Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490
Hackers | Fabricants | Magazines | Virus / Malware
Schneier
IT Security
- 8 mai 2018Putting FUD Back in Information Security
FUD is Fear, Uncertainty and Doubt. A tactic well played in the early days of Information Security. I never liked it because… well you know that Boy Who Cried Wolf story, right? It appears to me that FUD is making a strong comeback. This time instead of being used to help bolster InfoSec budgets or […] - 16 avril 2018Windows 10 Update Disrupts Pen Input; Microsoft Offers Potentially Dangerous Fix
A recent Microsoft security update – according to Wacom’s support pages, the OS build 16299.334 – has had a rather unexpected side-effect. Many users of have been experiencing issues where drawing apps, such as Photoshop, no longer function correctly. For example, pressing the pen to the tablet device does not “draw” as it should, but […] - 1 avril 2018Information Security and the Zero-Sum Game
A zero-sum game is a mathematical representation of a situation in which each participant’s gain or loss is exactly balanced by the losses or gains of the other participant. In Information Security a zero-sum game usually references the trade-off between being secure and having privacy. However, there is another zero-sum game often played with Information […] - 16 mars 2018Google’s new Gaming Venture: A New Player?
Google in Gaming – Facts and Speculation In January 2018, game industry veteran Phil Harrison announced that he was joining Google as a Vice President and GM. With Harrison’s long history of involvement with video game companies – having previously worked with Sony and Microsoft’s Xbox division – this immediately prompted speculation and rumours about […] - 9 février 2018Bubble Economies and the Sustainability of Mobile Gaming
Old Bubbles and New Bubbles Gaming is a technology-based market, and tech markets are no strangers to economic bubbles and the effects of them bursting. The market recession of the early 2000s, most commonly known as the Dotcom Crash, is probably the biggest and most influential ‘burst bubble’ of the internet era. The Dotcom Bubble […]
TAO Security
- 13 avril 2021New Book! The Best of TaoSecurity Blog, Volume 4
I’ve completed the TaoSecurity Blog book series.The new book is The Best of TaoSecurity Blog, Volume 4: Beyond the Blog with Articles, Testimony, and Scholarship. It’s available now for Kindle, and I’m working on the print edition. I’m running a 50% off promo on Volumes 1-3 on Kindle through midnight 20 April. Take advantage before the prices go back up.I described the new tit … - 1 avril 2021The Origins of the Names TaoSecurity and the Unit Formerly Known as TAO
What are the origins of the names TaoSecurity and the unit formerly known as TAO? IntroductionI’ve been reading Nicole Perlroth’s new book This Is How They Tell Me the World Ends. Her discussion of the group formerly known as Tailored Access Operations, or TAO, reminded me of a controversy that arose in the 2000s. I had heard through back channels that some members of that group were up … - 18 février 2021Digital Offense Capabilities Are Currently Net Negative for the Security Ecosystem
PropositionDigital offense capabilities are currently net negative for the security ecosystem.[0]The costs of improved digital offense currently outweigh the benefits. The legitimate benefits of digital offense accrue primarily to the security one percent (#securityonepercent), and to intelligence, military, and law enforcement agencies. The derived defensive benefits depend on the nature of … - 9 novembre 2020New Book! The Best of TaoSecurity Blog, Volume 3
Introduction I published a new book!The Best of TaoSecurity Blog, Volume 3: Current Events, Law, Wise People, History, and Appendices is the third title in the TaoSecurity Blog series. It’s in the Kindle Store, and if you have an Unlimited account, it’s free. I also published a print edition, which is 485 pages. Book DescriptionThe book features the following description … - 31 octobre 2020Security and the One Percent: A Thought Exercise in Estimation and Consequences
There’s a good chance that if you’re reading this post, you’re the member of an exclusive club. I call it the security one percent, or the security 1% or #securityonepercent on Twitter. This is shorthand for the assortment of people and organizations who have the personnel, processes, technology, and support to implement somewhat robust digital security programs, especially those with the detectio …
Information Security Buzz
- 14 avril 2021Apple Quietly Updated Some Of Its Top Hardware Due To Security Risks
