NATO member Lithuania is under attack from Russian hacking group Killnet. It raises serious concerns over Russia’s use of cyber warfare against NATO states.
The post Russian Hackers Declare War on Lithuania — Killnet DDoS Panic appeared first on Secur…
Tag: Editorial Calendar
Europe, Global Security News, North America
Using AI and ML to Fight Zero-Day Attacks
by Sue Poremba •
If it felt like you were asked to download a lot of patches in May and June, it’s because there were a lot of patches in May and June. An increase in zero-day vulnerabilities and exploits led to an increase in attacks. In fact, Mandiant reported that …
Europe, Global Security News, North America
ADPPA US Privacy Law: Coming Soon in Wake of Roe v. Wade Redo
by Richi Jennings •
We could soon have a federal GDPR. But the American Data Privacy and Protection Act wasn’t the only privacy related issue on Capitol Hill last week.
The post ADPPA US Privacy Law: Coming Soon in Wake of Roe v. Wade Redo appeared first on Security Boul…
Europe, Global Security News, North America, Vulnerabilities
Hacker Paige Thompson Could Face 45 Years in Prison — ‘Suicide by Law Enforcement’
by Richi Jennings •
Capital One hacker Paige A. Thompson has been found guilty. But it has to be said that Capital One’s security design was absolutely awful.
The post Hacker Paige Thompson Could Face 45 Years in Prison — ‘Suicide by Law Enforcement’ appeared first on S…
Europe, Global Security News, North America
BlackBerry Set to Unfurl Zero-Trust Network Access Service
by Michael Vizard •
BlackBerry Ltd. next month will make available a zero-trust network access-as-service offering based on a gateway it hosts on its cloud platform. Alex Willis, vice president of global sales engineering and independent software vendors (ISVs), said the…
Europe, Global Security News, North America, Vulnerabilities
Tesla Fails Yet Again: Hackers can Steal Cars via NFC
by Richi Jennings •
Tesla Models 3 and Y can be unlocked and stolen via a bug in their NFC software. Two separate research groups found this new bug at around the same time.
The post Tesla Fails Yet Again: Hackers can Steal Cars via NFC appeared first on Security Bouleva…
Europe, Global Security News, North America
CISA Announces Joint Ransomware Task Force
by Nathan Eddy •
Cybersecurity and Infrastructure Security Agency (CISA) director Jen Easterly announced the formation of a joint ransomware task force, plans for which were originally outlined in the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (C…
Europe, Global Security News, North America, Vulnerabilities
Flawed MFA Opens Doors to Ransomware
by Sue Poremba •
Use multifactor authentication and be protected from ransomware—at least that’s what dozens of cybersecurity experts and the government advised. Even the Cybersecurity and Infrastructure Security Agency (CISA) states on its website: “MFA increases sec…
Europe, Global Security News, North America, Vulnerabilities
US Offers $15M Reward for Conti Ransomware Gang
by Nathan Eddy •
The U.S. Department of State announced a reward of up to $10 million for information leading to the identification or location of key leaders of the Conti ransomware crime group, which has been responsible for hundreds of ransomware incidents over the…
Europe, Global Security News, North America
Mobile Devices As Attack Vector for Ransomware
by Sue Poremba •
The amount of damage that can be done by a ransomware attack against a network is well known. We’ve seen the stories about hospitals, universities, and governments taken offline and the threats made to organizational and consumer information. The focu…
Europe, Global Security News, North America, Vulnerabilities
Putin’s ‘Victory Parade’ TV Show Hacked: ‘Blood on Your Hands’
by Richi Jennings •
Ukrainian hackers and their friends continue to pummel Russian computers. “Hundreds of millions of documents” are being leaked. And today, Putin’s famous Victory Parade has been marred by hackers.
The post Putin’s ‘Victory Parade’ TV Show Hacked: ‘Blo…
Europe, Global Security News, North America, Vulnerabilities
Spanish Govt. Hacked by NSO Pegasus Spyware (or was it?)
by Richi Jennings •
The prime minister and the defense minister of Spain were infected with Pegasus. The notorious spyware, sold by NSO Group “only to governments,” caused large amounts of data to be exfiltrated.
The post Spanish Govt. Hacked by NSO Pegasus Spyware (or w…
Europe, Global Security News, North America, Vulnerabilities
Ukraine Beats Russia in Cyberwarfare — at ‘Unprecedented Scale’
by Richi Jennings •
Russia is attacking Ukraine with cyberattacks and psyops. But the scale is pathetic and Ukraine is fighting back—hard.
The post Ukraine Beats Russia in Cyberwarfare — at ‘Unprecedented Scale’ appeared first on Security Boulevard.
