Webinar The cloud is constantly in flux, and with its continual growth comes an equally rapid acceleration of threats and vulnerabilities direct towards it. You could say the cloud environment resembles the wild west where even hired guns carefully guarding your wagon train are not always enough to prevent an ambush by a gang of determined outlaws.β¦
The White House is adding the chemical sector to a program launched last year to improve cybersecurity capabilities within America's critical infrastructure industries.β¦
Sponsored Feature The inexorable pace of technological innovation in response to the unrelenting growth of cyber attacks has led to fragmentation within cyber security provision. Things generally follow a common pattern, starting with a new security requirement being identified, whether a response to a novel threat, or a compliance or regulation challenge. This leads buyers to specialized tools, usually from smaller vendors that do one thing well. But inevitably over time, buyers end up using a mishmash of systems and tools, each with its own job and management processes.β¦
A stealthy cryptocurrency mining operation has been spotted using thousands of free accounts on GitHub, Heroku and other DevOps outfits to craft digital tokens. GitHub, for one, forbids the mining of coins using its cloud resources.β¦
Japan's plan to phase out public health insurance cards in favor of linking the services to a digital ID card could compel those who oppose the digitization to sign up.β¦
The prolific pro-Beijing Dragonbridge crew has apparently stepped up its activity ahead of the US 2022 midterms by trying to discourage Americans from voting as well as pinning the Nord Stream pipeline explosion on Uncle Sam.β¦
Mark Sokolovsky, 26, a Ukrainian national, is being held in the Netherlands while he awaits extradition to America on cybercrime charges, the US Justice Department said on Tuesday.β¦
Cisco says miscreants are exploiting two vulnerabilities in its AnyConnect Secure Mobility Client for Windows, which is supposed to ensure safe VPN access for remote workers.β¦
Microsoft appears to have woken up and realized it may have left certain Windows Server and Windows 10 systems exposed to exploitable drivers for years.β¦
Sponsored Post The turn of the year is always a good time to take stock and think about where you are heading. Many hard working cybersecurity professionals will be keeping as close an eye on the calendar as they are on cyber criminals.β¦
The number of ransomware attacks worldwide dropped 31 percent year-over-year during the first nine of months 2022, at least as far as SonicWall has observed. But don't get too excited.β¦
Microsoft is bringing Azure Active Directory Identity Protection alerts to Microsoft 365 Defender to seemingly help IT folks thwart criminals infiltrating corporate networks via compromised users.β¦
Australian health insurer Medibank's data breach was today revealed to be even worse than first thought, with a regulatory filing stating that info describing all four million customers has been accessed.β¦
Analysis Drizly CEO James Cory Rellas is in the firing line after his company exposed about 2.5 million customers' personal information in a computer security blunder.Β β¦
PayPal has added passkeys for passwordless login to accounts across Apple devices.β¦
Webinar It was the English philosopher Sir Francis Bacon who first wrote 'knowledge is power,' a phrase which is probably equally applicable in fighting cybercrime today as it was in 1597 when he first committed it to paper. Because failing to keep up with the latest intel on malware and hacking methods can leave your organization open to a lot of potential risks.β¦
Britain's data watchdog has slapped construction business Interserve Group with a potential Β£4.4 million ($4.98M) fine after a successful phishing attack by criminals exposed the personal data of up to 113,000 employees.β¦
American prosecutors on Monday accused 13 people of committing espionage-linked crimes in the US on behalf of the Chinese government.β¦
Cybercriminals have used two strains of point-of-sale (POS) malware to steal the details of more than 167,000 credit cards from payment terminals. If sold on underground forums, the haul could net the thieves upwards of $3.3 million.β¦
DHL is the most spoofed brand when it comes to phishing emails, according to Check Point.β¦
Federal agencies are warning of a threat group called Daixin Team that is using ransomware and data extortion tactics to target US healthcare organizations.β¦
In brief Google has released a new open source software tool to help businesses better understand the risks to their software supply chains by aggregating security metadata into a queryable, standardized database.β¦
Sponsored Post Where do the world's cyber security professionals get an opportunity to mingle and swap tips with their global peers while engaging in interactive, hands-on learning exercises that will help them stop cyber criminals in their tracks?β¦
Webinar Linux has come a long way from the early days of 1991 when the Linux kernel grew out of a student project.β¦
At least one affiliate of the high-profile ransomware-as-a-service (RaaS) group BlackByte is using a custom tool to exfiltrate files from a victim's network, a key step in the fast-growing business of double-extortion.β¦
Iran's Atomic Energy Organization has laughed off claims that the email systems of a subsidiary were compromised, revealing important operational data about a nuclear power plant.β¦
As a hybrid offline and online war wages on in Ukraine, Viktor Zhora, who leads the country's cybersecurity agency, has had a front-row seat of it all.β¦
URSNIF, the malware also known as Gozi that attempts to steal online banking credentials from victims' Windows PCs, is evolving to support extortionware.β¦
A hospital network in Wisconsin and Illinois fears visitor tracking code on its websites may have transmitted personal information on as many as 3 million patients to Meta, Google, and other third parties.β¦
Sponsored Post Shifting workloads and applications to the cloud is on every forward-thinking CIO's wish list. It is also their worst nightmare. If they get it right, they've helped to transform and modernize their organization's operations and everyone's happy. If they get it wrong, it's a different story, made much worse if a seriously expensive data breach is involved.β¦
