Facebook(FB), the social media giant of the world has announced that it has taken the help of Artificial Intelligence technology to fight fake accounts. In fact, in a recent report released by the Mark Zuckerberg led company said that its…
Category: Cybersecurity Insiders
Ransomware attack on Australia Car Auction Company
Manheim Auctions, a car auction company operating in Australia was recently targeted by a Ransomware Cyber Attack and news is out that the hackers are demanding $30 million as a ransom to free up the database from the file-encrypting malware.…
Ransomware Attack on City of Chateauguay
A Canadian province called the City of Chateauguay is said to be reining under the influence of a ransomware attack preventing employees of the city from working and holding some information as a hostage. As the revelation of details…
How to spot a fake app?
This blog was written by an independent guest blogger. There are billions of mobile phone users in the world, and every day, the number increases as people find convenience in the use of smartphones. As the number of smartphone user…
Why vendor management is a cornerstone of security
When it comes to building a security program, one of the most frequently overlooked areas is that of vendor management. Organizations focus significant resources on internal security, such as vulnerability scans, centralized log management, or user training, while not extending…
Equifax invests $1.25 Billion in Cloud Security
US Credit Reporting Agency Equifax has made it official that it is going to invest $1.2 billion in cloud security business through the C3M cloud partner. The company which hit news headlines for a data breach now seems to desire…
Russian hackers launch RYUK Ransomware attack on Durham North Carolina
Hackers from Russia are reported to have launched an RYUK ransomware attack on Durham North Carolina disrupting communication and computer services across the county. According to the Prima Facie launched by North Carolina State Bureau of Investigations, the said ransomware…
Acquisition to boost Accenture Security
Ireland based professional services company Accenture has recently acquired a UK based Context Information Security company to boost its Cybersecurity platform Accenture Security on a global note. The objective of the deal is to accelerate the growth of its existing…
(Dis) Advantages of having your domain, email and website on separate providers
This blog was written by an independent guest blogger. Thinking about launching a new website? You’ll want a domain to go with that, as well as a brand spanking new email address. But here’s the thing: Before all the fun…
The rising threat of drones to cybersecurity: What you need to know
This blog was written by an independent guest blogger. The Federal Aviation Administration (FAA) reports that there are nearly 1.5 million registered drones in the United States, proving them to be ubiquitous across the country – and there are plenty that are…
Mining Malware Attack on Kentucky University and Healthcare
Hackers reportedly launched a Cyber Attack on the University of Kentucky(UK) and Healthcare in Feb this year which was identified and disclosed by the officials on Sunday last week(March 8th,2020). News is now out that the attack was going on…
A Billion Android smartphones and tablets are vulnerable to hackers
A recent survey conducted by “Which?” has discovered that over a billion Android-based smartphones and tablets are vulnerable to hackers. The report says that more than 40% of people using Android-based devices are susceptible to hacks as their devices are…
Hackers using ultrasonic sounds to hack Google Assistant and Siri
All these days we have seen hackers using sophisticated tech to hack a device, workstation or a server. But have you ever heard about hacking through ultrasonic sounds? According to the latest research conducted by Washington University, threat actors…
How to harden your employees from the massive social engineering threat
This blog was written by an independent guest blogger. Social engineering is the art of human deception. In the world of cybersecurity, it’s how to fool human beings in order to conduct cyber attacks. Some of these cyber attacks can…
Dawn of a new decade: Leaping from GRC to IRM – A building block approach
This blog was co-authored by Carisa Brockman, GRC Practice Lead. First things first: It is crucial to understand the difference between Governance, Risk and Compliance (GRC) and Integrated Risk Management (IRM) because this sets the stage for long term strategic…
How a small business can achieve Zero Trust security
Contrary to popular belief, small businesses don’t need to be restricted by their budgets and productive capacity – especially when it comes to security. By using the right Zero Trust approach, businesses can prevent data breaches, all while continuing to…
Is the cybersecurity skills gap real?
