Sat.Sep 10, 2022 - Fri.Sep 16, 2022

Assessing the Security Risks of Emerging Tech in Healthcare

Data Breach Today

Federal Authorities Urge Healthcare Sector Entities to Take Caution A host of emerging technologies - including artificial intelligence, 5G cellular, quantum computing, nanomedicine and smart hospitals - offer the potential to revolutionize healthcare, but organizations must carefully evaluate the security risks, federal authorities warn.

To Ease the Cybersecurity Worker Shortage, Broaden the Candidate Pipeline

Dark Reading

With enough passion, intelligence, and effort, anyone can be a successful cybersecurity professional, regardless of education or background

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Unconventional Security Awareness Advice

KnowBe4

October is Cybersecurity Awareness Month, and you are undoubtedly being bombarded with some fantastic advice on how to stay cyber safe. Security Awareness Training Cybersecurity Awareness Month

Say Hello to Crazy Thin ‘Deep Insert’ ATM Skimmers

Krebs on Security

A number of financial institutions in and around New York City are dealing with a rash of super-thin “deep insert” skimming devices designed to fit inside the mouth of an ATM’s card acceptance slot.

Modernizing Workloads with the Cloud: How to Improve Performance & Reduce Costs

In this eBook, you’ll learn how to migrate workloads to Azure and optimize performance for your serverless and containerized applications in Azure.

Google announced the completion of the acquisition of Mandiant for $5.4 billion

Security Affairs

Google completed the acquisition of the threat intelligence firm Mandiant, the IT giant will pay $5.4 billion. Google announced the completion of the $5.4 billion acquisition of threat intelligence firm Mandiant. The acquisition was announced in March 2022 by both companies: “ RESTON, Va.,

Cloud 113

More Trending

Massive Data Breach at Uber

Schneier on Security

It’s big : The breach appeared to have compromised many of Uber’s internal systems, and a person claiming responsibility for the hack sent images of email, cloud storage and code repositories to cybersecurity researchers and The New York Times.

Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday

Krebs on Security

This month’s Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm.

North Korea-linked APT spreads tainted versions of PuTTY via WhatsApp

Security Affairs

North Korea-linked threat actor UNC4034 is spreading tainted versions of the PuTTY SSH and Telnet client. In July 2022, Mandiant identified a novel spear phish methodology that was employed by North Korea-linked threat actor UNC4034.

Latest Lazarus Campaign Targets Energy Companies

Data Breach Today

Log4Shell Vulnerability on VMWare Horizon Servers Exploited The Lazarus Group, a North Korean advanced persistent threat gang, recently targeted energy companies in Canada, the U.S.

Prioritizing Customer Experience Using SLIs & SLOs: A Case Study from The Telegraph

Service Level Indicators (SLIs) and Service Level Objectives (SLOs) are a key pillar of Site Reliability Engineering (SRE) and are the principal tool for eliminating needless alerts and focusing on what really matters to the business.

Clearing Up the Confusion between Document Management Systems and Digital Preservation Systems

Preservica

To celebrate this year's Electronic Records Day on October 10th, guest authors Pari Swift, Jacqueline Johnson, and the Ohio Records Committee share their thoughts on the key differences between document management systems and digital preservation systems in this blog post.

Business Application Compromise & the Evolving Art of Social Engineering

Dark Reading

Be wary of being pestered into making a bad decision. As digital applications proliferate, educating users against social engineering attempts is a key part of a strong defense

Uber hacked, internal systems and confidential documents were allegedly compromised

Security Affairs

Uber on Thursday disclosed a security breach, threat actors gained access to its network, and stole internal documents. Uber on Thursday suffered a cyberattack, the attackers were able to penetrate its internal network and access internal documents, including vulnerability reports.

Access 109

FBI Warns of Cyberthreats to Legacy Medical Devices

Data Breach Today

Bureau Is Latest Federal Agency to Address Long-Standing, Growing Problem The FBI is the latest federal agency warning healthcare sector entities of cyberattack threats to medical devices, especially unpatched and outdated products, recommending that organizations take steps to identify vulnerabilities and "actively secure" the gear.

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

Uber security breach 'looks bad', caused by social engineering

KnowBe4

It was all over the news, but ZDNet's Eileen Yu was one of the first. -- "Hacker is believed to have breached Uber's entire network in a social engineering attack, which one security vendor says is more extensive than the company's 2016 global data breach and access logs potentially altered.".

