Expert insights. Personalized for you.
Keeping IoT safe in the future will require securing the networks themselves. Focusing on the devices is a never-ending battle that will only become more burdensome MORE
Sweden is banning Chinese tech giant Huawei and ZTE from building new 5G wireless networks due to national security concerns. Another state, Sweden, announced the ban of Chinese tech companies Huawei and ZTE from building its 5G network infrastructure. MORE
But here's how the company can get its act together in time for 2020 Facebook's Ex-CSO Says That Ship Has Sailed; Look to 2020 With less than three months to go until the U.S. midterm elections, Alex Stamos, until recently Facebooks's CSO, says there isn't time to properly safeguard this year's elections. MORE
As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. MORE
Britain’s most senior cyber general declared that the UK has implemented an advanced offensive cyberwar capability that could destroy its enemies. Sanders explained that its cyber army was supported by the GCHQ intelligence agency to deliver offensive cyber capabilities. MORE
Smartwatch and wearable device maker Garmin had to shut down some of its connected services and call centers following a ransomware attack. The outage also impacted the company call centers, making it impossible for the company to provide information to its users. MORE
The OpenSSL Project disclosed a serious security vulnerability in TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The post OpenSSL is affected by a ‘High Severity’ security flaw, update it now appeared first on Security Affairs. MORE
In an interview, Al Pascual of Javelin Strategy & Research, discusses the challenges involved in securing the exploding IoT landscape consumers now own about 870 million IoT devices. MORE
Group-IB Finds Hacking Group Attacked Hundreds of Checkout Sites A cybercriminal gang dubbed "UltraRank" that has planted malicious JavaScript code in hundreds of e-commerce websites around the world over the last five years to steal payment card data also takes the unusual step of selling the data on its own, the security firm Group-IB reports. MORE
The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. In recent attacks, the group was observed deploying the Clop ransomware into the networks of its victims. MORE
Security Experts Say Proposal Amounts to a 'Down Payment' President-elect Joe Biden's $1.9 trillion plan for COVID-19 relief includes nearly $10 billion in cybersecurity and IT spending. Some security experts hope the amount as just a "down payment" toward a broader effort MORE
Apparent Ransomware Attack Has National Impact A security incident that apparently involved ransomware has crippled the network of Universal Health Services, which owns hundreds of facilities across the U.S. MORE
The hosts with the outdated version were exposing travel portals implemented by Apple to its employees. Even if the outdated versions were affected by security flaws, the experts pointed out that Apple was using WAF to mitigate the attacks against its applications. MORE
Information security is vital, of course. But the concept of "IT security" has never made sense MORE
Security Experts Offer Risk Mitigation Tips With the massive shift to telework as a result of the COVID-19 pandemic, shadow IT is becoming a more critical security issue around the world. Security experts offer tips on mitigating the risks involved MORE
The Hacker News reported in exclusive that the security firm SonicWall was hacked as a result of a coordinated attack on its internal systems. TheHackerNews revealed in an exclusive that the security provider SonicWall was hacked on Friday. and Secure Mobile Access ( SMA ). MORE
The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. ” said Nathaniel Gleicher, Head of Security Policy at Facebook, and Mike Dvilyanski, Cyber Threat Intelligence Manager. MORE
Security researchers have uncovered a new technique to inject a software skimmer onto checkout pages, the malware hides in social media buttons. Security experts at Sansec have detailed a new technique used by crooks to inject a software skimmer into checkout pages. MORE
Company Says Certain VPNs and Gateways Affected By 'Coordinated Attack' Security vendor SonicWall is investigating what the company calls a "coordinated attack" against its internal network by threat actors using a zero-day exploit within the company's remote access products. MORE
How a rocky relationship between IT operations and cybersecurity teams can compound security risks MORE
Jay Heiser of Gartner Says the Cloud Demands New Security Processes, Tools The transition to cloud-based software and infrastructure has revolutionized development and services. It's also created a bevy of new security challenges. Jay Heiser of Gartner says if organizations don't get cloud security right, it's their own fault. MORE
Organizations that focus on optimizing their tools, cutting down on tool sprawl, and taking a strategic approach to transitioning to the cloud are poised for success MORE
Every week the best security articles from Security Affairs free for you in your email box. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. The post Security Affairs newsletter Round 298 appeared first on Security Affairs. MORE
