Category: Cybersecurity Insiders

Twitter issued a public statement stating that parts of its source code were leaked on GitHub and that its officials were trying their best to file a DMCA to take down the leaked content from the web and identify the…

Read more →

OpenAI-developed ChatGPT has hit the news headlines because user information has been leaked on the web by some threat actors who claim to have accessed and stolen data from the database of the OpenAI platform via a bug vulnerability. As…

Read more →

Artificial intelligence (AI) and machine learning (ML) are two terms that are often used interchangeably, but they are not the same. As AI and ML are related, but they have distinct differences. In this article, we will explore the differences…

Read more →

Are you ready to take your (ISC)² exam? If so, there is a slight change to the process! When you’re ready to schedule your exam, please log in to your account at isc2.org.* Whether you’re pursuing your first (ISC)² certification,…

Read more →

Health-ISAC, a nonprofit, private sector, member-driven organization, has released its annual cyber threat report on current and emerging threat activity in the healthcare industry, in collaboration with Booz Allen Hamilton Cyber Threat Intelligence. The report provides actionable intelligence to healthcare…

Read more →

Microsoft has detected that a Russian-affiliated hacking group dubbed Killnet has been targeting healthcare apps being hosted on the Azure cloud platform. The tech giant claims that the activity has occurred for over three months, i.e. between November 2022 and…

Read more →

For the first time in the Indian history and probably in the world, the police officials of Hyderabad City of Telangana, India have arrested a gang for committing data thefts and selling data of appx 16.8 crore citizens including 1.2…

Read more →

By Gal Helemski, co-founder and CTO, PlainID The number of access rules that must be managed across directories, applications, repositories, and other platforms by today’s digitally oriented enterprises is growing at an unprecedented pace. One of the major security headaches…

Read more →

AT&T Alien Labs researchers have discovered a new variant of BlackGuard stealer in the wild, infecting using spear phishing attacks. The malware evolved since its previous variant and now arrives with new capabilities. Key takeaways: BlackGuard steals user sensitive information…

Read more →

The law enforcement agencies from South Korean and Germany have issued a red-alert against a threat actor named Kimsuky for using rogue browser extensions to steal data from the Gmail inboxes of users. Issuing a statement on a joint note,…

Read more →

When a smartphone starts recording a conversation that took place in its vicinity without the knowledge of the user, it leads to the crisis of ‘Sonic Snooping’. And according to a study made by cybersecurity specialists from NORDVPN, this phenomenon…

Read more →

Is your organization doing enough to protect its environment from hackers? In 2021, U.S. companies lost nearly $7 billion to phishing scams, malware, malvertising, and other cybercrimes. Experts estimate that by 2025, such schemes will cost businesses worldwide more than…

Read more →

By John E. Dunn  Two arrests for alleged ransomware crimes and some useful intel. But will the latest Europol action make any difference?  Following an international operation encompassing law enforcement agencies in Germany, Ukraine, the Netherlands and the U.S., Europol…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Customers’ willingness to give you their personal data…

Read more →

Ransomware is a form of malicious software (malware) that restricts access to computer files, systems, or networks until a ransom is paid. In essence, an offender creates or purchases ransomware, then uses it to infect the target system. Ransomware is…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. ​ According to the Open Web Application Security Project…

Read more →

The latest meeting that took place between two powerful leaders of the world has given the world the hint that both these leaders intend to rule the fields related to Information Technology, Cyber Security and Artificial Intelligence in the near…

Read more →

Cybercriminals are smarter, faster, and more relentless in their attacks than in times past. Data breaches are a serious threat to organizations, but vulnerability management automation can help reduce the number of incidents businesses face each year. Managing vulnerabilities is…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  “Why are you here if you cannot decrypt…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  More and more, people are completing the entire…

Read more →

With the increasing need for online privacy and security, Virtual Private Networks (VPNs) have become a popular solution for internet users. VPNs allow users to access the internet securely and privately by encrypting their internet traffic and hiding their IP…

