Part 1 of a 3 blog series Organizations have placed a lot of time, effort and capital spend on security initiatives in an effort to prevent security breaches and data loss. Even the most advanced “next generation” application layer firewalls…
Category: Cybersecurity Insiders
Common focal points of DoS attacks
This blog was written by an independent guest blogger. Is your company at risk of a Denial of Service (DoS) attack? If so, which areas are particularly vulnerable? Think it’s a crazy question? Think again. In 2020, 16 DDoS attacks…
The Bitglass Blog
California is setting the stage for compliance in 2020 with the enactment of the California Consumer Privacy Act (CCPA).The statute that went into effect on the first of January expands the rights of Californians over their data. It gives the…
Hacker earns $75k for finding 3 critical vulnerabilities in Apple Safari Browser
Apple Inc has once again proved that it keeps its word when it comes to rewarding white hat hackers who find security flaws in its products. As recently it rewarded a hacker with $75,000 for finding seven flaws in Apple’s…
Apple Inc acquires AI Voice Startup to improve SIRI
Apple Inc has acquired a Dublin based AI Startup which offers technology that enables 3rd parties to integrate high-quality voice and natural language capabilities into their digital products. Dubbed as Voysis, this conversational Artificial Intelligence platform is said to help…
Interpol warns healthcare providers against Maze Ransomware spread
The International Criminal Police Organization aka Interpol has issued a warning to healthcare providers operating across the globe that Maze Ransomware spreaders might target more hospital networks in the coming weeks which are fighting against the COVID 19 pandemic. …
The future of cybersecurity for connected cars
Connected cars have slowly become mainstream, with more than 700 million of them expected to be operating on roads by 2030. Most new vehicles are leaving production lines with a host of features that require a connection to the online world, including…
10 tips for working remotely
We’re all working together to help slow the spread of COVID-19 through new policies and guidelines such as working remotely and socially distancing ourselves from others. Working remotely can be challenging. I can offer some advice about working remotely, as…
Malicious Actors and Medical Data: Where Are We Heading?
Data is the hottest commodity in town, particularly on the dark web. But there’s one type of file that hackers are most interested in: your medical data. Whereas a credit card number or Social Security number can net a criminal…
9 Reasons to hire an InfoSec candidate without experience: Focus on skillset vs. experience
This blog was written by an independent guest blogger. $37-$145k jobs for InfoSec specialists without experience. Hiring immediately. This is what a simple internet search has to offer for people looking to get entry-level jobs in Information security (InfoSec), or…
Exploits, vulnerabilities and threat adaptation
Security, whether focused on physical, cyber, operational, or other domains, is an interesting topic that lends itself to considerable debate among practitioners. There are, however, basic concepts and underpinnings that pervade general security theory. One of the most important, yet…
The Power of Community to Fight COVID-19 Cyber Threats
Cybercriminals are taking advantage of the fear and uncertainty surrounding the current global health and economic situation as well as sudden shifts and exposures in IT environments to launch COVID-19 related attack campaigns. The bad guys are moving full-steam ahead…
Microsoft issues Ransomware alert to Hospitals amid Corona Pandemic spread
Microsoft has first of its kind issued a notification early today that various hospitals operating across the world are vulnerable to Ransomware attacks as the VPNs and Gateways used by the healthcare providers are exposed to several hacking units. …
Video Conferencing Zoom App is filled with Security Vulnerabilities
Video Conferencing Zoom App which allows employers to stay connected with their employees in work from home situations is in news for all wrong reasons. Security research has discovered two flaws in the Zoom App and stated that it allows…
Samsung wins a Mobile Security project from Italy
Samsung SDS, the IT wing of Samsung Group has won a defense mobile security project from Italy in March 2020. Thus, the said Italian project happens to be the first defense project of the South Korean Company which is already…
Stories from the SOC- RIG Exploit Kit
Executive summary Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. AT&T Alien Labs® Open Threat Exchange®…
Here is why your healthcare provider cannot accept Venmo payments
This blog was written by an independent guest blogger. Are you using Venmo to send and receive payments? People use Venmo for everything, and in these times when no one wants to handle actual money for fear of spreading infection,…
Ransomware attack on websites of COVID 19 treatment and Italy Social Security
Hackers seem to be finding it easy to target healthcare providers these days especially when the crisis of Coronavirus spread is at its peak as this is evident from what has been reported in the past couple of weeks. Earlier,…
Corona Virus hits a major Merger and Acquisition deal of HP and Xerox
The three months of COVID 19 spread across the globe has started to show its influence on the in-process Merger and Acquisition deals as US Printer maker Xerox has officially announced that it is walking out of the $35 billion…
Amazon Detective launched to detect Cloud Security Anomalies
Amazon Web Services shortly dubbed as AWS has launched a security tool named Amazon Detective to visualize anomalies on cloud security measures taken up by customers. This smart tool will be using Machine Learning skills backed by Artificial Intelligence to…
Do you have the GRIT to be a cybersecurity consultant?
