Krebs on Security

JANUARY 19, 2022

If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year.

Access 285

Access Security Insurance Authentication 285

Dark Reading

JANUARY 18, 2022

VirusTotal can be used to collect large amounts of credentials without infecting an organization or buying them online, researchers found

114

114

Security Affairs

JANUARY 17, 2022

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems.

Ransomware 114

Ransomware Encryption Libraries Communications 114

The Last Watchdog

JANUARY 18, 2022

After a gloomy start with its first three breach intensive quarters, 2021 has finally ended, and on a positive note. Related: Cybersecurity experts reflect on 2021. This conclusion is derived from an analysis of data taken from our data breach detection tool, Surfshark Alert , which comprises publicly available breached data sets to inform our users of potential threats.

Data breaches 191

Data breaches Cybersecurity IT Security 191

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Ransomware

Krebs on Security

JANUARY 21, 2022

Authentication 238

Authentication Passwords Sales Security 238

Security Affairs

JANUARY 21, 2022

McAfee addressed a security flaw in its McAfee Agent software for Windows that allows running arbitrary code with SYSTEM privileges. McAfee (now Trellix) has addressed a high-severity vulnerability, tracked as CVE-2022-0166 , that resides in McAfee Agent software for Windows.

Cybersecurity 114

Cybersecurity IT Information Security Security 114

The Last Watchdog

JANUARY 17, 2022

A key CEO responsibility is reporting results that deliver on a company’s mission to shareholders. This reporting often requires a host of metrics that define success, like Annual Recurring Revenue and sales for software as a service (SaaS) companies. These are lagging indicators where the results follow behind the work required to achieve them. Related: Automating SecOps. Lagging indicators are separate from leading indicators that could include marketing leads, pipeline generation and demos.

B2B 153

B2B Sales Compliance Risk 153

eSecurity Planet

JANUARY 20, 2022

Incidents of malware targeting Linux-based Internet of Things (IoT) devices jumped by more than a third in 2021, with three malware families the primary drivers behind the increase.

IoT 103

IoT Cybersecurity Sales Communications 103

Dark Reading

JANUARY 19, 2022

Among them: Explainable artificial intelligence (XAI) will improve the ways humans and AI interact, plus expect a shift in how organizations fight ransomware

Artificial Intelligence 114

Artificial Intelligence Ransomware Cybersecurity 114

Advertiser: ZoomInfo

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

Sales

Security Affairs

JANUARY 21, 2022

Researchers have spotted China-linked APT41 cyberespionage group using a UEFI implant, dubbed MoonBounce, to maintain persistence. Kaspersky researchers spotted the China-linked APT41 cyberespionage group using a UEFI implant , dubbed MoonBounce, to maintain persistence.

Communications 113

Communications IT Cybersecurity Information Security 113

The Last Watchdog

JANUARY 20, 2022

Looking back, 2021 was a breakout year for ransomware around the globe, with ransoms spiking to unprecedented multi-million dollar amounts. Related: Colonial Pipeline attack ups ransomware ante. All this while Endpoint Detection and Response system (EDR) installations are at an all-time high. EDR systems are supposed to protect IT system endpoints against these very malware, ransomware, and other types of malicious code.

Ransomware 142

Ransomware Data breaches IT Privacy 142

eSecurity Planet

JANUARY 21, 2022

The U.S. government agency overseeing cybersecurity is urging the country’s businesses and other organizations to take the necessary steps to protect their networks from any spillover that might occur from the ongoing cyberattacks aimed at Ukraine government agencies and private companies.

Ransomware 102

Ransomware Cybersecurity Phishing Government 102

Dark Reading

JANUARY 19, 2022

No matter what cloud services you employ, you are still responsible for protecting the security of your data

Cloud 114

Cloud Cybersecurity Security 114

Advertisement

Explore the basics of Cadence and understand the benefits it can provide to your organization. This whitepaper will dive into a brief history of Cadence, how workflows can be put into practice, and how you can apply Cadence to your data infrastructure.

