Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490
- 8 mai 2018Putting FUD Back in Information Security
FUD is Fear, Uncertainty and Doubt. A tactic well played in the early days of Information Security. I never liked it because… well you know that Boy Who Cried Wolf story, right? It appears to me that FUD is making a strong comeback. This time instead of being used to help bolster InfoSec budgets or […]
- 16 avril 2018Windows 10 Update Disrupts Pen Input; Microsoft Offers Potentially Dangerous Fix
A recent Microsoft security update – according to Wacom’s support pages, the OS build 16299.334 – has had a rather unexpected side-effect. Many users of have been experiencing issues where drawing apps, such as Photoshop, no longer function correctly. For example, pressing the pen to the tablet device does not “draw” as it should, but […]
- 1 avril 2018Information Security and the Zero-Sum Game
A zero-sum game is a mathematical representation of a situation in which each participant’s gain or loss is exactly balanced by the losses or gains of the other participant. In Information Security a zero-sum game usually references the trade-off between being secure and having privacy. However, there is another zero-sum game often played with Information […]
- 16 mars 2018Google’s new Gaming Venture: A New Player?
Google in Gaming – Facts and Speculation In January 2018, game industry veteran Phil Harrison announced that he was joining Google as a Vice President and GM. With Harrison’s long history of involvement with video game companies – having previously worked with Sony and Microsoft’s Xbox division – this immediately prompted speculation and rumours about […]
- 9 février 2018Bubble Economies and the Sustainability of Mobile Gaming
Old Bubbles and New Bubbles Gaming is a technology-based market, and tech markets are no strangers to economic bubbles and the effects of them bursting. The market recession of the early 2000s, most commonly known as the Dotcom Crash, is probably the biggest and most influential ‘burst bubble’ of the internet era. The Dotcom Bubble […]
- 9 novembre 2020New Book! The Best of TaoSecurity Blog, Volume 3
Introduction I published a new book!The Best of TaoSecurity Blog, Volume 3: Current Events, Law, Wise People, History, and Appendices is the third title in the TaoSecurity Blog series. It’s in the Kindle Store, and if you have an Unlimited account, it’s free. I also published a print edition, which is 485 pages. Book DescriptionThe book features the following description …
- 31 octobre 2020Security and the One Percent: A Thought Exercise in Estimation and Consequences
There’s a good chance that if you’re reading this post, you’re the member of an exclusive club. I call it the security one percent, or the security 1%. This is shorthand for the assortment of people and organizations who have the personnel, processes, technology, and support to implement somewhat robust digital security programs, especially those with the detection and response capabilities and no …
- 23 octobre 2020MITRE ATT&CK Tactics Are Not Tactics
Just what are « tactics »?IntroductionMITRE ATT&CK is a great resource, but something about it has bothered me since I first heard about it several years ago. It’s a minor point, but I wanted to document it in case it confuses anyone else.The MITRE ATT&CK Design and Philosophy document from March 2020 says the following:At a high-level, ATT&CK is a behavioral model that consists of …
- 10 octobre 2020Greg Rattray Invented the Term Advanced Persistent Threat
I was so pleased to read this Tweet yesterday from Greg Rattray: »Back in 2007, I coined the term “Advanced Persistent Threat” to characterize emerging adversaries that we needed to work with the defense industrial base to deal with… Since then both the APT term and the nature of our adversaries have evolved. What hasn’t changed is that in cyberspace, advanced attackers will persistent …
- 3 septembre 2020The FBI Intrusion Notification Program
The FBI intrusion notification program is one of the most important developments in cyber security during the last 15 years. This program achieved mainstream recognition on 24 March 2014 when Ellen Nakashima reported on it for the Washington Post in her story U.S. notified 3,000 companies in 2013 about cyberattacks. The story noted the following: »Federal agents notified more than 3, …
Information Security Buzz
- 19 janvier 2021Implementation Of The MITRE ATT&CK Framework
Sun Tzu, the fifth-century B.C. Chinese general and philosopher, knew that knowledge is power and stated this in his oft-cited work, Art of War, as follows: “If you know the… The ISBuzz Post: This Post Implementation Of The MITRE ATT&CK Framework appeared first on Information Security Buzz. …