As I read Angela Duckworth’s GRIT, where she explains that the secret to outstanding achievement is not talent but a unique blend of passion and persistence she calls “grit,” I was able to relate the need for this power of…
Corona-cation? Here’s How to Work From Home Securely
By now, the whole world is feeling the effects of a tiny little troublemaker called SARS-CoV-2 or Coronavirus (or COVID-19; oh so many choices!). Every piece of news, every conversation and certainly every WhatsApp message is fixated on this rapidly…
The rising threat of drones to cybersecurity: What you need to know
This blog was written by an independent guest blogger. The Federal Aviation Administration (FAA) reports that there are nearly 1.5 million registered drones in the United States, proving them to be ubiquitous across the country – and there are plenty that are…
The foundation of a Zero Trust architecture
Part 1 of a 3 blog series Organizations have placed a lot of time, effort and capital spend on security initiatives in an effort to prevent security breaches and data loss. Even the most advanced “next generation” application layer firewalls…
Cyber Attack on Marriot Hotel leaks data related to 5.2 million guests
Marriot has announced that it has become a victim of a major cyber attack which could have probably leaked information of more than 5.2 million guests. And FYI, Marriot experienced a similar cyber incident in Nov’18 when suspected Chinese hackers…
Artificial Intelligence-based App uses the human voice to test for Corona Virus
To all those who are concerned that they might be a victim of Corona Virus and are in a panic situation on whom to approach and what to do to confirm the infection, here’s some good news. Researchers from Carnegie Mellon University have…
The future of cybersecurity for connected cars
Connected cars have slowly become mainstream, with more than 700 million of them expected to be operating on roads by 2030. Most new vehicles are leaving production lines with a host of features that require a connection to the online world, including…
10 tips for working remotely
We’re all working together to help slow the spread of COVID-19 through new policies and guidelines such as working remotely and socially distancing ourselves from others. Working remotely can be challenging. I can offer some advice about working remotely, as…
Windows Server 2019 OS hardening
This blog was written by an independent guest blogger. Windows Server 2019 ships and installs with an existing level of hardening that is significantly more secure compared to previous Windows Server operating systems. Gone are the bloat of Xbox integration…
Malicious Actors and Medical Data: Where Are We Heading?