As reported in techradar, Apple has apparently deleted the details about the change and created more confusion. “According to reports, Apple made changes to the firmware of some of its… The ISBuzz Post: This Post Apple Quietly Updated Some Of Its Top Hardware Due To Security Risks appeared first on Information Security Buzz. … - 14 avril 2021Security Researcher “Chrome 0day” Tweet – Expert Insight
Security researcher Rajvardhan Agarwal tweeted that he dropped a “chrome 0day,” sharing a proof-of-concept (PoC) in a GitHub repository. Security researcher Rajvardhan Agarwal tweeted that he dropped a “chrome 0day,” sharing a proof-of-concept (PoC)… The ISBuzz Post: This Post Security Researcher “Chrome 0day” Tweet – Expert Insight appeared first on Information Security Bu … - 13 avril 2021Iran Nuclear Facility Potential Cyber Attack – What Expert Says
It’s been reported that Iran’s Natanz nuclear facility was attacked, causing a power failure at the site yesterday. According to Israeli media, the attack is rumored to have been due… The ISBuzz Post: This Post Iran Nuclear Facility Potential Cyber Attack – What Expert Says appeared first on Information Security Buzz. … - 13 avril 2021Industry Leaders On Android.Joker Malware
Following the recent news about the half-million Huawei users downloading applications infected with Joker malware, industry leaders commented below. Following the recent news about the half-million Huawei users downloading applications… The ISBuzz Post: This Post Industry Leaders On Android.Joker Malware appeared first on Information Security Buzz. … - 13 avril 2021Expert Reaction On Pulse Secure VPN Users Can’t Login Due To Certificate Related Outage
Remote workers around the world have been unable to connect to Pulse Secure VPN devices after a code signing certificate used to digitally sign software components expired. Remote workers around… The ISBuzz Post: This Post Expert Reaction On Pulse Secure VPN Users Can’t Login Due To Certificate Related Outage appeared first on Information Security Buzz. …
gHacks
- 15 avril 2021Firefox Stable gets option to show modified preferences on about:config only
Mozilla added an option to the about:config page of Firefox Stable that allows users to list only modified preferences. The organization launched the option in Firefox Nightly in February 2021 initially. Firefox’s about:config page can best be described as a treasure trove for users who want to modified browser preferences that are, for the most part, not displayed in the user interface options. T … - 14 avril 2021Windows 10's upcoming Device Usage feature is unfortunately not very spectacular
Microsoft is working on a new feature called Device Usage that it plans to integrate in future versions of the operating system. Device Usage is available in the latest Insider builds for testing. When it was discovered initially by Twitter user Albacore, its scope was not clear immediately. The description revealed some information, that Windows would use the information to create personalized ex … - 14 avril 2021Ghacks Deals: The 2021 Complete Microsoft Azure Certification Prep Bundle (just $34.99)
The 2021 Complete Microsoft Azure Certification Prep Bundle includes six Azure certification courses for just $34.99. Courses are designed for users of all experience levels, and you may access them for lifetime. Here is the full list of courses and certifications that it covers: AZ-104 Azure Administrator Exam Certification 2021 Prove Your AZ-104 Microsoft Azure Administrator Skills to the World … - 14 avril 2021Manage your tasks efficiently with Todour, an open source, cross-platform client for Todo.Txt
While I use SimpleNote for storing long notes, flash cards, etc, I’ve always been a fan of Todo.Txt. It was about the time when Wunderlist was shut down, that I opted for an offline to-do format, this way I don’t have to worry about a service shuttering and I also get more control over the data. The beauty of Todo.Txt is that you can use nearly any text editor to manage the list, and you can sync … - 14 avril 2021Vivaldi says no to Google's FLoC as well
More and more Chromium-based browser makers confirm that they won’t include Google’s FLoC technology in their browsers. DuckDuckGo added FLoC blocking capabilities to its extension recently. Brave revealed earlier this week that it won’t include FLoC in the browser. Vivaldi Technologies published a new blog post on the official company blog in which it confirmed that the Vivaldi browser won’t sup …
SecurityWeek
- 16 septembre 2020Box Showcases New Offerings for Remote Working Environment
The primary problem caused by the growth in remote working is a new degree of complexity. The threats remain the same, but the solutions must be new. Box on Wednesday announced additions and enhancements to its range of products designed for the growing remote working environment. read more … - 16 septembre 2020U.S. House Passes IoT Cybersecurity Bill
