Perpetual Disruption Part 1: What is Good Cybersecurity Governance in Health Care?

In this series, we’ll look at perpetual disruption and its impact on cybersecurity governance in multiple industries. First, we’ll start with health care.
 

With more than 400,000 crypto scams created in 2020, increase of 75% predicted for 2021
 

The findings of a Bolster report, along with real life examples, clearly correlate the rise in crypto scams to the value and popularity of cryptocurrencies as well as the increase in individuals seeking financial assistance during the COVID-19 pandemic.

Smart buildings: is BACnet a secure protocol?

 

If you don’t already work in a “smart building,” chances are that you will soon. By 2025, more than 75% of new construction will fit this category—and that’s not counting existing buildings.

Coca-Cola trade secret theft underscores importance of insider threat early detection

 

A research engineer used basic exfiltration techniques to steal trade secrets from Coca-Cola, but wasn't caught until she attempted to steal similar data from another company.
 

With more than 400,000 crypto scams created in 2020, increase of 75% predicted for 2021
 

The findings of a Bolster report, along with real life examples, clearly correlate the rise in crypto scams to the value and popularity of cryptocurrencies as well as the increase in individuals seeking financial assistance during the COVID-19 pandemic.

A Successful Security Platform Requires the Strongest Partner Ecosystem

What’s in a name? When it comes to the term ‘security platform,’ quite a lot, going by its overuse in the industry. This moniker is increasingly being deployed in the marketplace to describe varying types of solutions.
 

Email Verifiers and Data Breaches. What You Need to Know.

As hackers find ways to unlock your phone with your face while you sleep or using a photo from social media to do the same, researchers have developed a way to strengthen security by adding facial features such as smiles and winks to the mix.

After oil giant Shell hit by Clop ransomware gang, workers' visas dumped online as part of extortion attempt

A hackers find ways to unlock your phone with your face while you sleep or using a photo from social media to do the same, researchers have developed a way to strengthen security by adding facial features such as smiles and winks to the mix.

Smiles, winks in face recognition could increase phone security

As hackers find ways to unlock your phone with your face while you sleep or using a photo from social media to do the same, researchers have developed a way to strengthen security by adding facial features such as smiles and winks to the mix.

RDP Attacks Persist Near Record Levels in 2021

A wave of attacks targeting Remote Desktop Protocol has continued throughout the pandemic as more employees continue to work from home.
 

Cisco SD-WAN Cloud Hub with Google Cloud Delivers Enterprise Connectivity Over Global Cloud Network

Multicloud deployment is here to stay! According to Gartner, “the average enterprise now connects to more than 20 public cloud services, and these public cloud services frequently support performance-sensitive and business-critical applications like ERP and unified communications

Operation Diànxùn: Cyberespionage Campaign Targeting Telecommunication Companies

In this report the McAfee Advanced Threat Research (ATR) Strategic Intelligence team details an espionage campaign, targeting telecommunication companies, dubbed Operation Diànxùn.

Manufacturers, it’s time to reboot network security

Even before the drastic changes we saw as a result of 2020, manufacturers were under pressure to improve operational efficiency through digital transformation.
 

Half of Orgs Concerned Remote Working Puts Them at Greater Risk of Cyber-Attacks

Half of organizations are concerned that the shift to remote work is putting them a greater risk of cyber-attacks, according to a new study by LogMeIn in collaboration with IDG.

Half of Orgs Concerned Remote Working Puts Them at Greater Risk of Cyber-Attacks

Half of organizations are concerned that the shift to remote work is putting them a greater risk of cyber-attacks, according to a new study by LogMeIn in collaboration with IDG.

Scientists have built this ultrafast laser-powered random number generator

Using a single laser, scientists have built a new system that generates random numbers fast and at scale.

Warning: Google Alerts abused to push fake Adobe Flash updater

Threat actors are using Google Alerts to promote a fake Adobe Flash Player updater that installs other unwanted programs on unsuspecting users' computers.

Stolen Employee Credentials Put Leading Gaming Companies at Risk of Severe Cyber Attacks

Israeli-based cybersecurity firm Kela says more than 500,000 leaked credentials belonging to more than two dozen leading gaming companies were on sale on the dark web. 

Spam and phishing in 2020

Phishing and spam-based cyberattacks were prominent during 2020, with an added factor of the COVID-19 pandemic.
 

Cred-stealing trojan harvests logins from Chromium browsers, Outlook and more, warns Cisco Talos
 

Masslogger evolution rears its ugly head, $30 gets you three month license to cause carnage

How to Avoid Phishing Emails and Scams
 

It's a bigger threat than ever, but don’t worry. There are plenty of ways to defend yourself.