Security validation enables companies to continuously measure, manage and improve their cyber security effectiveness on an ongoing basis. MORE
But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. As a career chief privacy officer for different organizations, Dennis Dayman has tried to instill in his twin boys the importance of securing their online identities against account takeovers. MORE
Curiously the announcement comes a few days after the company has updated its Privacy Policy and Terms of Service. ,, “Respect for your privacy is coded into our DNA,” states WhatsApp’s privacy policy. MORE
Senator Wyden Releases 2017 Report That Blames Lack of Security for Leaks An internal CIA report released Tuesday found that the agency's failure to secure its own systems led to the massive 2017 data breach that enabled classified information, including details on 35 CIA hacking tools, to be leaked to WikiLeaks MORE
ForeScout's Ellen Sundra on Security Priorities and Challenges It's relatively easy to list an enterprise's cybersecurity priorities for 2020. But who owns them? What are the hurdles to completing these projects? These can be tougher questions to answer, says Ellen Sundra of ForeScout MORE
Security Security / National SecurityWednesday's insurrection could have exposed congressional data and devices in ways that have yet to be appreciated. MORE
Happy BirthDay Security Affairs! I launched Security Affairs for passion in November 2011 and since then the blog read by millions of readers. The interest in cyber security has surged in the last years, cyber security plays a crucial role in modern society. MORE
Company networks have evolved rather spectacularly in just 20 years along a couple of distinct tracks: connectivity and security. Related: The shared burden of securing the Internet of Things. Security, meanwhile, has morphed into a glut of point solutions that mostly serve to highlight the myriad gaps in an ever-expanding attack surface. It’s called Secure Access Service Edge, or SASE , as coined by research firm Gartner. MORE
While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. “SUPERNOVA differs dramatically in that it takes a valid.NET program as a parameter. MORE
Cloud Security InfoSec Insider Mobile Security Vulnerabilities Web Security chromebooks COVID-19 Cyberattacks hank schless infosec insider Lookout mobile endpoint security Mobile security Pandemic remote learning remote work security risks Vishing MORE
Senator Wyden Releases CIA's Own 2017 Report Into Leak of 'Vault 7' Hacking Tools An internal CIA report from 2017 - just released in heavily redacted form - found that the agency's failure to secure its own systems facilitated the massive "Vault 7" data breach that enabled classified information, including details of 35 CIA hacking tools, to be leaked to WikiLeaks MORE
Hacked Firm Also Taps Former Facebook CSO as It Responds to Supply Chain Attack As security software firm SolarWinds investigates the supply chain attack involving its Orion software and looks to rebuild its security processes and reputation, it's hired former U.S. MORE
Cloud Pak for Security Digital transformation is accelerating. Organisations are adopting SAAS solutions at increasing rates to reduce internal IT constraints and budgets. This webinar will take a deep dive into IBM's Cloud Pak for Security where you will learn how to: Gain insights without moving your data; Respond faster to secuirty incidents with automation and investigative capabilities; Run anywhere, connect security openly MORE
The encryption app is putting a $50 million infusion from WhatsApp cofounder Brian Acton to good use, building out features to help it go mainstream. Security Security / Security News MORE
NATO announced it is assessing its systems after the SolarWinds supply chain attack that impacted multiple US government agencies. NATO announced it is checking its systems after the SolarWinds supply chain attack to determine if they were infected with a backdoor. MORE
Legislation Based on Cyberspace Solarium Commission's Recommendations A bipartisan group of federal lawmakers has proposed providing $28 billion to state and local governments to bolster their cybersecurity and IT infrastructures MORE
Security Affairs
DECEMBER 3, 2020
Security researchers have uncovered a new technique to inject a software skimmer onto checkout pages, the malware hides in social media buttons. Security experts at Sansec have detailed a new technique used by crooks to inject a software skimmer into checkout pages.
The Last Watchdog
DECEMBER 8, 2020
Company networks have evolved rather spectacularly in just 20 years along a couple of distinct tracks: connectivity and security. Related: The shared burden of securing the Internet of Things. Security, meanwhile, has morphed into a glut of point solutions that mostly serve to highlight the myriad gaps in an ever-expanding attack surface. It’s called Secure Access Service Edge, or SASE , as coined by research firm Gartner.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
DECEMBER 21, 2020
While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. “SUPERNOVA differs dramatically in that it takes a valid.NET program as a parameter.