- 19 janvier 2021Experts Insight On Hackers Exploiting The Windows Finger Feature
Security researcher Kirk Sayre discovered the new phishing campaign using the Finger Command to infect Windows 10 device with malware. Finger command is used display information about users on the… The ISBuzz Post: This Post Experts Insight On Hackers Exploiting The Windows Finger Feature appeared first on Information Security Buzz. …
- 19 janvier 2021AnyVan Confirms Breach – Experts Reation
The m, the European online marketplace that lets users buy delivery, transport or removal services from a network of providers, has confirmed breach involving customers’ personal data. The Register also reported that… The ISBuzz Post: This Post AnyVan Confirms Breach – Experts Reation appeared first on Information Security Buzz. …
- 19 janvier 2021How To Bring Clarity To Your Critical Communications Strategy In 2021
If 2020 taught us anything it’s that an organisation needs to be able to anticipate, prepare for, respond and adapt to pretty much anything in order to survive and prosper.… The ISBuzz Post: This Post How To Bring Clarity To Your Critical Communications Strategy In 2021 appeared first on Information Security Buzz. …
- 19 janvier 2021Scottish Environment Agency Continues To Suffer Following Christmas Eve Ransomware Attack
The Scottish Environment Protection Agency (SEPA) has confirmed that it was hit by a ransomware attack last month and is continuing to feel the impact, according to ZDNet. The cyberattack was… The ISBuzz Post: This Post Scottish Environment Agency Continues To Suffer Following Christmas Eve Ransomware Attack appeared first on Information Security Buzz. …
- 19 janvier 2021Firefox to support the printing of multiple pages per sheet
Mozilla’s Firefox web browser will soon support the printing of multiple pages per sheet. The new functionality is available in Firefox Nightly, the development edition of the Firefox web browser, already and will land in Firefox Stable eventually. The next print related feature to land in Firefox Stable is non contiguous printing support, which will be available in Firefox 85. The new version of …
- 19 janvier 2021Firefox 85 remembers the last used bookmarks folder and gets other bookmarking improvements
Firefox 85 Stable will be released next week, and the browser includes a number of new features and improvements. We looked at the browser’s new network partitioning feature, support for importing passwords from KeePass and Bitwarden, non contiguous printing support, and improved Home and New Tab Page controls already. Bookmarking is another area with improvements. When you bookmark pages in Firef …
- 19 janvier 2021easyGestures N is a user-friendly, mouse gesture navigation extension for Firefox
Gesturefy and FoxyGestures are incredible add-ons which allow you to control your browser with the mouse. The gestures do take some time to get used to; if you want something simpler, you can’t go wrong with easyGestures N. It is fork of an old add-on called Easy Gestures, with a similar interface. But the features are quite different in the new extension. EasyGestures N requires three permissions …
- 18 janvier 2021Cosmonium is an open source 3D astronomy and space exploration software
Star gazing can be a relaxing experience, and you don’t need telescopes or planetariums to learn more about the mysteries of Space. You can explore galaxies that are far, far away, right from the comfort of your house. No, I’m not talking about movies and TV Shows. Welcome to Cosmonium, an open source 3D astronomy and space exploration software. It is based on the (now defunct) Celestia project. C …
- 18 janvier 2021Firefox 85 supports the import of KeePass and Bitwarden passwords
The next stable version of the Firefox web browser supports the import of passwords from the password managers KeePass and Bitwarden, and password managers that use the same format. Current stable versions of the Firefox web browser support two password related import and export options by default. Firefox users may import passwords from supported web browsers — Microsoft Edge classic and Chromiu …
- 16 septembre 2020Box Showcases New Offerings for Remote Working Environment
The primary problem caused by the growth in remote working is a new degree of complexity. The threats remain the same, but the solutions must be new. Box on Wednesday announced additions and enhancements to its range of products designed for the growing remote working environment. read more …
- 16 septembre 2020U.S. House Passes IoT Cybersecurity Bill
The U.S. House of Representatives this week passed the IoT Cybersecurity Improvement Act, a bill whose goal is to improve the security of IoT devices. read more …
- 16 septembre 2020Nozomi Networks Becomes CVE Numbering Authority