Data is the hottest commodity in town, particularly on the dark web. But there’s one type of file that hackers are most interested in: your medical data. Whereas a credit card number or Social Security number can net a criminal…
9 Reasons to hire an InfoSec candidate without experience: Focus on skillset vs. experience
This blog was written by an independent guest blogger. $37-$145k jobs for InfoSec specialists without experience. Hiring immediately. This is what a simple internet search has to offer for people looking to get entry-level jobs in Information security (InfoSec), or…
US Air Force launches Cyber Attacks on GPS Systems
US Air Force reportedly launched cyber attacks on GPS Systems early this year says a source familiar with the news due to Congressional mandate. However, the attack was launched by an experts team of Booz Allen on behalf of US…
Japan to invest $237.12 million in Artificial Intelligence to counter Cyber Attacks
The Ministry of Defense (MoD) of Japan has confirmed that it is going to invest over 25.6 billion Yen or $237.12 million in USD to develop Artificial Intelligence-based tools to counter cyber attacks. Japan aims to develop an all-inclusive AI…
Hacked Houseparty App infiltrates Netflix and Spotify accounts
Houseparty App which allows people to video chat with a group of friends or relatives at a time or one-by-one is in news for all wrong reasons during the 8th day of UK Lockdown. Some users of the said…
Exploits, vulnerabilities and threat adaptation
Security, whether focused on physical, cyber, operational, or other domains, is an interesting topic that lends itself to considerable debate among practitioners. There are, however, basic concepts and underpinnings that pervade general security theory. One of the most important, yet…
Stories from the SOC- RIG Exploit Kit
Executive summary AT&T Alien Labs® Open Threat Exchange® (OTX) recently created a pulse for a new threat entitled the RIG Exploit Kit which had been observed distributing ransomware to victim companies across a variety of industry verticals. This exploit was…
Data Security fears make way to Huawei App Gallery
As soon as US President Donald Trump decided to ban the use of Huawei smartphones, and 5G related devices on the soil of North America, the Chinese Telecom giant started to work on its own App Gallery which will help…
Microsoft disinvests from Israeli Startup due to Espionage allegations
Microsoft has made it official that it is going to withdraw from an investment agreement that is made with an Israeli startup which was into the development of facial recognition software. Although the company never made its intention for disinvestment…
How to keep your Work from Home strategy Cyber Secure
As many people across the world are working from home these days to keep their office operations going, hackers are seeing these devices as vulnerable points to infiltrate corporate networks. So, here are some strategies that can make your work…
Examining Potential Election Vulnerabilities – Are They Avoidable?
By Tim Matthews, Chief Marketing Officer at Exabeam In the U.S and global communities, election security is a large concern because so many aspects of it can be insecure and open to attacks that may shift public opinion or be…
How to spot a fake app?
This blog was written by an independent guest blogger. There are billions of mobile phone users in the world, and every day, the number increases as people find convenience in the use of smartphones. As the number of smartphone user…
Google tracks down 40000 State-funded Cyber Threats
Google Threat Analysis Group(TAG) has announced that it has tracked down more than 40,000 state-backed cyber attacks on its account holders in 2019. The web search giant claims that the year 2018 witnessed 25% higher cases when compared to last…
Phishing Threats Increase with COVID 19 Outbreak
The recent COVID 19 pandemic has changed the way that businesses are operating around the entire country. Some businesses are forced to temporarily shut down, while others are trying to adjust to the changes of working remote and innovating new and…
French government announces $4.3 billion plan to support startups
As France and entire Europe is struggling to contain the spread of Covid 19 pandemic, financial experts suggest that the chances are ripe for the next recession to emerge by August this year. So, under such circumstances, the government of…
Data Stealing Ransomware hits Chubb Insurance and Kimchuk
1.) Chubb Insurance has issued an official statement yesterday that it was hit by data-stealing Maze Ransomware who are now threatening to release a portion of sensitive data if the company doesn’t bow down to the demands of its hackers.…
Do you have the GRIT to be a cybersecurity consultant?