The U.S. House of Representatives this week passed the IoT Cybersecurity Improvement Act, a bill whose goal is to improve the security of IoT devices. read more … - 16 septembre 2020Nozomi Networks Becomes CVE Numbering Authority
Nozomi Networks, a company that specializes in the security of OT and IoT systems, on Tuesday announced that it has become a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA). read more … - 16 septembre 2020NSA Publishes Guidance on UEFI Secure Boot Customization
The United States National Security Agency (NSA) this week published guidance on how the Unified Extensible Firmware Interface (UEFI) Secure Boot feature can be customized to fit an organization’s needs. read more … - 16 septembre 2020More Links Found Between North Korean and Russian Hacking Operations
Security researchers with Intel 471 have identified connections between cyber-activities attributed to North Korean hackers and those of Russian cybercriminals. read more …
Help Net Security
- 15 avril 2021Open source security, license compliance, and maintenance issues are pervasive in every industry
Synopsys released a report that examines the results of more than 1,500 audits of commercial codebases. The report highlights trends in open source usage within commercial applications and provides insights to help commercial and open source developers better understand the interconnected software ecosystem they are part of. It also details the pervasive risks posed by unmanaged open source, inclu … - 15 avril 2021Machine learning-powered cybersecurity depends on good data and experience
According to IDG’s 2020 Cloud Computing Study, 92% of organizations have at least some sort of cloud footprint in regard to their IT environment. Therefore, traditional cloud security approaches must evolve to keep up with the dynamic infrastructure and challenges that cloud environments present – most notably, the inundation of data insights generated within the cloud. Machine learning-powe … - 15 avril 2021The future of touchless visitor management lies with biometrics
With so many people making their way into an office building on any given day – whether as a prospective job candidate, a vendor with a delivery, or for a client meeting – it is vital that today’s visitor and employee management systems are prepared to keep the grounds safe from unwanted visitors, including COVID-19. When the coronavirus pandemic abruptly made its way into our lives, v … - 15 avril 2021Advice for aspiring threat hunters, investigators, and researchers from the old town folk
There’s a big cohort of security geeks who joined the industry around the turn of the millennium by either landing “infosec” jobs or, quite frequently, just by making infosec their job despite having some other formal job title. I count myself in this group, and we are becoming the old town folk. Many of my closest friends and colleagues have moved from fingers-on-the-keyboard investigators or res … - 15 avril 2021The impact of the pandemic on AML compliance and fraud strategies
New research from FICO highlights the key challenges North American fraud and financial crime teams faced amidst the COVID-19 pandemic. 68 percent of senior executives said that remote working had a major impact on maintaining effective fraud and financial crime prevention functions within their organizations, during the past 12 months. The survey, conducted by independent research firm OMDIA, fou …
Naked Security – Sophos
- 14 avril 2021FBI hacks into hundreds of infected US servers (and disinfects them)
Hacking for good! A judge said I could! - 13 avril 2021IoT bug report claims “at least 100M devices” may be impacted
The programmers among us are learning… but not always quickly enough, it seems. Here’s some food for coding thought… - 12 avril 2021Apple and Google block official UK COVID-19 app update
UK coronavirus app update apparently included « feature creep » that’s explicitly prohibited by Apple’s and Google’s programming rules. - 12 avril 2021Naked Security Live – How to spot “government” scammers
Latest episode – watch now, and please share with your friends and family! - 9 avril 2021Pwn2Own 2021: Zoom, Teams, Exchange, Chrome and Edge “fully owned”
Two lucky winners scooped $200k for just 20 minutes’ work – if you don’t count the days, weeks and months of meticulous effort beforehand - 8 avril 2021Italian charged with hiring “dark web hitman” to murder his ex-girlfriend
Fortunately, this suspect wasn’t as anonymous as he thought… - 8 avril 2021S3 Ep27: Census scammers, beg bounties and data breach fines [Podcast]
New episode – listen now! - 6 avril 2021Too slow! Booking.com fined for not reporting data breach fast enough
It’s not just the breach, it’s the speed of the breach response… - 1 avril 2021Criminals send out fake “census form” reminder – don’t fall for it!