Read more →

Firewall optimization (also known as firewall analysis) is the process of analyzing and adjusting the configuration and policy set of a firewall to improve performance and security. This process involves reviewing and corelating log data and device configurations, identifying potential…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  In a highly connected, internet-powered world, transactions take…

Read more →

For some of you, the phrase “Shoulder Surfing” might be new or you might assume it to be synonymous, but is not in practical. What is Shoulder Surfing? It is nothing but a threat actor trying to gain sensitive information…

Read more →

Ferrari, the luxury car maker has made an official announcement that some of its systems were operating under control of hackers, resulting in a data breach. The company immediately pulled down the compromised servers from the corporate computer network and…

Read more →

By John E. Dunn  Phishing attacks depend on creating huge numbers of lookalike ‘confusable’ domains. A new report has highlighted the most prevalent examples and suggested a way to detect phishing domains before they are used in anger.   Ever since…

Read more →

Some of the biggest prevailing challenges in the cybersecurity world over the last year have been those revolving around securing the software supply chain across the enterprise. The software that enterprises build for internal use and external consumption by their…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  News broke in early February that the ACN,…

Read more →

Google’s dedicated team of cybersecurity researchers from ‘Project Zero’ have found a flaw in Samsung Exynos Modems that can give unauthorized data access to hackers, without the knowledge of users. And it’s discovered that the vulnerability allows a cyber criminal…

Read more →

After the release of ChatGPT in November 2022, the OpenAI CEO and the people behind the conversational chatbot launch say that they are equally scared of the negative consequences that the newly developed technology can fetch in the future. Sam…

Read more →

Cybercriminals pounce on SVB collapse, privacy concerns around ChatGPT and the FBI warns of a rise in crypto scams. Here are the latest threats and advisories for the week of March 17, 2023.    By John Weiler  Threat Advisories and Alerts …

Read more →

The U.K. Online Safety Bill triggers a security rebuke from WhatsApp, the Czech Republic concerned about TikTok, an international law enforcement effort shuts down the NetWire RAT infrastructure, while a study suggests workforce malaise towards reporting security incidents.   By Joe…

Read more →

After Rubrik, Hitachi Energy issued a public statement that some of its customer accounts might have been compromised, after a ransomware attack took place on a third-party software called Fortra GoAnywhere MFT. Clop ransomware gang is the company that managed…

Read more →

All these days, we have seen cyber criminals infiltrating networks and taking down computers. But after the spread of the Covid-19 pandemic, the focus of hackers has shifted more towards the smart phones with more phishing and social engineering attacks…

Read more →

By Nidhi Kannoujia, (ISC)² Candidate  The cybersecurity industry is a dynamic and promising field that welcomes diverse perspectives. It requires individuals who understand the intricacies of other industries since security is a collective responsibility. While the security industry is embracing diversity,…

Read more →

What have all these webinars got in common? They feature women at the top their cybersecurity game. March 8, 2023, is International Women’s Day, a focal point for recognizing the achievements and contributions that women have made to every element of…

Read more →

On International Women’s Day, we look back at the legacy of Rear Admiral Grace Hopper, an innovator and trailblazer in software development and standards for testing computer systems and components.  It would be wrong, as we reach International Women’s Day…

Read more →

Spoiler alert: the obvious answer is not always the correct one! Migrating services, apps and data to the cloud is both promising and challenging. The advantages of scalability, flexibility, reduced operational costs and supporting a hybrid workforce can be eliminated…

Read more →

Cybercrime may have less of a gender issue than cybersecurity, LastPass gives attack update, CISA warns on Royal ransomware gang while WHSmith and DISH Network count the cost after both suffer cyber attacks.  Study: Gender No Barrier To Participating In…

Read more →

Whenever we see a YouTube video that is informative, we tend to go through the description or ‘show more’ feature and have a habit of clicking on the links. What if the link leads us to a website that is…

