HHS Updates Security Risk Assessment Tool

Data Breach Today

The Department of Health and Human Services has updated its HIPAA security risk assessment tool to better assist small and mid-sized healthcare entities and their vendors in performing a comprehensive risk analysis.

Tools 174

Instagram’s New Security Tools are a Welcome Step, But Not Enough

Krebs on Security

Instagram users should soon have more secure options for protecting their accounts against Internet bad guys. For years, security experts have warned that hackers are exploiting weak authentication at Instagram to commandeer accounts.

Tools 172

Leaked NSA Hacking Tools

Schneier on Security

In 2016, a hacker group calling itself the Shadow Brokers released a trove of 2013 NSA hacking tools and related documents. Now we have learned that the Chinese used the tools fourteen months before the Shadow Brokers released them.

Tools 107

Cisco released 4CAN hardware tool to find flaws in automotive computers

Security Affairs

Cisco has released a hardware tool, called 4CAN , developed to help researchers to discover vulnerabilities in automotive systems. . Cisco has released a new hardware open-source tool called 4CAN that aims to help the automotive industry in security vehicles.

Tools 109

GitHub introduces new tools and security features to secure code

Security Affairs

GitHub announced the introduction of several new tools and security features to help developers secure their code. The popular code repository hosting service GitHub continues its efforts in helping its customers in developing and maintaining a secure code.

Tools 84

Uninstall or Disable PGP Tools, Security Researchers Warn

Data Breach Today

Exploitable Vulnerabilities Could Reveal Plaintext of Encrypted Emails European computer security researchers say they have discovered vulnerabilities that relate to two techniques used to encrypt emails: PGP and S/MIME.

Tools 170

Android 7.0+ Phones Can Now Double as Google Security Keys

Krebs on Security

and higher can now be used as Security Keys , an additional authentication layer that helps thwart phishing sites and password theft. But Google said starting this week, any mobile phone running Android 7.0+ (Nougat) can serve the same function as a USB-based security key.

NSA Pitches Free Reverse-Engineering Tool Called Ghidra

Data Breach Today

For the Record, There's No Backdoor,' NSA's Rob Joyce Tells RSA Conference Here's free software built by the National Security Agency called Ghidra that reverse-engineers binary application files - all you have to do is install it on your system.

Tools 223

What the Marriott Breach Says About Security

Krebs on Security

Or a previously unknown security flaw gets exploited before it can be patched. They’re reshuffling the organizational chart so that people in charge of security report to the board, the CEO, and/or chief risk officer — anyone but the Chief Technology Officer.

OilRig’s Jason email hacking tool leaked online

Security Affairs

A few hours ago, a new email hacking tool dubbed Jason and associated with the OilRig APT group was leaked through the same Telegram channel used to leak other tools. Now the group released a tool that was allegedly used by OilRig “for hacking emails and stealing information.”

Tools 87

VMware addressed flaws in its Workstation and Tools

Security Affairs

VMware has informed its users that it has patched two high-severity vulnerabilities that affect its Tools and Workstation software. VMware has patched two high-severity flaws that affect its Tools and Workstation software.

Tools 84

9 Top Active Directory Security Tools

eSecurity Planet

Active Directory can't protect against every security risk. Here are 9 Active Directory security tools that can help

Risk 81

A free Decryptor tool for GandCrab Ransomware released

Security Affairs

Good news for the victims of the latest variants of the GandCrab ransomware , NoMoreRansomware released a free decryption tool. Victims of the latest variants of the GandCrab ransomware can now decrypt their files for free using a free decryptor tool released on the the NoMoreRansom website.

Tools 82

Free Tool: Honey Feed

Security Affairs

Cybersecurity expert Marco Ramilli shared another tool of his arsenal that extracts suspicious IPs from undesired connections, his HoneyPots. Hi folks, today I’d like to point you out another tool of mine which extracts suspicious IPs from undesired connections.

Tools 92

'Virtual Assistant' EHR Tools: Privacy, Security Issues

Data Breach Today

Data integrity and privacy issues are among potential concerns related to voice-activated "virtual assistant" tools that some vendors are beginning to offer for their electronic health record systems, says privacy and security expert Kate Borten

Tools 100

9 Top Database Security Tools

eSecurity Planet

Here are 9 top database security tools to help you protect that data Databases contain some of the most critical data in an organization.

Tools 77

Top Vulnerability Scanning Tools

eSecurity Planet

Staying on top of vulnerabilities is a critical IT security practice. Here are a dozen vulnerability scanning tools that can help

Tools 82

Gartner Emphasize the Need for Enterprise Architecture Tools

erwin

Organizations largely recognize the need for enterprise architecture tools, yet some still struggle to communicate their value and prioritize such initiatives. Enterprise Architecture Tools: The Fabric of Your Organization.

Tools 73

How to Shop Online Like a Security Pro

Krebs on Security

Here are some other safety and security tips to keep in mind when shopping online: -WHEN IN DOUBT, CHECK ‘EM OUT: If you don’t know much about the online merchant that has the item you wish to buy, take a few minutes to investigate its reputation.

How To 284

Elderly China Chopper Tool Still Going Strong in Multiple Campaigns

Threatpost

Hacks Malware Web Security analysis china chopper Cisco Talos Cyberattacks recent campaigns remote access tool web shellMultiple actors in multiple campaigns are using the web shell for remote access, even though it's almost a decade old and hasn't been updated.

Tools 85

Toyota presented PASTA (Portable Automotive Security Testbed) Car-Hacking Tool

Security Affairs

Takuya Yoshida from Toyota’s InfoTechnology Center and his colleague Tsuyoshi Toyama are members of a Toyota team that developed the new tool, called PASTA (Portable Automotive Security Testbed).

