Some strategies for CISOs freaked out by the specter of federal indictments
Recent legal actions against top cybersecurity professionals have sent shockwaves through the information security community in recent years, sparking fear and uncertainty over whether decisions made...
View ArticleSocial engineering: Definition, examples, and techniques
What is social engineering? Social engineering is the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems, or data. For example, instead...
View ArticleDell data breach exposes data of 49 million customers
Dell Technologies has sent out emails to its customers, warning them of a data breach that potentially exposed the information of approximately 49 million customers. The emails come days after a...
View ArticleGoogle Chrome gets a patch for actively exploited zero-day vulnerability
Google released a Chrome stable update Thursday to patch a high-risk severity vulnerability that was being exploited in the wild, the second zero-day to be patched in Chrome this year. The...
View ArticleCISA inks 68 tech vendors to secure-by-design pledge — but will it matter?
Some of the biggest names in the tech industry signed onto a public pledge, backed by the US Cybersecurity and Infrastructure Security Agency, promising to implement important software security...
View ArticleRidding your network of NTLM
Microsoft has hinted at a possible end to NTLM a few times, but with quite a few Windows 95 or 98 in use that do not support the alternative, Kerberos, it won’t be an easy job to do. There is the...
View ArticleIntelBroker steals classified data from the Europol website
The EU’s law enforcement agency, Europol, has fallen victim to a data breach compromising sensitive, classified data on one of its web platforms, Europol Platform for Experts (EPE). According to a...
View ArticleDownload the SASE and SSE enterprise buyer’s guide
These two related technologies — Secure Access Service Edge (SASE) and Secure Service Edge (SSE) — address a new set of challenges that enterprise IT faces as employees shifted to remote work and...
View ArticleLow-tech tactics still top the IT security risk chart
Low-tech attack vectors are being adapted by cyber criminals to overcome security defenses because they can often evade detection until it’s too late. USB-based attacks, QR codes in phishing emails,...
View ArticleEquipped with AI tools, hackers make apps riskier than ever
An application is more likely to be attacked over a four-week period in 2024 than it was a year back, and the odds are rising by the day, according to a Digital.ai report. Gathering data from its App...
View ArticleNew threat trends emerge out of East Asia
Since June 2023, Microsoft has been tracking activity from multiple Chinese and North Korean nation-state groups. Our observations indicate that these threat actors are doubling down on familiar...
View ArticleAustralian federal budget outlines investment in cybersecurity
The Australian federal government has announced the 2024-2025 budget, which includes investments in safe data storage for the upcoming Census, improving the data capability and cyber security of...
View ArticleFBI warns Black Basta ransomware impacted over 500 organizations worldwide
A ransomware-as-a-service operation known as Black Basta has grown to be one of the most prolific cybercrime threats over the past two years, managing to compromise over 500 organizations from around...
View ArticleBacklogs at National Vulnerability Database prompt action from NIST and CISA
Backlogs at the US National Vulnerability Database (NVD), a critical source of information about security flaws in software, have reached crisis proportions, prompting federal agencies to seek help...
View ArticleClock is ticking for companies to prepare for EU NIS2 Directive
Time is running out for businesses to prepare for looming new EU cyber security legislation and risk severe penalties for noncompliance. The Network and Information Systems Directive 2022/0383 –...
View ArticleSinging River ransomware attack now thought to have affected over 895,000
Singing River Health System (SRHS) has more than trebled its estimate of the number of persons affected by the ransomware attack it suffered in August 2023. The health care provider now estimates that...
View ArticleHow you may be affected by the new proposed Critical Infrastructure Cyber...
Creating a world that is safer and more secure is core to our vision at Palo Alto Networks, but this only can be achieved if we’re collectively making the internet, as a whole, safer. To do this...
View ArticleMicrosoft fixes three zero-day vulnerabilities, two actively exploited
Microsoft released its monthly batch of security fixes on Tuesday, which included patches for three vulnerabilities that already had exploits available. Two of those vulnerabilities are being actively...
View ArticleCyber resilience: A business imperative CISOs must get right
In May 2021, when Colonial Pipeline was targeted by the DarkSide hackers, CEO Joseph Blount made the highly controversial decision to pay the $4.4 million ransom. The attack put critical US...
View ArticleBreachForums seized by law enforcement, admin Baphomet arrested
Global law enforcement authorities have seized BreachForums, a notorious hacker forum threat actors used to sell stolen data, and related messaging channels in the Telegram app in a coordinated...
View Article