESSAY: What everyone can — and should — do to mark Cybersecurity Awareness Month

The Last Watchdog

With new technological advancements comes a need for heightened security measures. Plenty of criminals are searching for vulnerabilities in networks, so it shouldn’t come as a surprise that cybersecurity issues have become more prevalent. Related: President Biden issues cybersecurity executive order. For the past 17 years, October has been designated as National Cybersecurity Awareness Month (NCSAM) to focus much needed attention on cybersecurity.

The Modern Software Checklist: The Secret to Understanding Your Data Security Needs

Understanding your data security needs is tough enough, but what can be even more difficult is choosing the right software to fit your company. This checklist will help you evaluate the scope of services offered by various encryption solutions on the market.

'TodayZoo' Phishing Kit Cobbled Together From Other Malware

Dark Reading

Microsoft's analysis of a recent phishing attack shows how cybercriminals are mixing and matching to efficiently develop their attack frameworks

Nation-State Attacker of Telecommunications Networks

Schneier on Security

Someone has been hacking telecommunications networks around the world: LightBasin (aka UNC1945) is an activity cluster that has been consistently targeting the telecommunications sector at a global scale since at least 2016, leveraging custom tools and an in-depth knowledge of telecommunications network architectures.

Thingiverse Breach: 50,000 3D Printers Could Have Been Hijacked

Data Breach Today

OAuth Tokens Exposed But Now Have Been Revoked A former employee of MakerBot says a data breach affecting that company's Thingiverse 3D printing repository website is far more expansive than what the company is acknowledging.

Pwned - The Collected Blog Posts of Troy Hunt (Preview)

Troy Hunt

We choose this photo for the cover because this was when it all started. 18-year old Troy, having just discovered the web in early 1995 and chomping at the bit to do something with it.

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

7 Ways to Lock Down Enterprise Printers

Dark Reading

Following the PrintNightmare case, printer security has become a hot issue for security teams. Here are seven ways to keep printers secure on enterprise networks

National AI Strategy: The UK Government Publishes Its Artificial Intelligence Strategy for the Next Decade

Data Matters

On 22 September 2021, the UK Government (the “ Government ”) published its Artificial Intelligence (“ AI ”) strategy.

Hacker Claims Details of 45 Million Argentinians Stolen

Data Breach Today

@AnibalLeaks Says Entire Database for Sale on Hacking Forum A cybercriminal known as cfk on popular hacking forums and @AnibalLeaks on Twitter claims to have stolen a database consisting of 45 million records of Argentina's National Registry of Persons, or ReNaPer.

Sales 236

Top Open Source Security Tools

eSecurity Planet

Over the past quarter of a century, the open source movement has gone from strength to strength. But that success and the openness inherent in the community have led to a major challenge – security. The more software that is developed, the greater the likelihood there is for vulnerabilities.

LinkedIn + ZoomInfo Recruiter: Better Data for Better Candidates

Check out our latest ebook for a guide to the in-depth, wide-ranging candidate and company data offered by ZoomInfo Recruiter — and make your next round of candidate searches faster, more efficient, and ultimately more successful.

Damages Escalate Rapidly in Multiparty Data Breaches

Dark Reading

Analysis of the top-50 multiparty attacks over the past decade finds that nation-state-linked hackers focused on disruption and using stolen credentials cause the most damage

Using Machine Learning to Guess PINs from Video

Schneier on Security

Researchers trained a machine-learning system on videos of people typing their PINs into ATMs: By using three tries, which is typically the maximum allowed number of attempts before the card is withheld, the researchers reconstructed the correct sequence for 5-digit PINs 30% of the time, and reached 41% for 4-digit PINs.

IT 93

More Attempted Cyberattacks on Israeli Healthcare Entities

Data Breach Today

Groove ransomware group calls on other ransomware gangs to hit US public sector

Security Affairs

Groove ransomware operators call on other ransomware groups to stop competing and join the forces to fight against the US.

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

Macs Still Targeted Mostly With Adware, Less With Malware

Dark Reading

The top 10 categories of digital threats on macOS are all adware programs, with only a sliver of the share of victims affected by actual malware, according to an IT management firm

IT 103

Ransomware Attacks against Water Treatment Plants

Schneier on Security

According to a report from CISA last week, there were three ransomware attacks against water treatment plants last year. WWS Sector cyber intrusions from 2019 to early 2021 include: In August 2021, malicious cyber actors used Ghost variant ransomware against a California-based WWS facility.

Pandemic Plus Ransomware Is 'Perfect Storm' for Healthcare

Data Breach Today

Disturbing findings from a recent study examining the impact of ransomware attacks on patient care must serve as a wake-up call for the healthcare sector to intensify its preparedness to deal with such incidents, say Larry Ponemon of research firm Ponemon Institute and Ed Gaudet of risk management firm Censinet.

YouTube creators’ accounts hijacked with cookie-stealing malware

Security Affairs

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019.

A Recruiter’s Guide To Hiring In 2021

With vaccination rates rising, consumers spending more money, and people returning to offices, the job market is going through a period of unprecedented adjustment. As the New York Times observed, “It’s a weird moment for the American economy.” And recruiting professionals are caught in the middle. To make the most of this disruption, you need to understand the economic drivers, develop a strong strategy for unearthing valuable talent, and use the latest tech tools to get the job done. Read this guide to get your recruiting practice ready to thrive in the new normal.

Deepfake Audio Scores $35M in Corporate Heist

Dark Reading

A combination of business email compromise and deepfake audio led a branch manager to transfer millions to scammers, in a case that serves as a warning to organizations

92

Hackers Keep Targeting the US Water Supply

WIRED Threat Level

Plus: The biggest Twitch hack, an iOS zero day, and more of the week's top security news. Security Security / Security News

Sinclair TV Stations Targeted in Weekend Ransomware Attack

Data Breach Today

Media Giant Reports Broadcast Outages Nationwide; Investigation is Ongoing Sinclair Broadcast Group, Inc., which owns or operates 186 television stations across 87 U.S. markets, has been hit with a ransomware attack that has disrupted operations.