As I read Angela Duckworth’s GRIT, where she explains that the secret to outstanding achievement is not talent but a unique blend of passion and persistence she calls “grit,” I was able to relate the need for this power of…
(Dis) Advantages of having your domain, email and website on separate providers
This blog was written by an independent guest blogger. Thinking about launching a new website? You’ll want a domain to go with that, as well as a brand spanking new email address. But here’s the thing: Before all the fun…
Ransomware attack on City of Shelby and suspected on Essilor Group
France based Essilor Group which is into the manufacturing of optical solutions and eye gear has made it official that it became a victim of a cyber attack on March 21st,2020. And highly placed sources say that the attack could…
Cybersecurity experts join to stop Coronavirus Cyber Attack campaigns
As a surge in cyberattacks is being witnessed on Healthcare agencies that are otherwise fighting in curbing the spread of the Covid 19 pandemic, an international group consisting of around 400 volunteers has emerged to fight the hacking campaigns named…
Dark Hotel hacking group behind WHO Cyber Attack
Finally, some evidence is out that the hacking group behind the WHO Cyber Attack could be ‘Elite Hackers’ aka Dark Hotel. According to an article published in Reuters, the said group was behind the domain name registration of a fake…
The rising threat of drones to cybersecurity: What you need to know
This blog was written by an independent guest blogger. The Federal Aviation Administration (FAA) reports that there are nearly 1.5 million registered drones in the United States, proving them to be ubiquitous across the country – and there are plenty that are…
The future of cybersecurity for connected cars
Connected cars have slowly become mainstream, with more than 700 million of them expected to be operating on roads by 2030. Most new vehicles are leaving production lines with a host of features that require a connection to the online world, including…
Over Two Million Email Cyber Attacks on The National Gallery London
According to a study and data released by Absolute Software, The National Gallery London was hit by over 2 million email cyberattacks in the year 2019. The endpoint security offering company clarified that it obtained the data via Freedom of…
Ransomware claims have doubled in 2019 say insurers
As the year 2019 has passed, a London based Insurance Company Beazley Group says that the number of ransomware claims doubled last year as the spike in the malware attacks was more evident in healthcare, professional services, and financial sector.…
Microsoft Windows document vulnerability has no fix
Microsoft has issued an official warning that the recently discovered font vulnerability has no fix as of now and users need to wait till April 14th, 2020 i.e. the next patch Tuesday. Going by the details, a group of…
How a small business can achieve Zero Trust security
Contrary to popular belief, small businesses don’t need to be restricted by their budgets and productive capacity – especially when it comes to security. By using the right Zero Trust approach, businesses can prevent data breaches, all while continuing to…
Google introduces the Chronicle to detect Enterprise level Cyber Threats
Google has introduced the Chronicle to detect enterprise-level cyber threats to businesses that are vying for quick digital detection & response. The web search giant is offering the product which can use machine learning tools to analyze huge volumes of…
Coronavirus and Email Phishing scam and Cyber Attack on WHO
As the panic of Covid 19 is slowly gripping the entire world, some hacking groups are seen spreading malware in the form of email phishing scams delivered in the name of the World Health Organization (WHO). Security experts say that…
Failed Cyber Attack on Paris Hospital Authority
While entire Europe is busy containing the spread of Coronavirus, the news is out that a failed cyber attack on the Paris Hospital Authority aka AP-HP was attempted on March 22nd of this year. AP-HP stands for Assistance Publique- Hopitaux…
Windows Server 2019 OS hardening
This blog was written by an independent guest blogger. Windows Server 2019 ships and installs with an existing level of hardening that is significantly more secure compared to previous Windows Server operating systems. Gone are the bloat of Xbox integration…
Ransomware attack on Hammersmith Medicines Research and Ameren Missouri
Maze Ransomware spreading hackers have targeted a healthcare provider that was associated with the British government to test the Covid-19 vaccine. And the news is out that the hackers have also stolen some data from the testing center and have…
Cyber Attack news trending on Google
Finastra, a London based technology solutions providing company has issued a press statement yesterday that it is shutting down some of its critical servers due to a cyberattack that targeted it on Thursday. Although the company hasn’t stated the details…
Buncombe County is struggling with Cyber Threats amid Covid 19 fears