Data Breach Today
JUNE 17, 2020
Senator Wyden Releases CIA's Own 2017 Report Into Leak of 'Vault 7' Hacking Tools An internal CIA report from 2017 - just released in heavily redacted form - found that the agency's failure to secure its own systems facilitated the massive "Vault 7" data breach that enabled classified information, including details of 35 CIA hacking tools, to be leaked to WikiLeaks
Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit
You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. You feel ready to take on rising security threats while continuously delivering quality software updates. But how do you monitor your new program? Are you truly able to gauge the state of your projects? To ensure the success of this new breed of a team, you need to know the metrics to look at and how to advocate these metrics to C-Suite and stakeholders. Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.
Data Breach Today
DECEMBER 9, 2020
Security validation enables companies to continuously measure, manage and improve their cyber security effectiveness on an ongoing basis.
Security Affairs
DECEMBER 8, 2020
The OpenSSL Project disclosed a serious security vulnerability in TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The post OpenSSL is affected by a ‘High Severity’ security flaw, update it now appeared first on Security Affairs.
Data Breach Today
JANUARY 18, 2021
Security Experts Say Proposal Amounts to a 'Down Payment' President-elect Joe Biden's $1.9 trillion plan for COVID-19 relief includes nearly $10 billion in cybersecurity and IT spending. Some security experts hope the amount as just a "down payment" toward a broader effort
Data Breach Today
AUGUST 22, 2019
Jay Heiser of Gartner Says the Cloud Demands New Security Processes, Tools The transition to cloud-based software and infrastructure has revolutionized development and services. It's also created a bevy of new security challenges. Jay Heiser of Gartner says if organizations don't get cloud security right, it's their own fault.
Data Breach Today
JANUARY 24, 2021
Company Says Certain VPNs and Gateways Affected By 'Coordinated Attack' Security vendor SonicWall is investigating what the company calls a "coordinated attack" against its internal network by threat actors using a zero-day exploit within the company's remote access products.
Speaker: Shlomo Bielak, CTO, Benchmark Corp
Shifting security left to the earliest part of development is currently in the spotlight in the developer world. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter. It's time to manage your team's energies to maximize DevOps efficiency, all the while maintaining top security standards. Join Shlomo Bielak, and learn how to keep your DevSecOps team focused and connected without creating silos.
WIRED Threat Level
JANUARY 7, 2021
Security Security / National SecurityWednesday's insurrection could have exposed congressional data and devices in ways that have yet to be appreciated.
Data Breach Today
AUGUST 14, 2020
Legislation Based on Cyberspace Solarium Commission's Recommendations A bipartisan group of federal lawmakers has proposed providing $28 billion to state and local governments to bolster their cybersecurity and IT infrastructures
Dark Reading
JANUARY 21, 2021
Keeping IoT safe in the future will require securing the networks themselves. Focusing on the devices is a never-ending battle that will only become more burdensome
Data Breach Today
MARCH 6, 2020
ForeScout's Ellen Sundra on Security Priorities and Challenges It's relatively easy to list an enterprise's cybersecurity priorities for 2020. But who owns them? What are the hurdles to completing these projects? These can be tougher questions to answer, says Ellen Sundra of ForeScout
Data Breach Today
JUNE 16, 2020
Senator Wyden Releases 2017 Report That Blames Lack of Security for Leaks An internal CIA report released Tuesday found that the agency's failure to secure its own systems led to the massive 2017 data breach that enabled classified information, including details on 35 CIA hacking tools, to be leaked to WikiLeaks
Data Breach Today
SEPTEMBER 28, 2020
Apparent Ransomware Attack Has National Impact A security incident that apparently involved ransomware has crippled the network of Universal Health Services, which owns hundreds of facilities across the U.S.
Security Affairs
JANUARY 6, 2021
Curiously the announcement comes a few days after the company has updated its Privacy Policy and Terms of Service. ,, “Respect for your privacy is coded into our DNA,” states WhatsApp’s privacy policy.
Security Affairs
DECEMBER 11, 2020
The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. ” said Nathaniel Gleicher, Head of Security Policy at Facebook, and Mike Dvilyanski, Cyber Threat Intelligence Manager.
Data Breach Today
AUGUST 23, 2018
But here's how the company can get its act together in time for 2020 Facebook's Ex-CSO Says That Ship Has Sailed; Look to 2020 With less than three months to go until the U.S. midterm elections, Alex Stamos, until recently Facebooks's CSO, says there isn't time to properly safeguard this year's elections.
Security Affairs
NOVEMBER 17, 2020
Happy BirthDay Security Affairs! I launched Security Affairs for passion in November 2011 and since then the blog read by millions of readers. The interest in cyber security has surged in the last years, cyber security plays a crucial role in modern society.
