Information security

[ follow ]
Information security
Theregister
16 hours ago
Information security

JetBrains fixes 26 'security problems,' offering no details

JetBrains urged users to upgrade due to 26 security issues in TeamCity.
JetBrains declined to disclose details for security fixes.
TechRepublic
1 day ago
Information security

Protect Your Business With This Seamless Firewall for $50

DNS FireWall offers a cost-effective solution for cybersecurity protection.
DNS FireWall uses machine learning to proactively block malware, phishing, and botnets.
CyberScoop
3 days ago
Information security

US and UK accuse China of cyber operations targeting domestic politics

U.S. government accuses Chinese nationals of hacking operation targeting political targets in the U.S.
Indictment unveiled against Chinese group for breaching personal devices of U.S. officials, dissidents, and companies.
TechRepublic
2 days ago
Information security

Microsoft: 87% of UK Businesses Are Unprepared for Cyberattacks

Only 13% of UK businesses are resilient to cyberattacks, 87% are at risk.
AI in cybersecurity can increase resilience and reduce costs for organizations.
TechRepublic
2 days ago
Information security

6 Best Authenticator Apps for 2024

Authenticator apps add security against identity-related breaches.
Google Authenticator provides locally generated time-based passcodes for offline authentication support.
TechRepublic
2 days ago
Information security

New GoFetch Vulnerability in Apple's M Chips Allows Secret Keys Leak on Compromised Computers

GoFetch vulnerability affects Apple's M1, M2, and M3 chips, allowing exfiltration of keys from cryptographic applications.
The vulnerability resides in Data Memory-dependent Prefetchers in the chips, exploiting behavior that confuses memory content with pointer values to guess secret keys.
moreInformation security
Theregister
2 days ago
Information security

Uncle Sam has had enough of SQL injection vulnerabilities

US authorities urge software vendors to conduct formal code reviews to eliminate SQL injection vulnerabilities.
Customers advised to hold vendors accountable by asking about mitigation measures for SQL injection exploits.
Exponential-e Ltd.
3 days ago
Information security

Ransomware: lessons all companies can learn from the British Library attack

The British Library faced a major cyber incident with data encryption and exfiltration by Rhysida ransomware gang.
British Library refused to pay ransom, emphasizing adherence to the UK's policy against such payments.
Theregister
4 days ago
Information security

Vans says cyber crooks didn't nab customers' financial info

35.5 million customers notified of identity threat
No evidence of credit card or bank account details stolen
WIRED
5 days ago
Information security

Apple Chip Flaw Leaks Secret Encryption Keys

Hotel room locks worldwide vulnerable to intrusion technique
Privacy concerns include Apple's iMessage encryption and data sharing by websites.
TechRepublic
6 days ago
Information security

JumpCloud vs Okta (2024): IAM Software Comparison

Identity and access management software is crucial for network security.
JumpCloud and Okta are significant players in the IAM space.
InfoQ
1 week ago
Information security

Google Cloud Launches Security Command Center Enterprise

Security Command Center Enterprise integrates Mandiant expertise and Generative AI for proactive and simplified cloud security.
The solution bridges the gap between cloud security and enterprise security operations, enabling organizations to manage and prioritize cloud risk effectively.
TechRepublic
1 week ago
Information security

6 Best Multi-Factor Authentication (MFA) Solutions for 2024

Google Authenticator for individuals
Cisco Duo for small to medium-sized businesses
Auth0 for startups and nonprofits
siliconvalleyjournals.com
1 week ago
Information security

Sevco Security Achieves Remarkable Growth and Secures $17M in New Funding

Sevco Security experiences significant growth in 2023 driven by product enhancements and customer adoption
Challenges in traditional enterprise asset detection lead to increased demand for innovative solutions like Sevco's CAASM platform
DevOps.com
1 week ago
Information security