Don’t fall for fake text messages, no matter how realistic the website looks if you click through. - 1 avril 2021S3 Ep26: Apple 0-day, crypto vulnerabilities and PHP backdoor [Podcast]
Latest episode – listen now!
SearchSecurity
CSO | Security News
- 14 avril 2021Tips to improve domain password security in Active Directory
The concept of zero trust is that nothing should be trusted by default. Most of us are trying to work our way to zero trust but are not there yet. Until then, you can take steps to protect your networks better, starting with handling passwords better in your domain. Here are some tips: [ What is two-factor authentication (2FA)? Learn how to enable it and why you should. | Get the latest from CSO b … - 13 avril 20216 tips for receiving and responding to third-party security disclosures
Organizations—especially large companies—often don’t learn about an intrusion or breach of their systems until an external party like a security researcher, law enforcement agency or business partner alerts them to it. The expanding range of attack methods, the growing use of open-source components, and the adoption of cloud services have significantly expanded the attack surface at many organizat … - 13 avril 20217 new social engineering tactics threat actors are using now
It’s been a boom time for social engineering. Pandemic panic, desperation as income concerns grew, and worry over health and wellness made it easier for criminals to tap into fear.Social engineering, of course, means attacking the user rather than the computing system itself, trying to extract information or incite an action that will lead to compromise. It’s as old as lying, with a new name for t … - 12 avril 20215 perspectives on modern data analytics
You can’t navigate business challenges without the right instruments. Done right, analytics initiatives deliver the essential insights you need, as these five articles explore. - 12 avril 2021How data poisoning attacks corrupt machine learning models
Machine learning adoption exploded over the past decade, driven in part by the rise of cloud computing, which has made high performance computing and storage more accessible to all businesses. As vendors integrate machine learning into products across industries, and users rely on the output of its algorithms in their decision making, security experts warn of adversarial attacks designed to abuse …
Graham Cluley
- 14 avril 2021Smashing Security podcast #223: Booze, nudes, and insurance dudes
Should insurance companies be banned from helping companies pay ransomware demands? How has malware messed with motorcars in the United States? And how are cybercriminals exploiting alcohol drinking during the pandemic? All this and much more is discussed in the latest edition of the award-winning « Smashing Security » podcast by computer security veterans Graham Cluley and Carole Theriault, joined … - 14 avril 2021School janitor says she was fired for not installing smartphone tracking app
A school janitor has lost her job, and she says it’s because she refused to download a smartphone app that would track her location. - 13 avril 2021Ransomware attack causes supermarket cheese shortage in the Netherlands
Shoppers at Dutch supermarkets may have noticed that some cheeses were in short supply last week, and it was cybercriminals who are to blame. Read more in my article on the Hot for Security blog. - 13 avril 2021A helpful reminder about just how much Facebook stalks you on the internet
Many Facebook users think they only have to worry about the data that they personally share about themselves on Facebook, by posting messages on the site, connecting with their friends, and liking posts. But the truth is that Facebook knows much more about you than that, by collecting data from your activities off-site as well. - 12 avril 2021Upstox warns of serious data breach, resets passwords
Indian stock trading firm Upstox has revealed to users that it has suffered a serious security breach that may have seen unauthorised criminal access to millions of customers’ personal information.