Read more →

Australian firm Latitude Financial Services is hitting news headlines as a cyber attack on its servers has led to the data breach of 225,000 customers. Among the stolen data, a majority of the documents are related to driving licenses, employee…

Read more →

By John Weiler  Mexico timeshare scams, the DoppelPaymer ransomware gang gets busted and a major data leak rocks Oakland, California. Here are the latest threats and advisories for the week of March 10, 2023.   Threat Advisories and Alerts  FBI Issues…

Read more →

By Dave Cartwright, CISSP  In February 2023, something very unusual happened. Following a ransomware attack on Royal Mail International, a division of the U.K.’s (formerly state-owned) mail and parcel delivery service, the negotiation between the firm’s representatives and the LockBit…

Read more →

We are continuing the popular bi-monthly CPE credit quiz as we transition from InfoSecurity Professional to our new web-based content platform.  The first (ISC)² News and Insights CPE Credit Quiz of 2023 is now live. Every two months, we publish a…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Mobile security refers to the technologies and processes…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Integrating Cybersecurity in UX design The digital landscape…

Read more →

We’re so excited to announce our 2023 Partner of the Year awards. These annual awards recognize AT&T Cybersecurity partners that demonstrate excellence in growth, innovation, and implementation of customer solutions based on our AT&T USM Anywhere platform. AT&T Cybersecurity’s 2023…

Read more →

Cyber Criminals are smartly exploiting SmartScreen bugs in the Microsoft software to deliver Magniber Ransomware. And so far, the infection spread to thousands of devices, as the Windows operating giant in advance issued no red flag alerts. Google’s Threat Analysis…

Read more →

India is probably the only country in the world to provide free power to all of their farmers, as these folks provide the nation much needed food for survival. However, only a few states like Telangana are genuinely offering free…

Read more →

Major U.S. government and corporate breaches, the White House enforces TikTok ban and the NCSC issues zero trust guidance. Here are the latest threats and advisories for the week of March 3, 2023.  Threat Advisories and Alerts  NCSC Publishes Guidance…

Read more →

In 1999, the United States began to shape its QIS strategy. The first document on file is a Scientific and Technical Report (STR) entitled: “Quantum Information Science. An Emerging Field of Interdisciplinary Research and Education in Science and Engineering.” This…

Read more →

Ransomware is a form of malicious software (malware) that restricts access to computer files, systems, or networks until a ransom is paid. In essence, an offender creates or purchases ransomware, then uses it to infect the target system. Ransomware is…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. ​ According to the Open Web Application Security Project…

Read more →

China is using Artificial Intelligence technology for destruction and the latest developments stand as the best example to explain it in deep. Beijing has started using an AI developed Warship design program that enables the technical guys draw a complex…

Read more →

For the past 1 year or so, a museum is unable to access its artecraft database because of a ransomware attack on the servers of Gloucester City Council. The Phishing email attack took place in the year 2021 and the…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  More and more, people are completing the entire…

Read more →

This is unimaginable, but is taking place in practical, seriously! Russian ransomware gang BlackCat Ransomware group has targeted a hospital operating in Pennsylvania this time and are threatening to leak intimate photos of the patient, say their private parts, taken…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  “Why are you here if you cannot decrypt…

Read more →

All these days, the media was busy discussing the new AI-based conversational Chatbot ChatGPT. In the coming days, the discussions will shift a bit, towards a similar product named GPT-4, a Large Language Model (LLM) machine learning tool to generate…

Read more →

Spoiler alert: the obvious answer is not always the correct one! Migrating services, apps and data to the cloud is both promising and challenging. The advantages of scalability, flexibility, reduced operational costs and supporting a hybrid workforce can be eliminated…

Read more →

Cybercrime may have less of a gender issue than cybersecurity, LastPass gives attack update, CISA warns on Royal ransomware gang while WHSmith and DISH Network count the cost after both suffer cyber attacks.  Study: Gender No Barrier To Participating In…