DevSecOps: 5 Tips for Developing Better, Safer Apps - DevOps.com

Cloud attacks are increasing with a 95% surge in 2022, emphasizing the critical importance of security in the cloud.
DevOps teams play a crucial role in addressing security concerns through early detection and prevention measures.
Coindesk
1 week ago
Information security

North Korean Crypto Hackers Have Stolen $3B Since 2017, Says UN Security Council: Report

North Korea-linked cryptocurrency hacks totaled $3 billion between 2017 and 2023.
UN Security Council panel investigating 17 crypto heists in 2023 valued at over $750 million.
The Verge
1 week ago
Information security

Cyberattacks are targeting US water systems, warns EPA and White House

Water and wastewater systems are vulnerable to cyberattacks due to lack of resources for cybersecurity practices.
Biden administration urges states to enhance security measures for critical water infrastructure against disabling cyberattacks.
CyberScoop
1 week ago
Information security

White House, EPA warn water sector of cybersecurity threats

Attacks on water systems are increasing in the U.S.
EPA is establishing a cybersecurity task force for water utilities.
Theregister
1 week ago
Information security

US task force aims to plug security leaks in water sector

US government is urging states to enhance cybersecurity in the water sector.
A Water Sector Cybersecurity Task Force is being established to address vulnerabilities and adopt best practices.
TechRepublic
1 week ago
Information security

Proofpoint: APAC Employees Are Choosing Convenience, Speed Over Cyber Security

Employees in Asia-Pacific take security risks despite knowing they are risky.
Japanese employees exhibit better cybersecurity behavior, possibly due to cultural values.
Ars Technica
1 week ago
Information security

Critical US water systems face "disabling cyberattacks," White House warns

Water utilities facing disabling cyberattacks by foreign nations
Specific incidents of cyberattacks on water facilities
TechRepublic
1 week ago
Information security

Keep Your Data Safe and Become More Productive for Just $30

Microsoft Windows 10 Pro increases productivity and efficiency for business users.
Windows 10 Pro offers enhanced security features like Windows Hello and BitLocker.
TechCrunch
1 week ago
Information security

Pokemon resets some users passwords after hacking attempts | TechCrunch

Pokemon Company detected hacking attempts and reset affected user passwords.
Only 0.1% of targeted accounts were compromised, a similar tactic to credential stuffing.
BleepingComputer
1 week ago
Information security

Fujitsu found malware on IT systems, confirms data breach

Fujitsu discovered malware on systems, leading to customer data theft.
Fujitsu has informed authorities and customers about the incident and is investigating the data breach.
Forbes
1 week ago
Information security

Council Post: A New Approach To Cloud Security For 2024

Companies face new challenges and risks while reinventing themselves in the cloud.
Mitigating cyber risks is a top priority for the C-suite, with a focus on cloud security.
Graham Cluley
1 week ago
Information security

Fujitsu hack raises questions, after firm confirms customer data breach

Fujitsu discovered malware on its systems potentially leading to data theft
Lack of transparency in Fujitsu's disclosure about the cyberattack
Theregister
1 week ago
Information security

Fujitsu: Miscreants deployed malware on our systems

Fujitsu confirmed internal computers compromised with malware and potential customer information theft.
Fujitsu taking steps to investigate breach, notify affected individuals, and enhance security measures.
vulnerabilities
Theregister
1 week ago
Information security

133k+ Fortinet appliances still vulnerable to CVE-2024-21762

Vulnerable Fortinet appliances
High number of exposures
Zero Day Initiative
2 weeks ago
Information security

Zero Day Initiative - The March 2024 Security Update Review

Adobe released six patches addressing 56 vulnerabilities in various products.
Microsoft's Patch Report webcast on YouTube covers the latest security updates.
ComputerWeekly.com
2 weeks ago
Information security

March Patch Tuesday throws up two critical Hyper-V flaws | Computer Weekly

Two critical vulnerabilities in Windows Hyper-V were fixed, notably with a decrease in total fixed vulnerabilities from the previous month.
The slimline update this Patch Tuesday did not include any zero-day vulnerabilities or PoCs, leading to a moment of relative calm in the cybersecurity landscape.
Theregister
2 weeks ago
Information security