Cybersecurity Insiders
- 15 avril 2021Under the Hood: Inside (ISC)² Exam Development Cycle
Clar Rosso, (ISC)² CEO and Casey Marks, Chief Product Officer and VP, (ISC)² recently hosted the latest in our new Inside (ISC)² webinar series, a quarterly series designed to give members a glimpse of the latest developments from inside the association, as well as an opportunity to ask questions. The March 23 session included milestones from the first quarter, as well as a deep dive into (ISC)² … - 15 avril 2021Hush – This Data Is Secret
Is There Ever Too Much Data? As a security practitioner, you know that businesses are fuelled not only by people but by data. Years ago, the phrase “Big Data” was a new, innovative way to gain a business advantage. Now, big data is the norm. When we think of all the data that has been gathered, we must stop and wonder about what is contained in that data. Many important, and often private details … - 15 avril 2021Cybersecurity and IT Consulting Firm SecureTech360 to Expand in Fairfax County, Create 10 New Jobs
FAIRFAX COUNTY, Va.–(BUSINESS WIRE)– #cyber–SecureTech360 LLC, a small, woman- and veteran-owned IT consulting firm, will invest $155,000 to grow in Fairfax County, Va., and create 10 new jobs. The post Cybersecurity and IT Consulting Firm SecureTech360 to Expand in Fairfax County, Create 10 New Jobs appeared first on Cybersecurity Insiders. … - 14 avril 2021What educational institutions need to do to protect themselves from cyber threats
This blog was written by an independent guest blogger. Educational institutions are reaping the many benefits and new possibilities offered by online learning, but these new methods of educational instruction come with serious cyber security concerns. These institutions are also a prime focus for hackers because they often host a lot of sensitive data about teachers and students. Furthermore … - 14 avril 2021Phishing towards failed trust
This blog was written by an independent guest blogger. Phishing exercises are an important tool towards promoting security awareness in an organization. Phishing is effective, simply because it works. However, any social engineer can devise a marvelously deceptive message with an irresistible link that only the most tech-savvy person would spot as a phishing test. Sometimes, the …
The CyberWire
- 15 avril 2021Being aware can go a long way to prevent attacks.
Guest Herb Stapleton, the FBI’s cyber division sector chief, joins Dave to talk about the FBI’s Internet Crime Complaint Center (IC3) annual report and its findings, Joe’s story is about an ongoing IRS impersonation scam targeting educational organizations, Dave shares a story from the BBC about people using their pets names as passwords (tell us that hasn’t crossed your mind or your keyboard befo … - 14 avril 2021CISA updates Emergency Directive 21-02. Data breach detection. Data security and the education sector. SolarWinds compromise affects Tampa.
CISA updates its Microsoft Exchange remediation directive. Data breaches are being detected more quickly. SolarWinds and the city of Tampa. The education sector and data security. - 14 avril 2021Microsoft acquires Nuance Communications. Veriff raises $69 million.
Microsoft acquires Nuance Communications. Veriff raises $69 million. - 14 avril 2021The IAEA investigates the Natanz incident (amid conflicting reports on the nature of the sabotage). Mopping up the SolarWinds Exchange Server hacks.
Updates on Natanz, where the nature of the sabotage remains unclear–it happened, but there are conflicting explanations of how. Electrical utilities on alert for cyberattack, especially after the SolarWinds incident. The US Government takes extraordinary steps to fix the Microsoft Exchange Server compromise. Joe Carrigan analyses effective phishing campaigns. Our guest is the FBI’s Herb Stapleton … - 14 avril 2021Cyber-loss indemnity clauses. US Annual Threat Assessment is out. Industry participation in supply chain security standards development.