Threatpost
DECEMBER 3, 2020
Cloud Security InfoSec Insider Mobile Security Vulnerabilities Web Security chromebooks COVID-19 Cyberattacks hank schless infosec insider Lookout mobile endpoint security Mobile security Pandemic remote learning remote work security risks Vishing
Data Breach Today
AUGUST 29, 2018
In an interview, Al Pascual of Javelin Strategy & Research, discusses the challenges involved in securing the exploding IoT landscape consumers now own about 870 million IoT devices.
Security Affairs
JANUARY 18, 2021
The hosts with the outdated version were exposing travel portals implemented by Apple to its employees. Even if the outdated versions were affected by security flaws, the experts pointed out that Apple was using WAF to mitigate the attacks against its applications.
Dark Reading
JANUARY 11, 2021
Organizations that focus on optimizing their tools, cutting down on tool sprawl, and taking a strategic approach to transitioning to the cloud are poised for success
Security Affairs
OCTOBER 13, 2020
Britain’s most senior cyber general declared that the UK has implemented an advanced offensive cyberwar capability that could destroy its enemies. Sanders explained that its cyber army was supported by the GCHQ intelligence agency to deliver offensive cyber capabilities.
Dark Reading
NOVEMBER 13, 2018
Information security is vital, of course. But the concept of "IT security" has never made sense
Security Affairs
JANUARY 23, 2021
The Hacker News reported in exclusive that the security firm SonicWall was hacked as a result of a coordinated attack on its internal systems. TheHackerNews revealed in an exclusive that the security provider SonicWall was hacked on Friday. and Secure Mobile Access ( SMA ).
Security Affairs
DECEMBER 19, 2020
NATO announced it is assessing its systems after the SolarWinds supply chain attack that impacted multiple US government agencies. NATO announced it is checking its systems after the SolarWinds supply chain attack to determine if they were infected with a backdoor.
Data Breach Today
SEPTEMBER 1, 2020
Group-IB Finds Hacking Group Attacked Hundreds of Checkout Sites A cybercriminal gang dubbed "UltraRank" that has planted malicious JavaScript code in hundreds of e-commerce websites around the world over the last five years to steal payment card data also takes the unusual step of selling the data on its own, the security firm Group-IB reports.
Security Affairs
OCTOBER 20, 2020
As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com.
WIRED Threat Level
FEBRUARY 14, 2020
The encryption app is putting a $50 million infusion from WhatsApp cofounder Brian Acton to good use, building out features to help it go mainstream. Security Security / Security News
Security Affairs
OCTOBER 21, 2020
Sweden is banning Chinese tech giant Huawei and ZTE from building new 5G wireless networks due to national security concerns. Another state, Sweden, announced the ban of Chinese tech companies Huawei and ZTE from building its 5G network infrastructure.
Data Breach Today
APRIL 17, 2020
Security Experts Offer Risk Mitigation Tips With the massive shift to telework as a result of the COVID-19 pandemic, shadow IT is becoming a more critical security issue around the world. Security experts offer tips on mitigating the risks involved
Security Affairs
JULY 23, 2020
Smartwatch and wearable device maker Garmin had to shut down some of its connected services and call centers following a ransomware attack. The outage also impacted the company call centers, making it impossible for the company to provide information to its users.
Security Affairs
JANUARY 24, 2021
Every week the best security articles from Security Affairs free for you in your email box. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. The post Security Affairs newsletter Round 298 appeared first on Security Affairs.
Data Breach Today
OCTOBER 28, 2020
Cloud Pak for Security Digital transformation is accelerating. Organisations are adopting SAAS solutions at increasing rates to reduce internal IT constraints and budgets. This webinar will take a deep dive into IBM's Cloud Pak for Security where you will learn how to: Gain insights without moving your data; Respond faster to secuirty incidents with automation and investigative capabilities; Run anywhere, connect security openly
Dark Reading
MAY 2, 2019
How a rocky relationship between IT operations and cybersecurity teams can compound security risks
Krebs on Security
JUNE 19, 2020
But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. As a career chief privacy officer for different organizations, Dennis Dayman has tried to instill in his twin boys the importance of securing their online identities against account takeovers.
Security Affairs
OCTOBER 18, 2020
The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. In recent attacks, the group was observed deploying the Clop ransomware into the networks of its victims.
80 
Let's personalize your content