Windows admin-to-kernel exploit went unpatched for 6 months

Researchers notified Microsoft of a rootkit vulnerability in Windows, but the patch took six months to be released.
A serious admin-to-kernel exploit in a driver associated with AppLocker was reported, allowing an attacker to control the kernel function.
morevulnerabilities
TechRepublic
1 week ago
Information security

6 Best VPNs for Gaming in 2024

The video game industry revenue surpasses film and music industries combined in 2022.
VPNs play a crucial role in providing security and accessing geo-blocked content for gamers and gaming businesses.
TechRepublic
1 week ago
Information security

Get on CompTIA Certification Track With These $30 Study Guides

Invest in IT certifications to enhance business potential
Comprehensive study guides available for various certification exams at a discounted price of $29.99.
CyberScoop
1 week ago
Information security

Health care groups resist cybersecurity rules in wake of landmark breach

Cyberattack on payment processor affects healthcare system
Debate on implementing cybersecurity regulations for healthcare sector
CyberScoop
1 week ago
Information security

Confronted with Chinese hacking threat, industrial cybersecurity pros ask: What else is new?

Chinese hacking operations targeting critical infrastructure are not surprising to experts.
Many cybersecurity experts view Chinese hacking as the status quo.
TechRepublic
2 weeks ago
Information security

5 Benefits of Passwordless Authentication

Passwordless technology is on the rise to combat password overload and security risks.
Benefits of going passwordless include cost savings, improved productivity, and enhanced security.
CyberScoop
2 weeks ago
Information security

FCC approves cybersecurity label for consumer devices

The U.S. Cyber Trust Mark is a voluntary label for IoT security standards.
Consumers may influence product security standards through the Trust Mark program.
TechRepublic
1 week ago
Information security

MFA vs 2FA: Which Is Best for Your Business?

Breaches are common, phishing scams prevalent, AI aids cybercrime.
Phishing is a major attack vector, MFA and 2FA enhance security.
TechRepublic
1 week ago
Information security

Sophos: Cyber Security Professional Burnout Is Widespread, Creating Risk for APAC Organisations

Cybersecurity professionals in APAC are experiencing burnout at high rates due to factors like alert fatigue and lack of resources.
Organizational acknowledgment of burnout impacting productivity, employee retention, and potential future support from AI.
TechRepublic
1 week ago
Information security

5 Best VPNs for Travel in 2024 (Free & Paid VPNs)

Using work laptops while traveling may pose security risks on public Wi-Fi networks or with geo-blocking challenges.
Virtual Private Networks (VPNs) are important for travelers to protect sensitive company data and access restricted content.
TechCrunch
1 week ago
Information security

How to verify a data breach | TechCrunch

Verification of data breaches is crucial for both companies and victims to take prompt action.
Authenticating data breaches involves utilizing various tools and techniques tailored to each unique breach.
Hot for Security
2 weeks ago
Information security

Leak of Acer Philippines employee database appears on hacking forum

Employee data of Acer Philippines leaked after a third-party vendor breach.
Attacker provided stolen employee data for free, possibly with no intent to monetize.
CyberScoop
2 weeks ago
Information security

What resources do small utilities need to defend against cyberattacks?

Small utilities face cyberattack risks
Limited resources hinder small utilities' cybersecurity
TechRepublic
2 weeks ago
Information security

Keep Your Network Secure With This $39.99 CompTIA Bundle

Secure systems require experts up to date on the latest threats.
Complete 2024 CompTIA Cyber Security Certification Training Bundle offers tools for network protection at a low cost.
www.mercurynews.com
2 weeks ago
Information security

Larry Magid: How to avoid or recover from a ransomware attack

Ransomware encrypts data demanding ransom.
Backups are essential in preventing data loss from ransomware attacks.
Hot for Security
2 weeks ago
Information security