Solicitors Regulation Authority preps guidance on cyber-loss indemnity clauses. US Intelligence Community issues its Annual Threat Assessment. Industry groups welcome opportunity to shape supply chain security standards.
IT Security Guru
- 14 avril 2021Capcom release final update on ransomware attack
Capcom has released the final update on their investigation into the major ransomware attack they suffered last year. The investigation has found that the attackers accessed the company through an outdated VPN device. Through this avenue, the attackers were able to access the companies network, as well as any compromised devices in the network. The attack took place in November 2020, when Capcom w … - 14 avril 2021FBI removed web shells from Exchange Servers without consent
The FBI has been removing web shells from compromised Microsoft Exchange serves following court authorisation. However, owners of the Microsoft Exchange servers were never informed or able to approve of the FBI’s actions. In February, the hacking group HAFIUM exploited several vulnerabilities in Microsoft Exchange’s servers. The group installed web shells in compromised Exchange server … - 13 avril 2021Synopsys Study reveals increase in Vulnerable, Outdated, and Abandoned Open Source Components in Commercial Software
Synopsys, Inc. has released its 2021 Open Source Security and Risk Analysis (OSSRA) report, which examines the result of more than 1,500 audits of commercial codebases. Produced by the Synopsys Cybersecurity Research Center (CyRC) and performed by the Black Duck® Audit Services team, the report highlights trends in open source usage within commercial applications, while simultaneously providing i … - 13 avril 2021Promising news: users are becoming more savvy to COVID-19 based phishing attacks finds KnowBe4
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, has revealed the results of its latest 2021 top-clicked phishing report. It found that, despite still seeing a few phishing email attacks related to COVID-19, users are becoming more savvy and alert to these types of scams. Real phishing emails that were reported to IT departments related to s … - 13 avril 2021Tim Mackie takes lead channel role for Armis
Armis®, the agentless device security platform, today announced the appointment of Tim Mackie as the new Worldwide Vice President of Channel. As part of Armis’ commitment to its global channel partner programme and the accelerating demand for businesses to collaborate with it, Mackie has been appointed to lead this high growth function. Mackie is a well-respected leader within the cybersecurity a …
The Security Ledger
- 8 avril 2021Episode 210: Moving The Goal Posts On Vendor Transparency: A Conversation With Intel’s Suzy Greenberg
In this episode of the podcast, Paul speaks with Intel Vice President Suzy Greenberg about a new survey by the Poneman Institute that shows how customers’ expectations are changing when it comes to vendor transparency about software vulnerabilities. The post Episode 210: Moving The Goal Posts On Vendor Transparency: A Conversation With…Read the whole entry… » Related StoriesEpisode … - 2 avril 2021Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges
The information security industry needs both better tools to fight adversaries, and more people to do the fighting, says Fortinet Deputy CISO Renee Tarun in this interview with The Security Ledger Podcast’s Paul Roberts. The post Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges appeared first on The…Read the whole entry… » Related StoriesEpisode 2 … - 30 mars 2021Critical Flaw Found In Widely Used Netmask Open Source Module
An IP address parsing flaw in the netmask NPM module affects hundreds of thousands of applications that rely on it. But that may be just the tip of the iceberg, researchers warn. The post Critical Flaw Found In Widely Used Netmask Open Source Module appeared first on The Security Ledger. Related StoriesEpisode 201: Bug Hunting with Sick CodesEpisode 210: Moving The Goal Posts On Vendor Transparenc … - 26 mars 2021Episode 208: Getting Serious about Hardware Supply Chains with Goldman Sachs’ Michael Mattioli