Europe, Global Security News, North America
ThreatX Update Provides More Visibility Into API Security
by Michael Vizard •
ThreatX today expanded its namesake platform for protecting application programming interfaces (APIs) to provide increased visibility into the size of the attack surface and the scope of the attacks being launched against APIs. In addition, the latest…
Europe, Global Security News, North America, Vulnerabilities
‘Crypto Bug of the Year’ Fixed — Update Java NOW
by Richi Jennings •
A ridiculously dumb flaw in Java’s signature checking code is patched. This isn’t some crufty legacy Sun code, but actual garbage Oracle sloppiness that’s causing IT people to chase their tails yet again.
The post ‘Crypto Bug of the Year’ Fixed — Upda…
Europe, Global Security News, North America
Prioritizing Security a Challenge for Dev Teams
by Sue Poremba •
Security has long been seen as an afterthought in the DevOps process, and a new report from Secure Code Warrior offers a reason why. While developers say a security-led approach is important within the software development life cycle, 86% of responden…
Europe, Global Security News, North America, Vulnerabilities
The Top 7 Most Common Web Vulnerabilities
by Bill Doerrfeld •
Invicti has published the Spring 2022 Edition of The Invicti AppSec Indicator, a comprehensive study that ranks the most common web vulnerabilities. To conduct their research, Invicti analyzed 939 customers across the globe for flaws, discovering 282,…
Europe, Global Security News, North America
China Conquers Confidential Comms – U.S. Utterly Undone
by Richi Jennings •
Chinese researchers have achieved yet another security advance: They managed to communicate across a distance of more than 60 miles. The aptly named Prof. Long (pictured) and his team at Tsinghua University published their achievement last week.
The p…
Europe, Global Security News, North America
Can GitOps Improve Application Security?
by Gilad David Maayan •
GitOps is a set of practices for managing infrastructure and application deployment using Git version control systems. GitOps uses a Git repository as a single source of truth for declarative configuration of both infrastructure and applications. In o…
Europe, Global Security News, North America
Trans-Atlantic Data Privacy Framework’s Impact on AppSec
by Sue Poremba •
Earlier this year, the White House announced that it is working with the European Union on a Trans-Atlantic Data Privacy Framework. According to a White House statement, this framework will “reestablish an important legal mechanism for transfers of EU…
Europe, Global Security News, North America, Vulnerabilities
Russia Tries to Kill Ukraine’s Power Grid—and FAILS
by Richi Jennings •
Russia’s infamous Sandworm APT group is at it again: The scrotes have been trying to cut power to the Ukrainian capital.
The post Russia Tries to Kill Ukraine’s Power Grid—and FAILS appeared first on Security Boulevard.
Europe, Global Security News, North America, Vulnerabilities
NSO Group Spied on European Union—on French Orders?
by Richi Jennings •
An espionage attempt was made by an NSO Group customer to hack the phones of senior EU officials.
The post NSO Group Spied on European Union—on French Orders? appeared first on Security Boulevard.
Europe, Global Security News, North America
Facebook Destroys Russian Trolls (Hey Hey Rise Up)
by Richi Jennings •
Meta says it’s eliminated countless fake Facebook troll accounts, controlled by state actors from Russia and Belarus.
The post Facebook Destroys Russian Trolls (Hey Hey Rise Up) appeared first on Security Boulevard.
Europe, Global Security News, North America, Vulnerabilities
Developers Remediate Less Than a Third of Vulnerabilities
by Nathan Eddy •
Developers are regularly ignoring security issues as they deal with an onslaught of issues from security teams, even as they are expected to release software more frequently and faster than ever before. In addition, developers fix just 32% of known vu…
Europe, Global Security News, North America, Vulnerabilities
Apple Failed—AirTag has a HUGE Stalking Problem
by Richi Jennings •
One year on, the Apple AirTag product has proved the dire predictions correct: They’re being used to “stalk and harass women.”
The post Apple Failed—AirTag has a HUGE Stalking Problem appeared first on Security Boulevard.
Europe, Global Security News, North America, Vulnerabilities
Mailchimp Hack Causes Theft of Trezor Crypto Wallet ‘Money’
by Richi Jennings •
Hackers have stolen a mother lode of personal data from Intuit’s email marketing operation, Mailchimp.
The post Mailchimp Hack Causes Theft of Trezor Crypto Wallet ‘Money’ appeared first on Security Boulevard.
Europe, Global Security News, North America
Google Opens new Ad-Targeting API—Topics, ‘Privacy Sandbox’ and FLEDGE
by Richi Jennings •
Cookies are dead—or, at least, their days are numbered. Instead, Google wants to shape the future of targeted advertising.