Read more →

TikTok, the subsidiary of Chinese Conglomerate Byte Dance, has announced a new data security regime for European users and named it as “Project Clover”. The decision was taken amid building pressure from the lawmakers of the continent who expressed their…

Read more →

TikTok, the subsidiary of Chinese Conglomerate Byte Dance, has announced a new data security regime for European users and named it as “Project Clover”. The decision was taken amid building pressure from the lawmakers of the continent who expressed their…

Read more →

From 2024, the ECB will launch cyber attacks on major noted banks to check their IT infrastructure’s cyber resilience towards sophisticated attacks. Andrea Enria, the head of the ECB, announced the decision Supervisory, after banks operating in Europe observed a…

Read more →

We are continuing the popular bi-monthly CPE credit quiz as we transition from InfoSecurity Professional to our new web-based content platform.  The first (ISC)² News and Insights CPE Credit Quiz of 2023 is now live. Every two months, we publish a…

Read more →

Firewall optimization (also known as firewall analysis) is the process of analyzing and adjusting the configuration and policy set of a firewall to improve performance and security. This process involves reviewing and corelating log data and device configurations, identifying potential…

Read more →

Traditional vulnerability management is in need of a desperate change due to the lack of effectiveness in combating modern cyberattacks. It’s a bold statement, but true, nonetheless, because it’s just not enough. Numbers don’t lie, and the only direction the…

Read more →

We are excited to announce the winners of the 2023 Cybersecurity Excellence Awards! The 2023 Cybersecurity Excellence Awards honor individuals and organizations that demonstrate excellence, innovation and leadership in information security. With over 800 entries in more than 300 award…

Read more →

Major U.S. government and corporate breaches, the White House enforces TikTok ban and the NCSC issues zero trust guidance. Here are the latest threats and advisories for the week of March 3, 2023.  Threat Advisories and Alerts  NCSC Publishes Guidance…

Read more →

1.) A ransomware gang named Medusa is asking for a ransom of $1,000,000 from the Minneapolis Public Schools and has threatened to leak sensitive details if the victim fails to pay the demanded sum on time. MedusaLocker is a new…

Read more →

ChatGPT, the sensational conversational app of Microsoft, has been identified as a threat to national security due to its increased sophistication in phishing scams. The Silicon Valley sophisticated sensation developed by OpenAI has become a part of every tech discussion…

Read more →

By Nidhi Kannoujia, (ISC)² Candidate  The cybersecurity industry is a dynamic and promising field that welcomes diverse perspectives. It requires individuals who understand the intricacies of other industries since security is a collective responsibility. While the security industry is embracing diversity,…

Read more →

By Joe Fay China is ‘most active, and most persistent threat’ as government pinpoints need for a bigger and more diverse cybersecurity workforce to meet the long-term challenge.  The Biden administration has unveiled its long-awaited cybersecurity strategy, effectively putting the…

Read more →

By Dave Cartwright, CISSP  The mysterious world of cybersecurity can sometimes be wildly misrepresented on-screen, causing challenges for professionals charged with educating colleagues and other users.  Movie and TV screenwriters have been known to play fast and loose with the…

Read more →

We’re so excited to announce our 2023 Partner of the Year awards. These annual awards recognize AT&T Cybersecurity partners that demonstrate excellence in growth, innovation, and implementation of customer solutions based on our AT&T USM Anywhere platform. AT&T Cybersecurity’s 2023…

Read more →

Read the previous blog on Governance of Zero Trust in manufacturing in the series here. Manufacturers are some of the most ambitious firms on the planet when it comes to harnessing the power of edge technology to modernize their businesses. As they…

Read more →

On International Women’s Day, we look back at the legacy of Rear Admiral Grace Hopper, an innovator and trailblazer in software development and standards for testing computer systems and components.  It would be wrong, as we reach International Women’s Day…