An independent guest blogger wrote this blog. If you do a web search for “cybersecurity skills gap,” you’ll get many, many pages of results. It’s certainly a hot topic in our industry. And it’s a matter that security practitioners and…
Steel miner and manufacturer EVRAZ hit by a Ransomware Attack
EVRAZ which is into steel mining and manufacturing has been hit by a ransomware attack, bringing its operations at its North America, Russia and Ukraine branches to a halt. A source from the company said that the steel production plants…
T- Mobile database hacked and customer info accessed by hackers
T- Mobile a business unit of German Telecom Company Deutsche Telekom AG has disclosed on March 4th, 2020 that a hackers group could have fraudulently accessed its database and could have accessed some consumer’s personal information such as customer names,…
Virgin Media database holding 900,000 customer info exposed to hackers
Virgin Media has admitted publicly that the information related to its 900,000 customers might have been accessed by hackers as the database storing the information was left exposed to hackers for 10 months. Although the company claims that hackers…
Understanding cyber attacker motivations to best apply controls
Implementing a risk based security program and appropriate controls against adaptive cyber threat actors can be a complex task for many organizations. With an understanding of the basic motivations that drive cyber-attacks organizations can better identify where their own assets…
RYUK Ransomware attack on Emcor Group
EMCOR Group which is well renowned as EMCOR- a Fortune 500 company, has disclosed that it became a victim of an RYUK Ransomware attack in February this year. As per the details available to Cybersecurity Insiders, the file-encrypting malware attack…
Cyber Attack on Boots Advantage Card Database
UK based Health and Pharmacy retailer ‘Boots’ has made it official that it has halted its customers from purchasing products on its website using its loyalty card reward points as hackers reportedly hacked passwords of its 140,000 customers of the…
LaSalle County fast recovering from Ransomware Attack
Illinois based LaSalle County is said to be fast recovering from a ransomware attack which is experienced on February 22nd, 2020. And the news is out that the county officials are in no mood to bow to the demands of…
Why vendor management is a cornerstone of security
When it comes to building a security program, one of the most frequently overlooked areas is that of vendor management. Organizations focus significant resources on internal security, such as vulnerability scans, centralized log management, or user training, while not extending…
Preparing for a Pandemic: How to Ensure Productivity and Security When Employees Must Work from Home
by Rita Selvaggi The global reach of the coronavirus has elevated the discussion around the need for “social distancing” and working remotely to avoid spreading the infectious virus. Global companies like IBM, Goldman Sachs, and PwC are asking employees to work from…
Cybersecurity warning for millions of websites
According to a security report released by BBC, millions of websites might face a risk of insecurity from March 4th,2020 due to a bug found in the digital certificates utilized to secure their access. It is estimated that over…
CIA faces digital espionage allegations from China
US Central Intelligence Agency (CIA) is alleged of conducting espionage on China for 11 years and the allegations were laid by a Chinese security firm named Qihoo 360. Reports are in that the espionage was conducted in digital form-all through…
Over 11 million cyber-attacks launched from Servers operating in Singapore
Singapore which is known as a digital hub of Asia is in news for all wrong reasons these days. A study conducted by Kaspersky says that over 11 million cyber attacks were launched from the servers operating in the scenic…
New PayPal phishing scam seeks to go beyond login credential information
Photo by Kon Karampelas on Unsplash An independent guest blogger wrote this blog. Up until now, some of PayPal users’ greatest fears in terms of cybersecurity were phishing scams aimed at obtaining their login credentials. In January of this year, PayPal confirmed a high-severity bug…
Ransomware attack knocks down Epiq Global
Technology-based legal services provider Epiq Global has made it official that its corporate digital services were pulled down offline due to a ransomware attack. The company’s website is offline from early Monday and the web-page notifies that it is down…
The Importance of Active Learning in the Data Science and Engineering
By Andrew Bolster, machine learning engineer at WhiteHat Security Back when I was pursuing my undergraduate degree in electronics and software engineering, I couldn’t imagine a path that would lead to me working with NATO on port protection and maritime…
Two Chinese nationals indicted by the US for North Korea Cyber Attack
US Justice Department has indicted two nationals from China in relation to the billions of laundering in relation to the Pyongyang Weapons program. Therefore, the indictment stands as the first legal order against Kim Jong UN-led nation who is known…
Tesco issues 620,000 Clubcards after discovering Cyber Attack
UK based Tesco has issued new 620,000 Clubcards to its customers after it discovered that the database containing user information related to the old cards was compromised with a cyber attack. All points and vouchers related to the old cards…
Dawn of a new decade: Leaping from GRC to IRM – A building block approach
This blog was co-authored by Carisa Brockman, GRC Practice Lead. First things first: It is crucial to understand the difference between Governance, Risk and Compliance (GRC) and Integrated Risk Management (IRM) because this sets the stage for long term strategic…
How to Retain the Right Kinds of Control in the Cloud
This post was originally published by Jacob Serpa. The last several years have seen an unprecedented shift in the way that businesses conduct their operations and employees perform their work. Users are no longer confined to working on premises from…
WHITE PAPER ON CLOUD SECURITY RISKS – AND HOW TO MITIGATE THEM
This post was originally published by(ISC)² Management. Cloud security today is touted as better than ever. So how do we explain the ever-increasing number of data breaches? According to the new white paper, Cloud Security Risks & How to Mitigate Them, the…
THREAT HUNTING: IS YOUR SECURITY OPERATION READY TO LAUNCH SUCH A PROGRAM?