The post Google Opens new Ad-Targeting API—Topics, ‘Privacy Sandbox’ and FLEDGE appeared first on Security Boulevard.
Europe, Global Security News, North America, Vulnerabilities
Apple, Facebook Doxxed Users—via Fake Police EDRs
by Richi Jennings •
Hackers have been spoofing email from police forces to steal personal data from big tech companies.
The post Apple, Facebook Doxxed Users—via Fake Police EDRs appeared first on Security Boulevard.
Europe, Global Security News, North America, Vulnerabilities
The Sisyphean Task of Vulnerability Management
by Sandeep Lahane •
According to Greek mythology, Zeus punished Sisyphus for cheating death (twice!) by forcing him to roll a boulder up a hill only for it to roll down each time it neared the top; he had to repeat this action for eternity. The thought of the continuous,…
Europe, Global Security News, North America
Ransomware, Malware, Phishing Top List of IT Security Concerns
by Nathan Eddy •
Malware, ransomware and phishing continue to plague global organizations, according to the Thales 2022 Global Data Threat Report. The survey of more than 2,700 executives with influence over IT and data security found one in five (21%) have experience…
Europe, Global Security News, North America, Vulnerabilities
Kaspersky Banned by FCC: ‘Threat to National Security’
by Richi Jennings •
The FCC added Kaspersky Lab to a list of banned companies. The commission alleges the firm is a threat to U.S. national security.
The post Kaspersky Banned by FCC: ‘Threat to National Security’ appeared first on Security Boulevard.
Europe, Global Security News, North America
Cloud Automation Key to Future-Proofing Cybersecurity
by Nathan Eddy •
Organizations are turning to cloud automation to help them future-proof cybersecurity plans, particularly when coupled with autonomous privileges and access. These were among the results of a Delinea survey of 300 IT decision-makers, conducted on the …
Europe, Global Security News, North America, Vulnerabilities
Cashio Stablecoin: Not Stable—CASH Loses 99.99995%
by Richi Jennings •
A hacker drove a stablecoin into the ground yesterday. Cashio, a USD-backed coin is now all-but worthless.
The post Cashio Stablecoin: Not Stable—CASH Loses 99.99995% appeared first on Security Boulevard.
Europe, Global Security News, North America
Are You Prepared for Your Next Cloud Incident?
by Ofer Maor •
Cloud adoption continues to accelerate and exceed expectations year after year. Gartner expects public cloud services to grow another 21.7% in 2022, and while this is a positive direction for the industry as a whole, it creates a dramatic shift in cyb…
Europe, Global Security News, North America
Data Privacy Laws Add Complexity to Securing the Cloud
by Sue Poremba •
There are twelve states currently considering new data privacy laws or considering making updates and changes to laws that are already in place. The Virginia Consumer Data Protection Act (VCDPA), for example, goes into effect on January 1, 2023. All o…
Europe, Global Security News, North America
Bad Dog—Everyone HATES This FIDO Passwordless Idea
by Richi Jennings •
Behold! The next steps to passwordless nirvana. But will FIDO2-WebAuthn let “privacy invading megacorps” profit from your private data?
The post Bad Dog—Everyone HATES This FIDO Passwordless Idea appeared first on Security Boulevard.
Europe, Global Security News, North America
Cloud Security Tool Sprawl Draining IT Teams
by Nathan Eddy •
Cloud security management issues are increasing the flood of false positive alerts and missed critical issues and contributing to higher burnout rates for IT teams. These were among the findings of an Orca Security survey of 800 IT professionals acros…
Europe, Global Security News, North America
Russia Bans Instagram—Influencers Cry While Ukrainians Die
by Richi Jennings •
Putin’s Kremlin has followed through on its threat to ban Meta’s Instagram app in Russia. But the reason given seems … suspicious.
The post Russia Bans Instagram—Influencers Cry While Ukrainians Die appeared first on Security Boulevard.
Europe, Global Security News, North America
Orgs Still Struggling With Cloud Security
by Sue Poremba •
A dozen years ago, when organizations were still in the early stages of adopting cloud computing, the biggest obstacle was security. SMBs especially didn’t seem to understand what the cloud was, and were particularly stymied by the challenge of keepin…
Europe, Global Security News, North America, Vulnerabilities
Russia Force-Feeds new, ‘Trusted’ CA—Yeah, RIGHT
by Richi Jennings •
Websites in Russia can’t renew their TLS/HTTPS certs. Moscow’s solution is to create a new certificate authority. But the man-in-the-middle threat should be obvious.
The post Russia Force-Feeds new, ‘Trusted’ CA—Yeah, RIGHT appeared first on Security …