Phishers tricking users via fake LinkedIn Private Shared Document
 

Phishers are trying to trick users into opening a “LinkedIn Private Shared Document” and entering their login credentials into a fake LinkedIn login page, security researcher JB Bowers warns.

 

Modern románc, holdfény és tánc
 

A tavalyi esztendőben a társkereséssel kapcsolatos csalások száma jelentős növekedést mutatott.

 

New research reveals who’s targeted by email attacks

 

Every day, we stop more than 100 million harmful emails from reaching Gmail users. Last year, during the peak of the pandemic crisis we saw 18 million daily malware and phishing emails related to COVID-19.
 

North Korean attacks on crypto exchanges reportedly netted $316m in two years

 

North Korean attacks on crypto exchanges reportedly netted an estimated $316m in cryptocurrency in 2019 and 2020, according to a report by Japan’s Nikkei.
 

Barcode Scanner app on  infects 10 million users with one update

 

Late last December we started getting a distress call from our forum patrons. Patrons were experiencing ads that were opening via their default browser out of nowhere.
 

Visualize, validate policy and increase remote worker telemetry with Network Analytics Release 7.3.1

We have heard it before. Securing your organization isn’t getting any easier. The remote workforce is expanding the attack surface. We need context from users and endpoints to control proper access, and IT teams need to ensure our data stores are resilient and always available to gain the telemetry they need to reduce risk.

Is your boss spying on you as you work from home? One in five firms admit using secret software
 

 A surge in secret software used to spy on staff working from home during the pandemic has led to calls for new laws to be brought in against unscrupulous bosses.

Miért nem másolja egyszerűen vissza őket?

A Skót Környezetvédelmi Ügynökségtől (SEPA) 4000 dokumentumot loptak el zsarolóvírust terjesztő bűnözők. Itt is a ma már trendnek számító módszer zajlott, miszerint ha a megzsarolt áldozat nem fizet az elkódolt adatok visszaszerzéséért, akkor fizessen azért, hogy az elkövetők ne töltsék fel a lopott fájlokat publikus weboldalakra.

Italy CERT Warns of a New Credential Stealing Android Malware

Researchers have disclosed a new family of Android malware that abuses accessibility services in the device to hijack user credentials and record audio and video.

 

Social Media Oversharing Exposes 80% of Office Workers

Over 80% of British and American employees overshare on social media, potentially exposing themselves and their organization to online fraud, phishing and other cyber-threats, according to Tessian.

 

Cisco DNA Center Bug Opens Enterprises to Remote Attack

The high-severity security vulnerability (CVE-2021-1257) allows cross-site request forgery (CSRF) attacks.

Cybersecurity investments will increase up to 10% in 2021
 

A Canalys forecast predicts cybersecurity investments will increase 10% worldwide in the best-case scenario in 2021. Information security will remain a high priority this year, as the range of threats broadens and new vulnerabilities emerge, while the frequency of attacks is unlikely to subside.

Cryptomining Malware Takes Center Stage Again
 

According to a recent report by Avira, the use of cryptomining malware has increased by 53% quarter-on-quarter in the final three months of 2020. The reason behind this increase could be the soaring value of Bitcoin.

Cisco fixed multiple flaws in Cisco SD-WAN products and Smart Software Manager Satellite Web UI

Cisco fixed multiple flaws in Cisco SD-WAN products that could allow an unauthenticated, remote attacker to execute attacks against its devices.

Scammers Are Sending Fake Job Offers on LinkedIn

 

Fraudsters are impersonating real HR employees in fictitious job offers sent on LinkedIn, in a dubious scheme to get targets to share banking data.

 

Awareness isn’t enough -- it’s time for security leaders to change behaviors

 

Learn what you need to do to move beyond perfunctory awareness and training programs to change behavior and instill a security culture (the ABC of security).

Top Penetration Testing Toolkits Abused by Cybercriminals
 

Malware authors have been widely adopting open source security tools for cybercrime operations. Recently, Recorded Future released a report on the use of malicious C&C infrastructure throughout 2020 by tracking more than 10,000 C&C servers across more than 80 malware strains.
 

Cybersecurity teams are struggling with burnout, but the attacks keep coming
 

Coronavirus has obliged many organisations to force security teams to work remotely - and that's making the job of securing whole businesses against threats much harder.
 

Biometric security technology could see growth in 2021


 

Enterprise use of biometrics for security may see an uptick by organizations looking to defend themselves from attacks, but they must weigh the concerns against the benefits.