IT

Security Affairs

JANUARY 18, 2022

A new ransomware gang named White Rabbit appeared in the threat landscape, experts believe it is linked to the FIN8 hacking group. A new ransomware gang called ‘White Rabbit’ launched its operations and according to the experts, it is likely linked to the FIN8 financially motivated group.

Ransomware 113

Ransomware Encryption Passwords Information Security 113

WIRED Threat Level

JANUARY 19, 2022

Austria’s data regulator has found that the use of Google Analytics is a breach of GDPR. In the absence of a new EU-US data deal, other countries may follow. Security Security / Privacy

Analytics 103

Analytics GDPR Privacy Security 103

Schneier on Security

JANUARY 18, 2022

Rolling Stone is reporting that the UK government has hired the M&C Saatchi advertising agency to launch an anti-encryption advertising campaign. Presumably they’ll lean heavily on the “think of the children!”

Encryption 101

Encryption Government Security IT 101

Dark Reading

JANUARY 21, 2022

The acceleration of the digital transformation resulted in a surge of online transactions, greater adoption of digital payments, and increased fraud

Digital transformation 113

Digital transformation IT 113

Advertiser: Datadog

Understand how to solve cloud complexity challenges with threat detection tools, analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework with Datadog Security Monitoring.

Security

Security Affairs

JANUARY 16, 2022

Threat actors hacked the hot wallet of the NFT platform Lympo and managed to steal 165.2 Million LMT (worth $18.7 million). NFT and DeFi platforms are privileged targets for cybercriminals, and the NFT platform Lympo was the last platform in order of time to suffer a security breach.

Access 112

Access Cybersecurity IT Information Security 112

IT Governance

JANUARY 20, 2022

Welcome to our review of security incidents for 2021, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks.

Government 95

Government IT Data breaches Ransomware 95

Schneier on Security

JANUARY 21, 2022

China is mandating that athletes download and use a health and travel app when they attend the Winter Olympics next month. Citizen Lab examined the app and found it riddled with security holes.

Security 99

Security Data collection Government Encryption 99

Dark Reading

JANUARY 18, 2022

Consistent acquisition of key technologies and talent is a proven strategy for growth

Cybersecurity 114

Cybersecurity 114

Advertiser: ZoomInfo

Sourcing the right executive candidates and filling key managerial roles in an organization can be difficult, even in the best of times. Download this eBook to level up your discovery process, talent sourcing, and strategies for reaching your best-fit candidates.

Security Affairs

JANUARY 16, 2022

The European Union simulated a cyber attack on a fictitious Finnish power company to test its cyber-defense capabilities.

Government 112

Government Information Security IT Security 112

WIRED Threat Level

JANUARY 15, 2022

Plus: Open source sabotage, Ukrainian website hacks, and more of the week's top security news. Security Security / Security News

Security 94

Security 94

Schneier on Security

JANUARY 20, 2022

Last summer, the San Francisco police illegally used surveillance cameras at the George Floyd protests. The EFF is suing the police: This surveillance invaded the privacy of protesters, targeted people of color, and chills and deters participation and organizing for future protests.

Security 98

Security IT Access Privacy 98

Dark Reading

JANUARY 20, 2022

MoonBounce is the latest in a small but growing number of implants found hidden in a computer's Unified Extensible Firmware Interface (UEFI

112

112

Advertiser: Datadog

Run mission-critical applications on serverless without sacrificing visibility.

Security Affairs

JANUARY 17, 2022

Researchers discovered a high-severity vulnerability in three different WordPress plugins that impact over 84,000 websites. Researchers from WordPress security company Wordfence discovered a high-severity vulnerability that affects three different WordPress plugins that impact over 84,000 websites.

Authentication 111

Authentication Information Security IT Security 111

OpenText Information Management

JANUARY 18, 2022

Introduction Welcome to the January 2020 edition of OpenText’s E-Invoicing Regulation update. We wish all of our clients a very happy and prosperous New Year for 2022!

Compliance 90

Compliance 90

Schneier on Security

JANUARY 19, 2022

Over the past few weeks, I’ve seen a bunch of writing about what seems to be fake COVID-19 testing sites. They take your name and info, and do a nose swab, but you never get test results.

Insurance 96

Insurance Security Marketing Data collection 96