In this week’s Security Ledger Podcast, sponsored by Trusted Computing Group, we’re talking about securing the hardware supply chain. We’re joined by Michael Mattioli, a Vice President at Goldman Sachs who heads up that organization’s hardware supply chain security program. The post Episode 208: Getting Serious about Hardware Supply…Read the whole entry… » Related StoriesEpisode 210 … - 19 mars 2021Episode 207: Sarah Tatsis of BlackBerry on finding and Keeping Women in Cyber
In this week’s episode of the podcast (#207) we speak with Sara Tatsis of the firm Blackberry about her 20 year career at the legendary mobile device maker and the myriad challenges attracting women to- and keeping them in the information security field. The post Episode 207: Sarah Tatsis of BlackBerry on finding and Keeping Women in Cyber…Read the whole entry… » Related StoriesEnco …
GovInfoSecurity.com
- Senators Push for Changes in Wake of SolarWinds Attack
Intelligence Hearing Focuses on Need for Federal Breach Notification Law, Fixing ‘Blind Spots’The SolarWinds supply chain attack that led to follow-on attacks on nine government agencies and 100 companies points to the need for a federal law requiring prompt breach notification, several senators said at a Wednesday hearing. … - Phishing Campaign Targeting COVID Vaccine 'Cold Chain' Expands
Updated Report From IBM Provides New DetailsCybercriminals, likely backed by nation-states, are expanding global spear-phishing campaigns targeting the COVID-19 vaccine « cold chain » in an attempt to steal credentials so they can gain « privileged insight » into sensitive information, the IBM Security X-Force says in an updated report. … - Sweden: Russians Behind Sports Confederation Hack
But Nation Won’t Pursue Legal Action in the CaseThe Russian state-sponsored group Fancy Bear was responsible for breaches at the Swedish Sports Confederation that resulted in hackers accessing sensitive athlete information, including doping test results, according to the Swedish Prosecution Authority. But Sweden will not pursue legal action in the case. … - Defining Synthetic ID Fraud: How It Helps With Mitigation
Fed Releases a Definition That Could Make It Easier to Identify Red FlagsNow that the Federal Reserve has issued a definition for synthetic ID fraud, fraud-fighting efforts likely will improve because it will be easier to identify red flags, some security experts say. … - DoD: Notice of Proposed Rulemaking on Privacy Training
The Department of Defense and two other government agencies have issued a proposed rule designed to help ensure that government contractors provide adequate privacy training to their staff members.
Infosec Island
- 13 avril 2021Cloud Security Alliance Shares Security Guidance for Crypto-Assets Exchange
The Cloud Security Alliance (CSA) has released new Crypto-Asset Exchange Security Guidelines, a set of guidelines and best practices for crypto-asset exchange (CaE) security. Drafted by CSA’s Blockchain/Distributed Ledger Working Group, the document provides readers with a comprehensive set of guidelines for effective exchange security to help educate users, policymakers, and cybersec … - 9 mars 2021Intel Corp. to Speak at SecurityWeek Supply Chain Security Summit
Join Intel on Wednesday, March 10, at SecurityWeek’s Supply Chain Security Summit, where industry leaders will examine the current state of supply chain attacks. Hear Intel’s experts discuss the need for transparency and integrity across the complete product lifecycle, from build to retire. Into the Spotlight: Is Supply Chain Ready for the Magnifying Glass? Listen in on a … - 24 février 2021GitHub Hires Former Cisco Executive Mike Hanley as Chief Security Officer
Software development platform GitHub announced on Wednesday that it has hired Mike Hanley as its new Chief Security Officer (CSO). Hanley joins GitHub from Cisco, where he served as Chief Information Security Officer (CISO). He arrived at Cisco via its $2.35 billion acquisition of Duo Security in 2018. “As the largest global network of developers, GitHub is also crucial to supp … - 23 février 2021Reddit Names Allison Miller as Chief Information Security Officer (CISO)