Read more →

By Joe Fay  Workers told to make more use of cyber ranges, conferences and webinars as skills gap just gets bigger. The US Department of Defense (DoD) is overhauling the recruitment and training of its cyberspace workforce, providing a template…

Read more →

National Security Agency (NSA) of the United States has issued some tips to safeguard home networks from cyber attacks and they are as follows: 1.)   Always use the latest operating systems, browsers and applications that are updated with regular security…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  More and more, people are completing the entire…

Read more →

Ransomware is a form of malicious software (malware) that restricts access to computer files, systems, or networks until a ransom is paid. In essence, an offender creates or purchases ransomware, then uses it to infect the target system. Ransomware is…

Read more →

It’s obvious that all of us would love to have access to the social media accounts of our loved ones in the event of their death. As this allows to know the life of the bereaved and how they spent…

Read more →

As soon as Tesla Chief Elon Musk took over the reins of Twitter in the October 2022, many users who weren’t happy with his takeover jumped to Mastodon, a Germany-based social media platform. The aversion was such that the user…

Read more →

According to a press release of Hospital Clinic de Barcelona, the computer systems at a ransomware attack disrupted the said hospital, this cancelling nearly 90 emergency operations and disallowing 3000 patients going for a general checkup. The attackers conducted the…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  This blog was jointly authored with Arjun Patel.…

Read more →

Firewall optimization (also known as firewall analysis) is the process of analyzing and adjusting the configuration and policy set of a firewall to improve performance and security. This process involves reviewing and corelating log data and device configurations, identifying potential…

Read more →

Can you believe that threat actors can easily steal data from Google Cloud Platform (GCP) leaving no forensic trace about their activities? It’s true! Mitiga researchers recently discovered that hackers are stealing data from GCP storage buckets as the differentiating-log…

Read more →

Some of the biggest prevailing challenges in the cybersecurity world over the last year have been those revolving around securing the software supply chain across the enterprise. The software that enterprises build for internal use and external consumption by their…

Read more →

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Extended Detection and Response customers. Executive summary As we move towards more automation,…

Read more →

Cisco, the networking giant that also into the business of cloud and Cybersecurity business, has announced that it is soon going to acquire Valtix, a start-up in the business of cloud security. Information is out that the deal might take…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  A radius server uses a network protocol for…

Read more →

Read the previous blog on Governance of Zero Trust in manufacturing in the series here. Manufacturers are some of the most ambitious firms on the planet when it comes to harnessing the power of edge technology to modernize their businesses. As they…

Read more →

Major U.S. government and corporate breaches, the White House enforces TikTok ban and the NCSC issues zero trust guidance. Here are the latest threats and advisories for the week of March 3, 2023.  Threat Advisories and Alerts  NCSC Publishes Guidance…

Read more →

We’re so excited to announce our 2023 Partner of the Year awards. These annual awards recognize AT&T Cybersecurity partners that demonstrate excellence in growth, innovation, and implementation of customer solutions based on our AT&T USM Anywhere platform. AT&T Cybersecurity’s 2023…

Read more →

By Joe Fay Not even a pyramid scheme – they just convince people to give away their money.  A network of crypto scammers has been able to game YouTube’s algorithms to publicize and amplify fraudulent investment apps without triggering the…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  When strategizing a security approach for the coming…

Read more →

CISA of the United States has issued a warning to all public and private entities to stay away from the Royal Ransomware group. They issued an advisory as a part of StopRansomware Campaign and issued some tips that help raise…

Read more →

By Joe Fay  Australia to scrap cybersecurity rules as part of a new regime, ransoms bankroll further ransomware attacks, Dole and PyPi attacked, while the European Commission calls time on TikTok.  Australia to Overhaul Cybersecurity Rules  The Australian government is…

Read more →

Any priced item in the world, mostly electronics, gets duplicated in China and is thereafter sold as a cost-effective product. Meaning, those who cannot afford a branded good can get the Chinese product for half or quarter of the price.…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Integrating Cybersecurity in UX design The digital landscape…

Read more →