As the number of positive Coronavirus cases has increased in Buncombe County, North Carolina, the news is now out that the Public Health Emergency Preparedness team is struggling hard to deal with malicious emails, phishing attempts and ransomware attacks on…
South Korea Startup to share Cyber Threat Intelligence with Interpol
France based International Criminal Police Organization (INTERPOL) has announced that a South Korean Start-up S2W Lab has signed an agreement with it to share cyber threat intelligence. And as a part of this agreement, the Korean Startup is all set…
Cyber Attack on European Power Grid and Radio com
As the world is struggling to contain the spread of Coronavirus, the European Network of Transmission System Operators for Electricity(ENTSO-E) says that it has become a victim of a cyber-attack recently that impacted its operations at the office network. FYI,…
Three federal agencies to defend energy infrastructure from Cyber Attacks
The Energy infrastructure in the United States from now on will be defended by the Departments of Energy and Homeland Security and Department of Defense. These three agencies on a joint note have worked on a memorandum to work on…
Hackers promise not to spread ransomware to healthcare providers during Covid 19 epidemic
As the Coronavirus Pandemic is spreading like a wildfire, hackers have made a promise and a resolution that they will not target healthcare providers as it can severely hit the treatment of Covid-19 victims. Meanwhile, the news is out…
Ransomware spreading gangs are targeting only at Nights n weekends
Those spreading ransomware are seen targeting companies and individuals only at nights and weekends says a study taken up by FireEye. The Cybersecurity firm confirms that 76% of ransomware infections take place at night time in the enterprise sector and…
Merger and Acquisition deals to be affected by a Chinese Virus epidemic
As the Coronavirus epidemic aka Chinese Virus (as per US President Donald Trump) is leading the world to a virtual economic slowdown, trade analysts say that it can make many companies retreat from their pre-determined merger and acquisition deals –…
NutriBullet becomes a victim of Magecart Cyber Attack
MageCart Group which is a syndicate of malicious actors is reported to have launched a cyberattack on the website of the NutriBullet, in an attempt to siphon payment card details from the customers shopping on the website. Going by…
MonitorMinor app is a Stalkware lurking in Google Playstore
Kaspersky Lab found the MonitorMinor app, a hit on Google Playstore to be actually a stalkware which not only infects an android device with spyware but also starts stealing data from social networking apps and messaging app downloaded onto the…
Cyber Attack risk on IoT devices is too high says report
A recent study conducted by Unit 42, a threat intelligence platform of Palo Alto Networks has confirmed that the risk of a cyberattack on the Internet of Things(IoT) is too high than ever. And the study confirmed that all the…
Malicious Actors and Medical Data: Where Are We Heading?
Data is the hottest commodity in town, particularly on the dark web. But there’s one type of file that hackers are most interested in: your medical data. Whereas a credit card number or Social Security number can net a criminal…
Exploits, vulnerabilities and threat adaptation
Security, whether focused on physical, cyber, operational, or other domains, is an interesting topic that lends itself to considerable debate among practitioners. There are, however, basic concepts and underpinnings that pervade general security theory. One of the most important, yet…
VMware boosts its Cloud Security plans
VMware has decided to boost its cloud security plans by offering innovative and advanced solutions. And the first one happens to be the new VMware Advanced Security solution for Cloud Foundation which helps companies get rid of their legacy security…
More Cyber Threats due to Coronavirus
As Coronovirus scare has made many public and private companies initiate their employees to work from home, security experts fear that this trend could see a rise in Cyber Attacks as working remotely only guarantees the work completed by employees…
How to keep your mobile secure from Malware
A recent study carried out by Avast Threat Labs has discovered that 72% of Android devices operating across the world are prone to adware and this witnessed a drastic increase over last year as the infection percentage was recorded to…
Online payment security: 8 Steps to ensure safe transactions
This blog was written by an independent guest blogger. Online shopping has become an increasingly popular trend in the past few years as people find it more convenient to buy from the comfort of their homes. You can get pretty…
Do you have the GRIT to be a cybersecurity consultant?
As I read Angela Duckworth’s GRIT, where she explains that the secret to outstanding achievement is not talent but a unique blend of passion and persistence she calls “grit,” I was able to relate the need for this power of…
How to spot a fake app?