Nozomi Networks, a company that specializes in the security of OT and IoT systems, on Tuesday announced that it has become a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA). read more …
- 16 septembre 2020NSA Publishes Guidance on UEFI Secure Boot Customization
The United States National Security Agency (NSA) this week published guidance on how the Unified Extensible Firmware Interface (UEFI) Secure Boot feature can be customized to fit an organization’s needs. read more …
- 16 septembre 2020More Links Found Between North Korean and Russian Hacking Operations
Security researchers with Intel 471 have identified connections between cyber-activities attributed to North Korean hackers and those of Russian cybercriminals. read more …
Help Net Security
- 19 janvier 2021Dnsmasq vulnerabilities open networking devices, Linux distros to DNS cache poisoning
Seven vulnerabilities affecting Dnsmasq, a caching DNS and DHCP server used in a variety of networking devices and Linux distributions, could be leveraged to mount DNS cache poisoning attack and/or to compromise vulnerable devices. “Some of the bigger users of Dnsmasq are Android/Google, Comcast, Cisco, Red Hat, Netgear, and Ubiquiti, but there are many more. All major Linux distributions of …
- 19 janvier 2021OpenWrt discloses forum data breach
The OpenWrt project has revealed that an attacker has managed to access information about its online forum users over the weekend, by compromising the account of a forum administrator. “The intruder was able to download a copy of the user list that contains email addresses, handles, and other statistical information about the users of the forum,” they shared. “Although we do not …
- 19 janvier 2021Deploying AI-powered cybersecurity directly on drones
SparkCognition and SkyGrid announced a new collaboration to deploy AI-powered cybersecurity directly on drones, protecting them from zero-day attacks during flight. Equipped with SparkCognition’s DeepArmor cybersecurity product, SkyGrid is the first airspace management system to enable drone protection powered by AI. This approach provides more advanced airspace security than traditional ant …
- 19 janvier 2021Rethinking Active Directory security
In the wake of a cyberattack, Active Directory is sometimes dismissed as just another service that needs to be recovered, and security is an afterthought. But the hard reality is that if Active Directory is compromised, so is your entire environment. 90% of organizations use Active Directory as their primary store for employee authentication, identity management, and access control. Today, it …
- 19 janvier 2021Are you vetting your MSSPs?
Enterprises were already moving toward digital transformations at the start of 2020, but the COVID-19 pandemic suddenly threw everything into high gear. Telework, virtual meetings and a host of online transactions – from retail purchases and food ordering to interviewing and onboarding employees – went from being occasional occurrences to being the norm. With enterprises using the clou …
Naked Security – Sophos
- 18 janvier 2021Naked Security Live – Staying safe online at home (especially if you’re homeschooling!)
Here’s our latest live video talk – enjoy!
- 14 janvier 2021Europol announces bust of “world’s biggest” dark web marketplace
Dark web servers are hard to find – but not impossible.
- 14 janvier 2021S3 Ep15: Titan keys, Mimecast certs and Solarwinds [Podcast]
Latest episode. Listen now!
- 13 janvier 2021Home schooling – how to stay secure
Whether you’re new to home schooling or an old hand, it’s worth taking a moment to ensure you’re doing it securely.
- 11 janvier 2021Naked Security Live – HTTPS: do we REALLY need it?
Here’s the latest Naked Security Live video talk – watch now, and please share with your friends!
- 11 janvier 2021Google Titan security keys hacked by French researchers
Researchers can now made software copies of Google’s « unclonable » Titan security keys – but not yet undetectably.
- 7 janvier 2021S3 Ep14: Money scams, HTTPS by default, and hardcoded passwords [Podcast]
- 6 janvier 2021Zyxel hardcoded admin password found – patch now!
Hardcoded passwords are always wrong – they are equivalent to implanting a global backdoor and hoping no one will find it.
- 5 janvier 2021Chrome browser has a New Year’s resolution: HTTPS by default
If snooping and falsifying web traffic is so easy when plain old HTTP is used, why do we still have HTTP at all?
- 31 décembre 2020S3 Ep13: A chat with hacker Keren Elazari [Podcast]
Latest episode – listen now!
- 19 janvier 2021SolarWinds supply chain attack explained: Need-to-know info
- 19 janvier 2021FBI warns against vishing attacks targeting enterprises
- 14 janvier 2021What is the future of cybersecurity?