Hackers target Roku: 15,000 accounts compromised in data breach

Over 15,000 Roku accounts hacked due to reused passwords from other breaches.
Roku users advised to strengthen passwords and avoid reuse to enhance security.
BleepingComputer
2 weeks ago
Information security

Stanford: Data of 27,000 people stolen in September ransomware attack

27,000 individuals' personal information stolen in SUDPS ransomware attack.
Attackers accessed only SUDPS network but collected sensitive PII like SSNs, biometric data, financial details.
TechRepublic
2 weeks ago
Information security

Open Source Password Managers: Overview, Pros & Cons

Open source password managers allow code modification by users.
They are popular in organizations with open-source expertise and a desire to keep costs low.
CyberScoop
2 weeks ago
Information security

Biden's budget proposal seeks funding boost for cybersecurity

President Biden's budget proposal includes $13 billion for cybersecurity at civilian agencies, focusing on bolstering digital defenses.
The Cybersecurity and Infrastructure Security Agency (CISA) would receive additional funding to enhance its cybersecurity capabilities under the proposal.
The Verge
2 weeks ago
Information security

Microsoft's AI Copilot for Security launches next month with pay-as-you-go pricing

Microsoft launching Copilot for Security with pay-as-you-go pricing model at $4 per hour.
Copilot for Security powered by OpenAI's GPT-4 and Microsoft's security-specific model for cybersecurity workers.
Theregister
2 weeks ago
Information security

March Patch Tuesday fixes Hyper-V guest-host escape

61 CVE-tagged vulnerabilities in Microsoft's Patch Tuesday.
Two critical Hyper-V vulnerabilities, one RCE and one DOS.
TechRepublic
2 weeks ago
Information security

Microsoft's Security Copilot Enters General Availability

Microsoft Security Copilot will be in general availability from April 1 at $4/hr.
Security Copilot assists security professionals by providing real-time assistance and data from various sources.
The Globe and Mail
2 weeks ago
Information security

Manitoba government could boost security for remote work, auditor-general says

Manitoba government implements IT security measures for remote work, but improvements needed
Auditor-General highlights weaknesses in encryption settings and outdated remote work security policies.
InfoWorld
2 weeks ago
Information security

JetBrains releases security fixes for TeamCity CI/CD system

Two critical security vulnerabilities discovered by Rapid7 in TeamCity On-Premises servers could allow an attacker to gain administrative control.
Theregister
2 weeks ago
Information security

JetBrains fingers Rapid7 for customer ransomware attacks

JetBrains defends against Rapid7's claims of silent patching by emphasizing responsible vulnerability disclosure.
JetBrains criticizes Rapid7 for releasing full details and exploit code of vulnerabilities just hours after patches, resulting in customer harm.
The Verge
2 weeks ago
Information security

Roku hackers breach 15,000 accounts and are selling them online

Hackers gained access to Roku accounts and credit card information through credential stuffing.
Roku has secured compromised accounts and advised users to reset passwords and monitor for unauthorized purchases.
Amazic
2 weeks ago
Information security

5 security challenges in containerized runtime environments and how to overcome them - Amazic

Containerized environments pose unique security challenges like isolation and multi-tenancy, as well as vulnerability management.
TechRepublic
2 weeks ago
Information security

OneLogin vs. Okta (2024): Which IAM Solution Is Better?

OneLogin and Okta are leading IAM platforms for securing user access to corporate resources.
Both platforms offer customizable security products for enterprises.
Entrepreneur
2 weeks ago
Information security

How to Create Cohesion Within Your Organization's Cybersecurity | Entrepreneur

Data protection and digital privacy are crucial for C-suite leaders.
Leaders must ensure cohesion across the IT security stack for effective cybersecurity.
CyberScoop
2 weeks ago
Information security

Russian hackers accessed Microsoft source code

Russian hackers accessed Microsoft source code
Attack linked to Cozy Bear, a Russian hacking group
[ Load more ]