Link to blog post This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Steve Person, CISO, Cambia Health Thanks to our show sponsor, Conveyor It’s spooky season, and nothing’s scarier than all of…
Tag: EN
The Unsolvable Problem: XZ and Modern Infrastructure
The ongoing prevalence (and rise) of software supply chain attacks is enough to keep any software developer or security analyst up at night. The recent XZ backdoor attack is finally… The post The Unsolvable Problem: XZ and Modern Infrastructure appeared…
Google Chrome’s uBlock Origin Purge Has Begun
Plus: The alleged SEC X account hacker gets charged, Kroger wriggles out of a face recognition scandal, and Microsoft deals with missing customer security logs. This article has been indexed from Security Latest Read the original article: Google Chrome’s uBlock…
Managing Foreign Government Information (FGI) on a Network
If you’re a firm that works with foreign governments, in addition to certifications like ISO 27001 that you will generally need to achieve, you will also have to have processes in place for handling foreign government information or FGI. It’s…
Acronym Overdose – Navigating the Complex Data Security Landscape
In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to…
Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks
A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain. “The group under review…
How-To create Security User Stories
In the previous article, we explored how Scrum enables teams to add security to the backlog and prioritize it based on risk. Incorporating security into the SDLC ensures that security is not an afterthought but an integral part of the…
Gone Phishin’ – Everything you need to know (and more). Cyber Security Today Weekend for October 19, 2024
Phishing and Cybersecurity: Evolution, Tactics, and Human Factors In this deep dive into the world of cybersecurity, join experts Jim Love and David Shipley as they unravel the ever-evolving landscape of phishing attacks and modern cyber threats. Through discussing the…
The Disinformation Warning Coming From the Edge of Europe
Moldova is facing a tide of disinformation unprecedented in complexity and aggression, the head of a new center meant to combat it tells WIRED. And platforms like Facebook, TikTok, Telegram and YouTube could do more. This article has been indexed…
Omni Family Health data breach impacts 468,344 individuals
Omni Family Health disclosed a data breach affecting nearly 470,000 current and former patients and employees. Omni Family Health is a nonprofit organization that provides healthcare services to communities in California, focusing on underserved populations. They offer a range of…
Southeast Asia reiterates pledge to collaborate amid growing cyber threats in AI era
ASEAN member states now have a physical CERT facility located in Singapore to exchange threat intel and best practices. This article has been indexed from Latest stories for ZDNET in Security Read the original article: Southeast Asia reiterates pledge to…
Get an Untrusted Security Advisor! Have Fun, Reduce Fail!
Many organizations are looking for trusted advisors, and this applies to our beloved domain of cyber/information security. If you look at LinkedIn, many consultants present themselves as trusted advisors to CISOs or their teams. Untrusted Advisor by Dall-E via Copilot This perhaps…
Is End-User Cybersecurity Training Useless? Spoiler Alert: It’s Not!
Chris Clements, VP of Solutions Architecture Because of the frequency of phishing attacks landing in user mailboxes and the severity of the consequences of a user falling for a lure, any improvement at all can make the difference between an…
Jetpack fixes 8-year-old flaw affecting millions of WordPress sites
Also, new EU cyber reporting rules are live, exploiters hit the gas pedal, free PDNS for UK schools, and more in brief A critical security update for the near-ubiquitous WordPress plugin Jetpack was released last week. Site administrators should ensure…
EFF to Third Circuit: TikTok Has Section 230 Immunity for Video Recommendations
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> EFF legal intern Nick Delehanty was the principal author of this post. EFF filed an amicus brief in the U.S. Court of Appeals for the Third Circuit…
FBI and CISA Issue Public Service Announcement Warning of Tactics Foreign Threat Actors are Using to Spread Disinformation in the 2024 U.S. General Election
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from CISA News Read the original article: FBI and CISA Issue Public Service Announcement Warning of Tactics Foreign…
Friday Squid Blogging: Squid Scarf
Cute squid scarf. Blog moderation policy. This article has been indexed from Schneier on Security Read the original article: Friday Squid Blogging: Squid Scarf
Iran-linked actors target critical infrastructure organizations
U.S. and allies warn of attacks from Iran-linked actors targeting critical infrastructure through brute-force attacks in a year-long campaign. Intelligence and cybersecurity agencies from the U.S., Australia, and Canada, warn about a year-long campaign carried out by Iran-linked threat actors…
APIContext Joins Akamai’s Qualified Compute Partner Program to Boost Cloud Capabilities
APIContext, a company specializing in API-driven solutions, has joined Akamai Technologies’ Qualified Compute Partner Program as an Independent Software Vendor (ISV). This collaboration allows APIContext to leverage Akamai’s computing infrastructure, providing clients with enhanced performance, scalability, and security for their…
A Flourishing Internet Depends on Competition
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> Antitrust law has long recognized that monopolies stifle innovation and gouge consumers on price. When it comes to Big Tech, harm to innovation—in the form of “kill…