This post was originally published by (ISC)² Management. It could be a blended attack as slick as a multichannel marketing campaign. Or a spontaneous crime of opportunity by a single dis-gruntled employee. It could even be an innocent configuration error.…
How VPNs Keep Your Data Secure
Virtual Private Networks are a pretty important point of contention nowadays. Namely, Internet privacy is being constantly attacked from many directions, leaks are common, and both governments and companies are trying to get their own piece of the pie. Facebook,…
How to avoid Amazon Chief Jeff Bezos Mobile Security pitfalls
We all know that Amazon Chief’s Jeff Bezos might have been hacked when he shared his number with a Saudi prince who later used phony tactics to gain access to the world’s richest businessman’s WhatsApp account and stole his private…
Microsoft Ireland confirms every 3 in 4 organizations are worried about Cyber Threats
Microsoft Ireland researchers have discovered that every 3 in 4 of the largest organizations operating in Ireland were worried by Cyber Threats after screening the employee security habits in the respective organizations. The focus of the researching team was on…
Cyber Attack news trending on Google
Firstly, it is the news related to a Cyber Attack on Redcar and Cleveland Borough Council which is trending on Google. On February 8th, 2020 a ransomware attack targeted the servers of the Redcar and Cleveland Borough Council disrupting the…
InfoSec needs a reputation overhaul
An independent guest blogger wrote this blog. I was in a medical office the other day, and when the doctor came into the room, he needed to unlock his phone to contact a pharmacy. I couldn’t help but notice that…
Understanding cyber attacker motivations to best apply controls
Implementing a risk based security program and appropriate controls against adaptive cyber threat actors can be a complex task for many organizations. With an understanding of the basic motivations that drive cyber-attacks organizations can better identify where their own assets…
Mobile Security alert as Google removes 600 apps downloaded 4.5 billion times
Google has stated that it has removed over 600 apps from its Play Store- howbeit not before there were downloaded 4.5 billion times on an overall note. The intention of the tech giant with the move was clear; to keep…
Russia criticizes Canada for Cyber Attacks on Georgia
Russia has sharply criticized Canada for blaming Moscow for launching Cyber Attacks on Georgia in 2019. The word comes just after the United States allegedly blamed Kremlin last week for launching cyberattacks on the websites of Georgia and Ottawa joining…
Ransomware shuts down Australian wool auction and erases data of Florida Police
The Australian wool auctioning event was shut down for a week as a ransomware attack on a supplier’s main software locked out the auctioning company from carrying on the event on a further note. Secretary of National Auction Selling…
Why vendor management is a cornerstone of security
When it comes to building a security program, one of the most frequently overlooked areas is that of vendor management. Organizations focus significant resources on internal security, such as vulnerability scans, centralized log management, or user training, while not extending…
Google Android 11 OS focuses more on Data Privacy
As Google opened the doors of Android 11 for developers last week the web search giant has insisted that its focus will be more on data privacy for this segment of the operating system. For instance, the upcoming version might…
US Massachusetts Power Station reigning under Ransomware Attack
Ransomware news is out that all computers belonging to a power station located in Massachusetts were reigning under a ransomware attack and hopes of revival are bleak. However, the good news is that the officials at the power station are…
US Pentagon ethically adopts AI to use in Battlefield
Finally, it’s out that the US Pentagon has decided to use the technology of Artificial Intelligence on the battlefield. However, the usage will be done via ethical practices will utmost judgment and care. As countries are showing a lot…
New PayPal phishing scam seeks to go beyond login credential information
Photo by Kon Karampelas on Unsplash An independent guest blogger wrote this blog. Up until now, some of PayPal users’ greatest fears in terms of cybersecurity were phishing scams aimed at obtaining their login credentials. In January of this year, PayPal confirmed a high-severity bug…