CSO | Security News
- 19 janvier 2021Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed
Security researchers have found several serious vulnerabilities in dnsmasq, a utility used in many Linux-based systems, especially routers and other IoT devices, to provide DNS services. Attackers can exploit the flaws to redirect users to rogue websites when trying to access legitimate ones or to execute malicious code on vulnerable devices.[ Learn 12 tips for effectively presenting cybersecurity …
- 19 janvier 2021New Intel CPU-level threat detection capabilities target ransomware
Security vendors can now leverage new telemetry and machine learning processing capabilities built into Intel’s 11th Gen mobile processors to better detect and block sophisticated ransomware programs that attempt to evade traditional detection techniques. The features are built into Intel Core CPUs designed for businesses that include the vPro feature set.[ Keep up on the latest thought leadership …
- 18 janvier 2021How to reboot a broken or outdated security strategy
An enterprise security strategy should be like a weather report: subject to frequent updates. Allowing a security plan to fall out of sync with current and emerging threats, as well as evolving enterprise technologies and interests, can open the door to financial and reputational catastrophes.[ Learn 12 tips for effectively presenting cybersecurity to the board and 6 steps for building a robust in …
- 18 janvier 2021SolarWinds hack is quickly reshaping Congress’s cybersecurity agenda
The federal government and private sector are still reeling from the SolarWinds supply chain hack, and Congress is on edge as it begins a new term beset by fears of domestic terrorism. It would seem all bets are off in terms of the previous legislative agenda for cybersecurity, at least in the near-term. The relevant committees in the new 117th Congress have yet to weigh in on specific pieces of l …
- 15 janvier 2021The biggest data breach fines, penalties and settlements so far
Sizable fines assessed for data breaches since 2019 suggest that regulators are getting more serious about organizations that don’t properly protect consumer data. Marriott was hit with a $124 million fine, later reduced, while Equifax agreed to pay a minimum of $575 million for its 2017 breach. This comes after an active 2018. Uber’s poor handling of its 2016 breach cost it close to $150 million. …
- 19 janvier 2021Scottish environmental agency still struggling after Christmas Eve ransomware attack
The Scottish Environment Protection Agency (SEPA) has confirmed that it is continuing to respond to an ongoing ransomware attack that has encrypted files, disrupted systems and seen 1.2 GB of data stolen by cybercriminals. Read more in my article on the Hot for Security blog.
- 18 janvier 2021Swanky Wentworth golf club hacked, details of 4000 members stolen in ransomware attack
Members of one of England’s most exclusive golf clubs has warned its 4000 members that their personal details may have fallen into the hands of hackers following a ransomware attack.
- 18 janvier 2021Cryptocurrency scammers hijack verified accounts once again, jumping on Elon Musk’s Twitter threads
Hackers are still making hay hijacking the accounts of verified celebrity users to promote cryptocurrency scams.
- 14 janvier 2021Cybercriminals are bypassing multi-factor authentication to access organisation’s cloud services
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks. Read more in my article on the Tripwire State of Security blog.
- 14 janvier 2021Orca Security public cloud security report reveals how most large cloud breaches happen
Graham Cluley Security News is sponsored this week by the folks at Orca Security. Thanks to the great team there for their support! You’re probably familiar with the shared responsibility model. The basic idea is that public cloud providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) keep their platforms … Continue reading « Orca Security public cloud s …
- 19 janvier 2021Security, Automation and Technology Trends for 2021
By Steve Cochran, CTO at ConnectWise While 2020 presented many challenges for people and businesses across the globe, it drove the tech industry to respond to a shift to remote work, increased security risks and reliance on the cloud and new technology. As we move past 2020 and organizations continue to navigate the changes caused by the pandemic, we must also look ahead to what this year may brin …
- 19 janvier 2021Deleted X rated photos of college pupils exposed by hackers
Fleek app that was started in 2015 on Georgetown University and now defunct has become the talk among many sophomores of some major universities across America. Reason, a cloud configuration error committed on an Amazon Web Services (AWS) bucket is said to have exposed over 377,000 files- 32GB information and that includes X rated deleted photos of users of Fleek, the subsidiary of Squid Inc. To t …
- 19 janvier 2021Ransomware cyber attack suspected on Okanogan County
Okanogan County that lies on the borders of Washington and close to the American- Canadian border was hit by a cyber attack on Monday this week and security analysts suspect that the attack could be ransomware genre as the data remains locked up and inaccessible. The county officials including those belonging to Public Health have disclosed that the phone and email systems were deeply impacted in …
- 19 janvier 2021Cybersecurity firm NuArx acquired by Ireland company
NuArx, a Southfield based company, was acquired by the Ireland-based Sysnet Global Solutions for an undisclosed amount. The deal is said to close by the 3Q of 2021 and is set to improve the market expansion of Sysnet Technology’s platform. When most of the workforce is working from home because of the COVID-19 pandemic spread, a rise in cyber attacks has been analyzed by most of the security firms …
- 18 janvier 2021US NSA offers new security protocols for DNS Enterprise Environments
United States National Security Agency (NSA) is advising enterprise network admins to follow the new set of protocols to secure DNS servers that help eliminate eavesdropping, data exfiltration, and manipulation of web traffic. The new set of guidelines issued by NSA is said to help mobile & remote workers connecting to corporate servers securely and save themselves and their companies from any …
- 19 janvier 2021Creating Connections: Setting your mark for 2021.