TeamTNT Hits 150K Docker Containers via Malicious Cloud Images

Dark Reading

Honeypot activity exposed two credentials that the threat actor is using to host and distribute malicious container images, security vendor says

Apple fixed the eighth actively exploited zero-day this year

Security Affairs

Apple has addressed the eighth zero-day vulnerability that is actively exploited in attacks against iPhones and Macs since January. Apple has released security updates to fix a zero-day vulnerability, tracked as CVE-2022-32917, which is actively exploited in attacks against iPhone and Mac devices.

Global Open Internet Under Chinese Threat, U.S. Lawmakers Hear

Data Breach Today

The specter of Chinese data collection on U.S. citizens hung over Capitol Hill in a pair of hearings as lawmakers asked whether an open internet can survive challenges such as Beijing hacking and TikTok. An executive for the short form video app made a rare appearance before a Senate committee

Understanding Cadence Workflow for Developers and Architects

Explore the basics of Cadence and understand the benefits it can provide to your organization. This whitepaper will dive into a brief history of Cadence, how workflows can be put into practice, and how you can apply Cadence to your data infrastructure.

Information Security vs Cyber Security: The Difference

IT Governance

You’ll often see the terms cyber security and information security used interchangeably. That’s because, in their most basic forms, they refer to the same thing: the confidentiality, integrity and availability of information.

Malware on Pirated Content Sites a Major WFH Risk for Enterprises

Dark Reading

Malware-laced ads are hauling in tens of millions of dollars in revenue for operators of pirated-content sites — posing a real risk to enterprises from remote employees

Risk 93

US Treasury sanctioned Iran ’s Ministry of Intelligence over Albania cyberattack

Security Affairs

The U.S. Treasury Department sanctioned Iran ‘s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the Albania cyberattack. The U.S.

Microsoft Fixes Actively Exploited Zero-Day, 63 Other Bugs

Data Breach Today

Patch Tuesday Notification Includes Fixes for 5 Critical Vulnerabilities Microsoft issued a patch for an actively exploited zero-day flaw in its latest Patch Tuesday security patch dump. The flaw allows hackers to elevate their system privileges.

Detect and Respond to Threats Across Your Applications, Networks, and Infrastructure

Understand how to solve cloud complexity challenges with threat detection tools, analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework with Datadog Security Monitoring.

IT Governance Podcast Episode 8: Twitter, Instagram, InterContinental and Cloud security

IT Governance

This week, we discuss allegations of data security failures at Twitter, a €405 million fine for Instagram, a cyber attack on InterContinental Hotels Group, and why Cloud security is so important. Now available on Spotify , Amazon Music , Apple Podcasts and SoundCloud.

Hacker Pwns Uber Via Compromised VPN Account

Dark Reading

A teen hacker reportedly social-engineered an Uber employee to hand over an MFA code to unlock the corporate VPN, before burrowing deep into Uber's cloud and code repositories

Cloud 92

Scammers live-streamed on YouTube a fake Apple crypto event

Security Affairs

Scammers live-streamed on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens of thousands of users viewed it. Cybercriminals were live-streaming on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens of thousands of users viewed it.

Sound Off: How Is SoftPOS Changing the Payments Landscape?

Data Breach Today

PCI Expert Troy Leach Sounds Off on SoftPOS and the 'Renaissance of Payments' Software point of sale or SoftPOS is a groundbreaking technology that allows businesses to accept card payments directly on their devices without requiring any additional software.

Sales 203

The Ultimate Guide to Executive Recruiting

Sourcing the right executive candidates and filling key managerial roles in an organization can be difficult, even in the best of times. Download this eBook to level up your discovery process, talent sourcing, and strategies for reaching your best-fit candidates.

How to stay ahead of ever-evolving data privacy regulations

IBM Big Data Hub

Enterprises are dealing with a barrage of upcoming regulations concerning data privacy and data protection, not only at the state and federal level in the US, but also in a dizzying number of jurisdictions around the world.

Attackers Can Compromise Most Cloud Data in Just 3 Steps

Dark Reading

An analysis of cloud services finds that known vulnerabilities typically open the door for attackers, while insecure cloud architectures allow them to gain access to the crown jewels

IHG suffered a cyberattack that severely impacted its booking process

Security Affairs

InterContinental Hotels Group PLC (IHG) discloses a security breach, parts of its IT infrastructure has been subject to unauthorised activity.

IT 101