Dopple Leaks website launched by DopplePaymer Ransomware to publish victim data
Unexpected things are happening in the cyber world and here’s a news piece to share with those who are interested in knowing the latest in the ransomware world. Till a couple of years ago, ransomware spreading hackers were seen encrypting…
Mexico and Australian Governments tackling Cyber Attacks
Mexico’s economic ministry has made it official that it is has detected malevolent server activity on its servers on Sunday this week. But assured that no sensitive information was compromised in the incident and all security measures were beefed up…
Google revamps its Cloud Security measures
Google LLC has made an official announcement at the RSA Conference that it is going to facelift its Cloud Security capabilities of its consumers to protect their data, irrespective of the place where it resides. Thus, with the announcement the…
Report claims $11.5 billion loss from ransomware in 2019
A new report says that ransomware attacks quantified to $11.5 billion in damage in the year 2019 which confirms that those spreading file-encrypting malware has made some good profits for sure. According to a study made by Deep Instinct…hmm, not…
US Politician Katie Hill in news for launching DDoS Cyber Attack on an opponent
FBI arrested a 32-year old man named Jan Dam hailing from California for launching DDoS Cyber Attacks on a Congressional candidate’s website in April- May 2018- eventually paving way for the win of Katie Hill. As the accusations are proved,…
Ransomware leads to lawsuit and data concerns from NRC health
A Ransomware attack launched on New Jersey’s Hackensack Meridian Health on December 2nd, 2019 reportedly led to the disruption in services at 17 urgent care centers, hospitals, and nursing homes. At that time the hospital authorities paid an undisclosed sum…
Cloud Security that Performs
This post was originally published by Nat Kausik. We heard from another customer today that their incumbent cloud security vendor keeps going down. And when it is not down, DLP scans take hours, if they complete at all. What is…
The Healthcare Breach Report: Breaches on the Upsurge
This post was originally published by Juan Lugo. The vast majority of healthcare organizations utilize and store protected health information (PHI), which is composed of patients’ sensitive information. HIPAA, the privacy rule that classifies PHI, describes protected health information as medical history,…
Bitglass Security Spotlight: Healthcare Burglary Results in Data Breach Affecting Over 654,000 Members
This post was originally published by Juan Lugo. As cloud adoption continues to increase exponentially across all industries, data breaches have been, by large, the result of hacking and IT incidents. However, there are still a few data breaches each year that…
BREACHES INCREASED IN 2019, BUT THE NUMBER OF EXPOSED RECORDS DECLINED
This post was originally published by (ISC)² Management. The number of U.S. data breaches bumped up 17% in 2019 but despite the increase, the volume of sensitive consumer records that were exposed declined substantially by 65%, according to a newly…
A new twist on “Parental consent”
An independent guest blogger wrote this blog. I was at breakfast the other day with some family friends, and the topic of genealogy came up. Over the past few years, various sites have sprouted up that offer to trace your…
Google trending Cyber Attack news headlines
Firstly, it is the US Department of Defense which is topping the headlines when it comes to cyber-attacks. News is out that the systems related to Defense Information Systems Agency(DISA) affiliated to DoD have been hacked the incident reportedly exposed…
Ransomware attack on ISS World
ISS World, a Denmark based company that is into catering, cleaning and security business is reported to have become a victim of a ransomware cyberattack. The company’s website has been inaccessible since Feb 17th of this week and the management…
DNA data become a soft target for hackers who are stealing it via Cyber Attacks
A team of security experts from Israel has warned that hackers are seen sweetly preying on DNA Research repositories these days as it proving lucrative to them. Researchers from Ben Gurion University (BGU) have released a white paper on the…
Is the cybersecurity skills gap real?