This blog was written by an independent guest blogger. There are billions of mobile phone users in the world, and every day, the number increases as people find convenience in the use of smartphones. As the number of smartphone user…
Cyber Attack on US Health Agency leads to misinformation spread
News is out that a cyber attack on the database of the US Health Agency has led to the misinformation spread from Sunday across the United States. Highly placed sources say that the attack was meant to slow down the…
Details of CovidLock ransomware and Czech hospital infection
As the fears of Coronavirus infection spread are gripping the world at a fast pace, hackers are seen using every opportunity to dupe victims in the disguise of services and products about Covid-19; and here’s one such instance- A team…
Security Vulnerabilities in Voatz Mobile voting platform
Voatz, which is a 2016 mobile election voting application headquartered in Brookline, Massachusetts is hitting Google news headlines for all wrong reasons. Technically speaking, this application is seen allowing voters to cast their votes from their supported mobile devices. And…
(Dis) Advantages of having your domain, email and website on separate providers
This blog was written by an independent guest blogger. Thinking about launching a new website? You’ll want a domain to go with that, as well as a brand spanking new email address. But here’s the thing: Before all the fun…
The rising threat of drones to cybersecurity: What you need to know
This blog was written by an independent guest blogger. The Federal Aviation Administration (FAA) reports that there are nearly 1.5 million registered drones in the United States, proving them to be ubiquitous across the country – and there are plenty that are…
How to harden your employees from the massive social engineering threat
This blog was written by an independent guest blogger. Social engineering is the art of human deception. In the world of cybersecurity, it’s how to fool human beings in order to conduct cyber attacks. Some of these cyber attacks can…
The Power of the Public Cloud
This post was originally published by Nat Kausik. Difficult to believe that there is lingering debate on whether a SaaS company should operate on the public cloud or in private data centers. At Bitglass, we have no doubts. Read more…
HEALTHCARE IS THE PREFERRED TARGET OF CYBER ATTACKERS
This post was originally published by (ISC)² Management. U.S. healthcare institutions are under constant attack from cybercriminals, and unless hospitals take concrete steps to protect themselves, the situation won’t get any better. In 2019, the healthcare industry was the number…
Dawn of a new decade: Leaping from GRC to IRM – A building block approach
This blog was co-authored by Carisa Brockman, GRC Practice Lead. First things first: It is crucial to understand the difference between Governance, Risk and Compliance (GRC) and Integrated Risk Management (IRM) because this sets the stage for long term strategic…
How a small business can achieve Zero Trust security
Contrary to popular belief, small businesses don’t need to be restricted by their budgets and productive capacity – especially when it comes to security. By using the right Zero Trust approach, businesses can prevent data breaches, all while continuing to…
Cyber Threat to Pentagon Coronovirus Telecommuting
As the Coronavirus scare is petrifying all the people across the world, Pentagon’s top officials have chosen to embrace telecommuting technology to keep their Counterintelligence operations alive even during the event of a medical threat. Unfortunately, the new way of…
Facebook dragged to court by Australia over data privacy
Australian data watchdog has dragged Facebook to court for allegedly sharing personal details of more than 300,000 people with the controversial, now defunct form Cambridge Analytica. Australian Information Commissioner has given the social media a specified time frame to…
Chinese hackers cyber-attack Mongolia with a digital Coronavirus malware
A team of researchers from Check Point has discovered that the Mongolian Public Sector was hit by a digital Coronavirus scare when hackers from Chinese APT tried to deliver a malware implant into the target’s IT infrastructure. Security researchers…
Is the cybersecurity skills gap real?
An independent guest blogger wrote this blog. If you do a web search for “cybersecurity skills gap,” you’ll get many, many pages of results. It’s certainly a hot topic in our industry. And it’s a matter that security practitioners and…
Malicious Actors and Medical Data: Where Are We Heading?
Data is the hottest commodity in town, particularly on the dark web. But there’s one type of file that hackers are most interested in: your medical data. Whereas a credit card number or Social Security number can net a criminal…
Cyberspace Solarium Commission predicts a Catastrophic Cyber Attack on the US
A year-long investigation taken up by the Cyberspace Solarium Commission has predicted that the United States is on the verge of getting hit by a Catastrophic Cyber Attack. The report says that the nation led by Donald Trump is not…
Prince Harry converses with Russian Hackers
Prince Harry the Duke of Sussex who chose to quit the throne of Royal in Feb this year is in news headlines for conversing with Russian hackers who posed as the 17-year-old climate change activists Greta Thunberg to spill beans.…
How Municipal Governments could protect against ransomware
As more and more cases regarding Municipalities being hit by ransomware are emerging day to day, Deloitte has come up with a to-do list that could help Municipalities safeguard their IT infrastructure from ransomware attacks. And they are as follows-…
Understanding cyber attacker motivations to best apply controls
Implementing a risk based security program and appropriate controls against adaptive cyber threat actors can be a complex task for many organizations. With an understanding of the basic motivations that drive cyber-attacks organizations can better identify where their own assets…
Online payment security: 8 Steps to ensure safe transactions
This blog was written by an independent guest blogger. Online shopping has become an increasingly popular trend in the past few years as people find it more convenient to buy from the comfort of their homes. You can get pretty…