Welcome to the first issue of Creating Connections for 2021. I’m a planner. At the beginning of each year, I think about the plans I am making both professionally and personally and start to chart out how I’d like to get to the marks that we as a leadership team at the CyberWire set or I set for myself. Those marks could be goals I hope the CyberWire can achieve in terms of audience, attendees or …
- 19 janvier 2021More Solorigate malware. Document corruption. "Enemies of the People," via Tehran. Vishing is up. Selling a laptop to the SVR?
More Solorigate malware. Document corruption. « Enemies of the People, » courtesy of Tehran. Vishing is up. Selling Speaker Pelosi’s stolen device to the SVR?
- 19 janvier 2021A day in the life of a security researcher.
I describe security research as the perpetual hunt to identify malicious cyber activity and threat actors. Sometimes I refer to it as collecting all the shiny cyber things. Either way, security research is a fabulous role because you can focus on areas that interest you. My focus is on cybercrime and emerging threats but the possible topics are broad and virtually endless.
- 19 janvier 2021APT side hustle (noun)
A nation-state hacking group’s practice of funding its town activities through cybercrime or cyber mercenary work.
- 18 janvier 2021SolarWinds through a first principle lens: around the Hash Table.
Two members of the CyberWire’s Hash Table of experts, Gary McAlum, USAA CSO and Don Welch, Penn State CIO, join Rick Howard to discuss the SolarWinds attack.
IT Security Guru
- 19 janvier 2021Vdoo Reveals an Extension Funding Round with Qumra Capital and Verizon Ventures Joining as Investors
Vdoo, a leader in product security for embedded software, today revealed it had extended its Series B funding to $57M, in an additional round led by Qumra Capital, Verizon Ventures, and others. The round was completed in the third quarter of last year, and the new funding was leveraged to expand Vdoo’s offering to the telco and smart utility space, at the backdrop of the connectivity surge induced …
- 19 janvier 2021Vishing attacks are stealing corporate accounts
The Federal Bureau of Investigation (FBI) has released a warning to notify people of the ongoing vishing attacks which are attempting to steal corporate accounts, as well as the account’s credentials, in order to gain network access and privileges from both US and international-based staff. The FBI PIN says, “during COVID-19 shelter-in-place and social distancing orders, many companies …
- 19 janvier 2021IObit hacked with malware spread to forum members
This weekend IObit, a Windows utility developer, was hacked resulting in strange DeroHE ransomware being distributed to a number of its forum users. IObit is a software developer that is known for anti-malware programs, such as Advanced SystemCare, and Windows system optimization. Over the weekend IObit forum members started to receive emails that were supposedly from IObit. The emails stated that …
- 19 janvier 2021Stealthy Miners Exploit Bitcoin Owners
The Bitcoin value is currently experiencing a high, with 1 Bitcoin worth around $36,000. With this, researchers have recorded an increase in coinminer malware which, according to Alexander Vukcevic “exploits other people’s computer resources for illegal mining activities.” This type of malware runs completely undetected on a victim’s computer. The aim of coinminer malware i …
- 19 janvier 2021Capitol Riots fuelling Disinformation Campaigns
The FBI released a “joint threat assessment” on Thursday detailing fears that “Russian, Iranian and Chinese influence actors have seized the opportunity to amplify narratives in furtherance of their policy interest amid the presidential transition.” Additionally, a U.S. Intelligence memo claims that a Russian “proxy” took advantage of the event to advance a con …
The Security Ledger
- 11 janvier 2021Researchers Test UN’s Cybersecurity, Find Data on 100k