An independent guest blogger wrote this blog. If you do a web search for “cybersecurity skills gap,” you’ll get many, many pages of results. It’s certainly a hot topic in our industry. And it’s a matter that security practitioners and…
Google Adsense users facing extortion Cyber Threats with fake web traffic
If you maintain a website, then you will surely know what Google does if you flood your website with fake web traffic. Yes, for the first count it bans you on a temporary note and as soon as it detects…
Ransomware data recovery on Amazon Cloud
Ransomware attacks have become a menace to companies and so Cloudian in association with Veeam has built an Object Storage on Amazon S3 Cloud platform to help companies combat ransomware attacks. The usage framework is simple to understand- When…
What is a Gen 6 Cyber Attack
As the cyber attack vectors are ever-evolving, it is becoming increasingly challenging for companies and individuals to protect themselves from the dangers lurking in the digital landscape. Recent research carried out by security researchers of Check Point has concluded…
InfoSec needs a reputation overhaul
An independent guest blogger wrote this blog. I was in a medical office the other day, and when the doctor came into the room, he needed to unlock his phone to contact a pharmacy. I couldn’t help but notice that…
Cyber Attack result is Coronavirus outbreak
Yes, what you’ve have read is right! There is a talk going on the web that the current outbreak of Coronavirus could be a result of a cyber-attack. Unlike, the ongoing speculation that it was either a result of Chinese…
Plastic surgery videos leaked due to misconfigured Amazon Web Services Cloud
A study carried out by a team of security experts from vpnMentor has found that a database exposure due to a misconfigured cloud server has leaked plastic surgery photos and videos of patients belonging to a French Plastic Surgery Company…
Ransomware attack on US Gas supply
DHS has issued an advisory yesterday citing a recent ransomware attack on a natural gas supplier as an example that critical infrastructure in the United States was super-vulnerable to cyber attacks. The security advisory has highlighted the fact that companies…
Building comprehensive cybersecurity policies
Image Source: Photo by freestocks.org on Unsplash An independent guest blogger wrote this blog. When you think of cybersecurity, what’s the first thing to come to mind? Most of the time, it might be your business’s IT team, who run…
Why vendor management is a cornerstone of security
When it comes to building a security program, one of the most frequently overlooked areas is that of vendor management. Organizations focus significant resources on internal security, such as vulnerability scans, centralized log management, or user training, while not extending…
Windows and Linux Servers globally are vulnerable to Cyber Attacks
Millions of servers running on Windows and Linux operating systems are reported to be vulnerable to cyber-attacks. And this was concluded in a research carried out by researchers from Eclypsium- a company offering Enterprise Firmware Security. Going deep into…
Rutters hit by Payment Card Malware
Rutters, the Central Pennsylvania based company which offers a chain of convenience stores and gas stations across Maryland, and West Virginia has released a press statement on Saturday that the Point of Sale (PoS) machines operating in 71 of its…
Cisco and NEC partnership to offer Cyber Threat proof network equipment
Amid claims that Chinese 5G network equipment supplier Huawei is offering products with backdoors for conducting espionage, Japanese IT Giant NEC and Cisco have decided to offer network equipment under a partnership deal where the supplied equipment will be cyber…
Mobile vs. Web Apps: What’s the Difference and How Can Businesses Secure Them?
By: Eduardo Cervantes, manager, Mobile Application Security Testing, WhiteHat Security In an age where building applications is essential to business success, it’s more important than ever that application security is approached correctly. In fact, according to Statista, apps are expected to generate…
Mobile security alert as apps surpass security settings to spread malware
A research carried out by Cybersecurity researchers from Trend Micro has revealed some astonishing results. Some apps in disguise of cleaning software and malware cleaners are stealing data like password and banking records from phones and are transmitting it to…
RYUK Ransomware attack on servers of Port Lavaca City Hall
Russian hackers developed RYUK Ransomware is said to have hit the servers operating in the city of Port Lavaca disrupting almost all the critical servers of the City Hall. However, Mayor Jack Whitlow has assured that no data was compromised…
US healthcare industry incurred damage of $150 M from Ransomware
A study concluded by Tech research firm Comparitech has confirmed that the damage caused by the US Healthcare Industry due to ransomware is estimated to be around $157 million since 2016. However, the research also highlighted the fact from the…
10 things to know about cybersecurity in 2020
Cybersecurity talent is elusive, resources are dwindling, but hacks are on the rise. We’re addressing these challenges as “must-haves” as we kick off the year is essential to an organization’s cybersecurity strategy. Here are some of the 10 things to…
New PayPal phishing scam seeks to go beyond login credential information
Photo by Kon Karampelas on Unsplash An independent guest blogger wrote this blog. Up until now, some of PayPal users’ greatest fears in terms of cybersecurity were phishing scams aimed at obtaining their login credentials. In January of this year, PayPal confirmed a high-severity bug…
Do you need certifications to get an InfoSec job?