Social news community site Reddit announced on Monday that it has hired Allison Miller as Chief Information Security Officer (CISO) and VP of Trust. Miller joins Reddit from Bank of America where she most recently served as SVP Technology Strategy & Design, and had been overseeing technology design and engineering delivery for the bank’s information security organization. She previ … - 19 janvier 2021SecurityWeek Names Ryan Naraine as Editor-at-Large
SecurityWeek has named Ryan Naraine as Editor-at-Large, adding a veteran cybersecurity journalist and podcaster to its editorial team. Naraine joins SecurityWeek from Intel Corp., where he most recently served as Director of Security Strategy and leader of the chipmaker’s security community engagement initiatives. Prior to Intel, he managed Kaspersky’s Global Research and Analysis Team …
The K-12 Cybersecurity Resource Center
- 3 mars 2021March 10: K-12 Cybersecurity Leadership Summit
Join us at the inaugural ‘K-12 Cybersecurity Leadership Summit’ – a free half-day event on leadership issues related to K-12 cybersecurity for school and district leaders, policymakers, K-12 IT practioners, and vendors. Continue reading March 10: K-12 Cybersecurity Leadership Summit at The K-12 Cybersecurity Resource Center. … - 11 janvier 2021New ISAC for K-12 School Districts Fills a Key Cyber Intelligence Gap
School districts have their own distinct challenges as they strive to protect themselves against digital threats. It only makes sense that they have an ISAC of their own. Now they do. Continue reading New ISAC for K-12 School Districts Fills a Key Cyber Intelligence Gap at The K-12 Cybersecurity Resource Center. … - 16 décembre 2020The Privacy of 100+ Million Children, Families, and Young Adults Is Unprotected
School districts across the US suffer from notoriously poor information security. This is at a time when school district spending on technology is at an all-time high. Why is this? Continue reading The Privacy of 100+ Million Children, Families, and Young Adults Is Unprotected at The K-12 Cybersecurity Resource Center. … - 10 décembre 2020FBI/CISA/MS-ISAC Warn Schools on Cyber Threats
A new joint advisory – warning of cyber threats to K-12 schools – was released by the FBI, CISA, and MS-ISAC. Please share widely. Continue reading FBI/CISA/MS-ISAC Warn Schools on Cyber Threats at The K-12 Cybersecurity Resource Center. … - 8 décembre 2020K12 SIX Launches 🚀
K12 SIX is the first and only national, non-profit organization dedicated solely to protecting schools from emerging cybersecurity threats. Continue reading K12 SIX Launches 🚀 at The K-12 Cybersecurity Resource Center. …
Iain Fraser Journalist
InfoSec News
Erreur: Il y a un erreur avec ce flux.
Internet Storm Center | SANS
Security Gladiators | Internet Security News
- 13 janvier 2021UK Court Rules Against WikiLeaks Founder Julian Assange’s Extradition to US
The post UK Court Rules Against WikiLeaks Founder Julian Assange’s Extradition to US appeared first on Online Security News, Reviews, How To and Hacks.
- 31 décembre 2020Shocking Cybercrime Schemes, Cases, Facts & Statistics During the COVID-19 Pandemic
The post Shocking Cybercrime Schemes, Cases, Facts & Statistics During the COVID-19 Pandemic appeared first on Online Security News, Reviews, How To and Hacks.
- 18 décembre 2020Russian Hackers Target US Federal Agencies in Supply Chain Attacks
The post Russian Hackers Target US Federal Agencies in Supply Chain Attacks appeared first on Online Security News, Reviews, How To and Hacks.
- 16 décembre 2020What Will Ajit Pai Leaving the FCC Mean for Net Neutrality?
The post What Will Ajit Pai Leaving the FCC Mean for Net Neutrality? appeared first on Online Security News, Reviews, How To and Hacks.
- 2 octobre 2020What Threats Does TikTok Pose To National Security in the US?
The post What Threats Does TikTok Pose To National Security in the US? appeared first on Online Security News, Reviews, How To and Hacks.