Independent security researchers testing the security of the United Nations were able to compromise public-facing servers and a cloud-based development account for the U.N. and lift data on more than 100,000 staff and employees, according to a report released Monday. The post Researchers Test UN’s Cybersecurity, Find Data on 100k appeared first…Read the whole entry… » Related Storie …
- 8 janvier 2021Episode 199 COVID’s Other Legacy: Data Theft and Enterprise Insecurity
In this episode of the podcast (#199), sponsored by LastPass, we talk with Shareth Ben of Securonix about how massive layoffs that have resulted from the COVID pandemic put organizations at far greater risk of data theft. In our second segment, we’re joined by Barry McMahon, a Senior Global Product Marketing Manager at LogMeIn, to talk about…Read the whole entry… » Related StoriesEp …
- 31 décembre 2020Episode 198: Must Hear Interviews from 2020
Trying times have a way of peeling back the curtains and seeing our world with new eyes. We The post Episode 198: Must Hear Interviews from 2020 appeared first on The Security Ledger. Related StoriesEpisode 195: Cyber Monday Super Deals Carry Cyber RiskDHS Looking Into Cyber Risk from TCL Smart TVsEpisode 197: The Russia Hack Is A 5 Alarm Fire | Also: Shoppers Beware! …
- 28 décembre 2020Update: Neopets Is Still A Thing And Its Exposing Sensitive Data
Neopets, the virtual pets website has exposed a wide range of sensitive data online including information that might be used to identify site users, security researchers report. The post Update: Neopets Is Still A Thing And Its Exposing Sensitive Data appeared first on The Security Ledger. Related StoriesAmid Security Concerns: to Zoom or not to Zoom?Researchers Test UN’s Cybersecurity, Fin …
- 22 décembre 2020Update: DHS Looking Into Cyber Risk from TCL Smart TVs
The acting head of the U.S. Department of Homeland Security said the agency was assessing the cyber risk of smart TVs sold by the Chinese electronics giant TCL, following reports that the devices may give the company « back door » access to deployed sets. The post Update: DHS Looking Into Cyber Risk from TCL Smart TVs appeared first on The Security…Read the whole entry… » Related Stor …
- OpenWRT Project Community Investigating Data Breach
Open-Source Development Project Asking Members to Reset PasswordsOpenWRT, an open-source project that develops operating systems, firmware and other software for connected and embedded devices, is investigating a data breach after a hacker gained access to an administrator account and apparently was able to access usernames and email addresses for community members. …
- Microsoft Taking Additional Steps to Address Zerologon Flaw
Company Will Enforce Domain Controller Settings to Block ConnectionsMicrosoft is alerting customers that starting Feb. 9, it will enforce domain controller settings within Active Directory to block connections that could exploit the unpatched Zerologon vulnerability in Windows Server. Microsoft has been warning about the urgency of patching the flaw for months. …
- FBI Warns of Increase in Vishing Attacks
Hackers Attempt to Collect VPN CredentialsThe FBI is warning that hackers are increasingly using voice phishing, or vishing, to target remote and at-home workers as a way of harvesting VPN and other credentials to gain initial access to corporate networks. …
- Privacy Fines: Total GDPR Sanctions Reach $331 Million
But Across Europe, Total Fines and Breach Reports Continue to Vary Widely by CountryPrivacy watchdogs in Europe have imposed fines totaling more than $330 million since the EU’s General Data Protection Regulation went into full effect in May 2018, according to law firm DLA Piper. Over the past year, regulators received 121,000 data breach notifications, up 19% from the year before. …
- DoD: Notice of Proposed Rulemaking on Privacy Training
The Department of Defense and two other government agencies have issued a proposed rule designed to help ensure that government contractors provide adequate privacy training to their staff members.