Microsoft has confirmed one of its own misconfigured cloud systems led to customer information being exposed to the internet, though it disputes the extent of the leak.β¦
The Biden administration is pushing ahead with its drive to add cyber security labeling to consumer Internet of Things (IoT) devices, and may join other nations in adopting the scheme pioneered by Singapore.β¦
Sponsored Feature The concept behind Confidential Computing isn't new β organisations have been using hardware-assisted technology to encrypt and decrypt data for a while now. But fresh impetus from the Confidential Computing Consortium , new technology, and greater reliance on off prem public clouds to host and process sensitive information is prompting a more widespread re-evaluation of its benefits.β¦
Updated Australian health insurer Medibank has revealed it's been contacted by a group that claims to have its customers' data and is threatening to distribute it.β¦
This week, the US government's Cybersecurity and Infrastructure Security Agency (CISA) expanded its ever-growing list of vulnerability in industrial control systems (ICS) and critical infrastructure technology.β¦
New York regulators continue turning the screws on organizations with slapdash computer security.β¦
Verizon has notified some prepaid customers that their accounts were compromised and their phone numbers potentially hijacked by crooks via SIM swaps.β¦
It's just as you suspected: your Gen Z and millennial coworkers just aren't taking cybersecurity at work seriously enough.Β β¦
Cyber-diplomats from around the world say they want the internet to be safe, secure, and free of interference. Of course, they believe it's the fault of other nations that the internet is not safe, secure or free of interference.β¦
A proof-of-concept exploit has been published detailing a spoofing vulnerability in Microsoft Azure Service Fabric. The flaw allows attackers to gain full administrator permissions and then perform any manner of malicious activity.β¦
Webinar The individual memory of a bee is the repository for one facet of the collective memory of the beehive - the hive mind. Working together each bee feeds into the collective consciousness of the hive to optimize the production of the very best honey.β¦
Germany's government has stood down the president of its Federal Office for Information Security, Arne SchΓΆnbohm, over his links to Russia.β¦
In what can only be described as inevitable, the FBI is warning those eligible for student loan debt relief to keep an eye out for scammers trying to take advantage of President's Biden program.β¦
Sponsored Post We're all looking for a way to get the best cyber security training on the market, so we can push ahead in our careers. But we want to do it at our own pace, and in a location that suits us.β¦
SafeBreach Labs says it has detected a novel fully undetectable (FUD) PowerShell backdoor, which calls into question the accuracy of threat naming.β¦
Tensions between the US, China, and Taiwan have far-reaching impacts beyond semiconductor saber-rattling and trade restrictions. There is an enterprise security angle that CISOs should be on guard to tackle, according to US intelligence.β¦
Webinar If there was a tablet of stone inscribed with ten commandments for the fundamental requirements of an operating environment, the first would almost certainly be 'thou shalt have security and stability.'β¦
It has been almost a year since the ransomware gang Ransom Cartel was first detected and the crew over that time has racked up a steady drumbeat of victims in such countries as the United States and France and from a broad array of industry sectors.β¦
Sponsored Feature The steady migration of applications and infrastructure out of in-house data centres and server farms and into the cloud looks unstoppable at this moment in time. Research firm Gartner has estimated that by 2025, 51 percent of IT spending on application and infrastructure software, business process services and system infrastructure will have shifted to the public cloud, up from 41 percent in 2022. And you can bet that large volumes of the data that those applications and systems host and process will go with them.β¦
Organizations hit earlier by the HermeticWiper malware have reportedly been menaced by ransomware unleashed this month against transportation and logistics industries in Ukraine and Poland.β¦
Japanese industrial giants NTT Communications Corporation and Denso Corporation have decided to start a business βto respond to the threat of increasingly sophisticated cyber-attacks against vehicles.ββ¦
Europol this week said it has arrested 31 people in a crackdown on a car-theft ring that developed and used a technique to steal keyless vehicles.β¦
A former Wall Street Journal reporter has sued a multinational law firm, some of its attorneys, and others for allegedly stealing his emails and spreading the messages to wrongly discredit him, leading to his firing.β¦
Interpol arrested 75 suspected members of the Black Axe West African crime syndicate, and intercepted over $1 million in various bank accounts as part of a wide-ranging multi-country operation aimed at thwarting the group's cyber-fraud efforts that fund its criminal operations.β¦
In brief Advanced persistent threat group (APT) Budworm has shifted targets after hitting the Middle East, Europe and Asia, and was caught this week trying to break into the systems of an unnamed US state legislature.β¦
Panic over the risk of deepfake scams is completely overblown, according to a senior security adviser for UK-based infosec company Sophos.β¦
Asia In Brief Chinese president Xi Jinping has opened the 20th Congress of the Chinese Communist Party with a call for the nation he leads to win the race for development of βcore technologiesβ and to become self-reliant in strategic tech.β¦
Feature The infosec industry remains mostly a boys club. And while there are some indications that it's becoming more diverse, bringing women into the room continues to move at a glacial pace.β¦
A man who lost $24 million in cryptocurrency in an elaborate SIM swapping scam has won a multi-million-dollar judgment against the thief, who was 15 at the time of the hustle.β¦
Microsoft Office 365 Message Encryption claims to offer a way "to send and receive encrypted email messages between people inside and outside your organization."β¦