 

Microsoft, Google, Cisco, Dell join legal battle against hacking company NSO

 

Tech giants including Microsoft and Google on Monday joined Facebook’s legal battle against hacking company NSO, filing an amicus brief in federal court that warned that the Israeli firm’s tools were “powerful, and dangerous.”

 

Cybercriminals use psychology--cybersecurity pros should, too

 

Most successful cybercrimes leverage known human weaknesses. Isn't it time we stop getting psyched by the bad guys? Here are five steps cybersecurity pros can take now.
 

After Juspay, ClickIndia, ChqBook and WedMeGood have been reportedly hacked — data of over 10 million users up for sale on the dark web

After hacking masked credit and debit card data of crores of Juspay users, the same hacker possibly known as 'ShinyHunters' is now selling databases belonging to three more Indian companies on Dark Web, independent cyber security researcher Rajshekhar Rajaharia claimed on Wednesday.
 

Exfiltrating Data from Air-Gapped Computers via Wi-Fi Signals (Without Wi-Fi Hardware)
 

A security researcher has demonstrated that sensitive data could be exfiltrated from air-gapped computers via a novel technique that leverages Wi-Fi signals as a covert channel—surprisingly, without requiring the presence of Wi-Fi hardware on the targeted systems.  

Google Cloud Hires Goldman Sachs Man as First CISO

Google has hired the first security boss for its cloud business in the form of British-born Phil Venables. A 25+ year veteran of the industry with experience in CISO roles in some of the world’s biggest banks, Venables officially joined Google Cloud this month, according to his LinkedIn profile.

How COVID-19 has impacted the security threat landscape

A WatchGuard report reveals how COVID-19 has impacted the security threat landscape, with evidence that attackers continue to target corporate networks despite the shift to remote work, and a rise in pandemic-related malicious domains and phishing campaigns.

Cisco re-patches wormable Jabber RCE flaw

In September 2020, Cisco patched four Jabber vulnerabilities (including one wormable RCE flaw), but as it turns out, three of four have not been sufficiently mitigated.

Cyberattacks on the Rise for Digital Media and Entertainment Organizations

Cybercriminals are continuously attempting new and innovative ways to defeat security measures and controls to pilfer sensitive data.

A Broken Piece of Internet Backbone Might Finally Get Fixed

Efforts to secure the Border Gateway Protocol have picked up critical moments, including a big assist from Google.

IT-biztonság: felkészült munkavállaló, kisebb kockázat

As the Covid pandemic has brought about a sea change in the operations of most companies with work from home becoming the trend over the past 8-10 months, cyber security experts are of the view that several companies still need to be more proactive in terms of strengthening their systems against cyber attacks.

Researchers suggest 25 countries are using a kind of mobile spyware that monitors texts, location

A private surveillance firm that exploits mobile network vulnerabilities to spy on calls, texts and location data is doing business with at least 25 governments around the globe, including some with histories of human rights abuses, concludes a report released Tuesday.
 

Kibertámadások ostroma alatt a vállalati informatika

A koronavírussal érkező krízishelyzetben az üzletmenet folytonossága és a kiberbiztonság is forró téma lett szinte minden iparágban, a sürgető elvárásoknak pedig szinte lehetetlen megfelelni 

CISOs say a distributed workforce has critically increased security concerns

73% of security and IT executives are concerned about new vulnerabilities and risks introduced by the distributed workforce, Skybox Security reveals.

TikTok Awards Nearly $4,000 for Account Takeover Vulnerabilities

Vulnerabilities Could Have Allowed Hackers to Change Passwords of TikTok Accounts
 

How the pandemic has accelerated existing risk trends

COVID-19 has reorganized the risk landscape for chief audit executives (CAEs), as CAEs have listed IT governance as the top risk for 2021, according to Gartner. Analysts said the pandemic is giving rise to new sets of risks while exacerbating long-standing vulnerabilities.
 

Researcher Discloses Critical RCE Flaws In Cisco Security Manager
 

Cisco has published multiple security advisories concerning critical flaws in Cisco Security Manager (CSM) the networking equipment maker quietly released patches with version 4.22 of the platform.

Targeted Spear-Phishing on the Rise

The COVID-19-related phishing attempts targeting employees working from home.

Windows 10: Using Cisco's Webex Meetings for remote work? Patch now, warns Cisco

Cisco has fixes for high-severity security flaws in Cisco Webex Meetings for Windows and its recording playback apps.

  • White LinkedIn Icon
  • White Facebook Icon
  • White Twitter Icon
  • White YouTube Icon