I’ve seen Tweets and heard many discussions about certifications, like CISSP, CEH, OSCP and so on, in InfoSec. No doubt certifications have value – in many situations hiring managers are quickly going through resumes and certifications are symbolic of at…
How Smart Cards Work
An independent guest blogger wrote this blog. In this modern age, there’s been a significant improvement in the digitization of traditional payment methods. We live in a technologically advanced era, and as such, advancements in payment infrastructures makes life easier,…
Ransomware Attack on Redcar and Cleveland Council servers
Public services have been partially disrupted for a week for those living in UK based Redcar and Cleveland Borough says a report published in BBC. And the news is out that the cyber attack has all traits related to ransomware…
US alleges Huawei digitally stole trade secrets from Cisco and T-Mobile
The US Department of Justice (DoJ) pushed a fresh set of allegations onto Chinese telecom equipment provider Huawei on Thursday. The fed claims that it has evidence that Huawei engaged in activities such as digital stealing of trade secrets from…
Over 3.5 billion lost to Cyber Attacks and Ransomware says FBI
FBI’s Annual Report on Cyber Crime states that businesses and individuals have lost more than 3.5 billion to cyber-attacks and those spreading ransomware. The law enforcement agency highlighted in the report that incoming month’s ransomware can take a big toll…
InfoSec needs a reputation overhaul
An independent guest blogger wrote this blog. I was in a medical office the other day, and when the doctor came into the room, he needed to unlock his phone to contact a pharmacy. I couldn’t help but notice that…
Healthcare security: How can blockchain help?
This is part 2 of a blog on healthcare security. For more info, check out part 1. An independent guest blogger wrote this blog. When it comes to data security, there is no more important place than the healthcare industry. When…
All I want for Christmas is secure IoT gifts!
The holiday season is upon us once more, and in that last-minute scramble to find presents for your loved ones, you may be searching for some more slightly left field ideas. Well, fear not! Our Internet of Things (IoT) gift…
Five key takeaways from European Utility Week 2019
This year’s European Utility Week represented an exciting opportunity for manufacturers and service providers to showcase the latest developments in the utilities space. With so much of the world’s attention rightfully focused on the climate crisis, and especially on reducing the impact of household emissions on the environment, the most…
How to Share Files in a Secure way
When it comes to sharing files, most online users either tend to use email or cloud storage services to send data to and fro. So, this article will help throw some light on the other sharing services which most do…
IBM says more than 8.5 billion records were leaked in Cyber Attacks
According to IBM’s X-Force Threat Intelligence Index 2020, more than 8.5 billion records were leaked in cyber attacks in 2019. And out of them over 7 billion records were accessed by hackers due to misconfigured cloud servers and human errors.…
Ransomware attack on Miami Beach Police and Florida County Election
News is out that a ransomware attack took place on the North Miami Beach Police department locking down the entire computer network of the law enforcement agency. However, officials have assured that no personal information was compromised in the…
It is getting harder for us to prove who we are
I had an interesting experience the other day. I had to renew my driver’s license. In previous renewal cycles, this was no big deal. One could just visit the local Department of Motor Vehicles (with a bagged lunch since it…
CES 2020: Tech trends to watch out for this year
This year marks the 53rd annual Consumer Electronics Show (CES) in Las Vegas. And, as seems to be the case very year, this year the show was the biggest and best one yet. With new inventions stretching the imagination and…
Apple Mac devices are more vulnerable to Cyber Threats than Windows PCs
For the first time, a research carried out by Anti-Virus software offering company Malwarebytes has discovered that the number of cyberattacks on Apple Mac Devices have outpaced the number of cyber threats on Windows PCs. The security study claims…