7 Low-Cost Security Tools

Dark Reading

Security hardware doesn't have to be expensive or complex to do the job. Here are seven examples of low-cost hardware that could fill a need in your security operations

Tools 85

Experts released a free Decryption Tool for GandCrab ransomware

Security Affairs

Good news for the victims of the infamous GandCrab ransomware, security experts have created a decryption tool that allows them to decrypts files without paying the ransom. “This tool recovers files encrypted by GandCrab ransomware versions 1, 4 and 5.”

Tools 101

Google: Security Keys Neutralized Employee Phishing

Krebs on Security

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity.

Security firm released Singularity, an open source DNS Rebinding attack tool

Security Affairs

Cybersecurity firm NCC Group has released an open source tool for penetration testers that allows carrying out DNS rebinding attacks. Security firm NCC Group has released an open source tool for penetration testing dubbed Singularity of Origin that allows carrying out DNS rebinding attacks.

Tools 76

Top Penetration Testing Tools

eSecurity Planet

Penetration testing should be an ongoing practice for all IT security teams. Here are the best pen test tools for finding your vulnerabilities

Tools 62

Top 5 Best Web Security Testing Tools

Cllax

Software and ToolsProtecting your website and computers in an online environment is a priority. Computers are vulnerable to viruses that can pose a serious threat to networks, which makes it essential for.

Tools 28

Five Eyes Intelligence agencies warn of popular hacking tools

Security Affairs

Security agencies belonging to Five Eyes (United States, United Kingdom, Canada, Australia and New Zealand) have released a joint report that details some popular hacking tools. Experts from cybersecurity agencies from Five Eyes intelligence alliance have issued a report that provides technical details on most popular hacking tool families and the way to detect and neutralizes attacks involving them. The five tools are: Remote Access Trojan: JBiFrost.

Tools 87

Dell Security Support Tool Harbors High-Severity Flaws

Threatpost

Dell has patched two high-severity vulnerabilities in its SupportAssist software meant to aid security issues for customers. Mobile Security Vulnerabilities CSRF Dell high severity flaw remote code execution SupportAssist client vulnerability

Tools 102

12 Free, Ready-to-Use Security Tools

Dark Reading

These free tools can help you analyze what your company is up against and point ways to developing a more thorough security program There's no excuse for not knowing your exposure.

Tools 87

MY TAKE: Six-figure GDPR privacy fines reinforce business case for advanced SIEM, UEBA tools

The Last Watchdog

It’s no wonder security analysts toiling in security operations centers (SOCs) are depressed. More than half of the 554 IT and security pros recently polled by the Ponemon Institute consider their SOCs to be ineffectual and some 66% indicated they are considering quitting their jobs.

Tools 164

What’s Business Process Modeling Got to Do with It? – Choosing A BPM Tool

erwin

With business process modeling (BPM) being a key component of data governance , choosing a BPM tool is part of a dilemma many businesses either have or will soon face. Choosing a BPM Tool: An Overview. Organizations that adopt a BPM tool also enjoy greater process efficiency.

Tools 70

Q&A: How cutting out buzzwords could actually ease implementation of powerful security tools

The Last Watchdog

The central dilemma posed by digital transformation is this: How do companies reap the benefits of high-velocity software development without creating onerous security exposures? Why have organizations, of all sizes and in all sectors, failed to make more progress shrinking a security gap that appears, in fact, to be inexorably widening? Juniper has been in the vanguard of integrating security deeper into the plumbing of modern business networks.

Tools 117

Intel addresses high severity flaw in Processor Diagnostic Tool

Security Affairs

Intel Patch Tuesday updates for July 2019 address a serious flaw in Processor Diagnostic Tool and minor issue in the Solid State Drives (SSD) for Data Centers (DC). ” reads the security advisory.

Tools 79

Free Tools: spotting APTs through Malware streams

Security Affairs

Cyber security expert and founder of Yoroi has published a new tool that could be used to spot APTs (A dvanced Persistent Threats) through Malware streams. Honey Feed , a tool that extracts suspicious IPs from undesired connections, his HoneyPots.

Tools 87

Security expert Marco Ramilli released for free the Malware Hunter tool

Security Affairs

Malware researcher Marco Ramilli released for free the Malware Hunter tool a simple but interesting catching tool base on static YARA rules. Malware researcher Marco Ramilli released for free the Malware Hunter tool a simple but interesting catching tool base on static YARA rules.

Tools 94

Snapchat staff used internal tools to spy on users

Security Affairs

Snapchat internal staff has allegedly abused their role in the company to spy on Snapchat users using and internal tools and steal data. Snapchat has internal tools that allow employees to access consumer data, and unfortunately, these tools have been abused by the internal staff.

Tools 89

High-Severity Bug in Cisco Industrial Enterprise Tool Allows RCE

Threatpost

Bug allows for a remote attacker to execute arbitrary code on industrial, enterprise tools.

Toyota PASTA Car-Hacking Tool will be soon on GitHub

Security Affairs

Toyota plans to release the PASTA (Portable Automotive Security Testbed) Car-Hacking Tool on GitHub next month. PASTA is an open-source testing platform specifically designed for car hacking, it was developed to help experts to test cyber security features of modern vehicles.

Tools 107

The NSA Makes Ghidra, a Powerful Cybersecurity Tool, Open Source

WIRED Threat Level

And now one if its powerful tools is available to everyone for free. SecurityNo one's better at hacking than the NSA.

Tools 88