- 19 janvier 2021SecurityWeek Names Ryan Naraine as Editor-at-Large
SecurityWeek has named Ryan Naraine as Editor-at-Large, adding a veteran cybersecurity journalist and podcaster to its editorial team. Naraine joins SecurityWeek from Intel Corp., where he most recently served as Director of Security Strategy and leader of the chipmaker’s security community engagement initiatives. Prior to Intel, he managed Kaspersky’s Global Research and Analysis Team …
- 17 décembre 2020Why Cyber Security Should Be at the Top of Your Christmas List
Santa has been making his list and checking it twice. Will you (and your organization's cyber security practices) make the Nice list? Or did you fall on the naughty side this year? Either way, now is the best time to begin preparation so that you are setup for a good Christmas in 2021. Right up to the end of the year, massive cyber-attacks and high-profile data breaches made headlines in 2020. …
- 17 décembre 2020United States Federal Government’s Shift to Identity-Centric Security
Across the globe, government agencies have begun transformation and modernization of their IT ecosystem to deliver services in an agile, secure, and timely efficient manner, this means broad and rapid adoption of cloud infrastructure and services at pace we've never seen, and now, we are now thrust into adopting changes to how we interact and connect to business applications, systems and data …
- 21 octobre 2020How Extreme Weather Will Create Chaos on Infrastructure
Extreme weather events will soon become more frequent and widespread, devastating areas of the world that typically don’t experience them and amplifying the destruction in areas that do. We have already seen devastating wildfires and an increase in hurricane activity this year in the United States. Uncovering shortcomings in technical and physical infrastructure, these events will cause sign …
- 21 octobre 2020BSIMM11 Observes the Cutting Edge of Software Security Initiatives
If you want to improve the security of your software—and you should—then you need the Building Security In Maturity Model (BSIMM), an annual report on the evolution of software security initiatives (SSIs). The latest iteration, BSIMM11, is based on observations of 130 participating companies, primarily in nine industry verticals and spanning multiple geographies. The BSIMM examines sof …
The K-12 Cybersecurity Resource Center
- 11 janvier 2021New ISAC for K-12 School Districts Fills a Key Cyber Intelligence Gap
School districts have their own distinct challenges as they strive to protect themselves against digital threats. It only makes sense that they have an ISAC of their own. Now they do. Continue reading New ISAC for K-12 School Districts Fills a Key Cyber Intelligence Gap at The K-12 Cybersecurity Resource Center. …
- 16 décembre 2020The Privacy of 100+ Million Children, Families, and Young Adults Is Unprotected
School districts across the US suffer from notoriously poor information security. This is at a time when school district spending on technology is at an all-time high. Why is this? Continue reading The Privacy of 100+ Million Children, Families, and Young Adults Is Unprotected at The K-12 Cybersecurity Resource Center. …
- 10 décembre 2020FBI/CISA/MS-ISAC Warn Schools on Cyber Threats
A new joint advisory – warning of cyber threats to K-12 schools – was released by the FBI, CISA, and MS-ISAC. Please share widely. Continue reading FBI/CISA/MS-ISAC Warn Schools on Cyber Threats at The K-12 Cybersecurity Resource Center. …
- 8 décembre 2020K12 SIX Launches 🚀
K12 SIX is the first and only national, non-profit organization dedicated solely to protecting schools from emerging cybersecurity threats. Continue reading K12 SIX Launches 🚀 at The K-12 Cybersecurity Resource Center. …
- 4 décembre 2020Wall Street Journal: Why Schools Are Getting Hacked
The WSJ’s Tawnell Hobbs has been writing about the issue of K-12 ransomware. This podcast focuses on the harrowing experience of a Texas school district featured in one of her recent stories. Continue reading Wall Street Journal: Why Schools Are Getting Hacked at The K-12 Cybersecurity Resource Center. …
Iain Fraser Journalist
Erreur: Il y a un erreur avec ce flux.
Internet Storm Center | SANS
Security Gladiators | Internet Security News
- 13 janvier 2021UK Court Rules Against WikiLeaks Founder Julian Assange’s Extradition to US
- 31 décembre 2020Shocking Cybercrime Schemes, Cases, Facts & Statistics During the COVID-19 Pandemic
- 18 décembre 2020Russian Hackers Target US Federal Agencies in Supply Chain Attacks
The post Russian Hackers Target US Federal Agencies in Supply Chain Attacks appeared first on Online Security News, Reviews, How To and Hacks.
- 16 décembre 2020What Will Ajit Pai Leaving the FCC Mean for Net Neutrality?
The post What Will Ajit Pai Leaving the FCC Mean for Net Neutrality? appeared first on Online Security News, Reviews, How To and Hacks.
- 2 octobre 2020What Threats Does TikTok Pose To National Security in the US?
The post What Threats Does TikTok Pose To National Security in the US? appeared first on Online Security News, Reviews, How To and Hacks.