Login

Register

Login

Register

Day

February 12, 2020
Speaking at The European Information Security Summit in London, Stephen Eckersley, director of investigations at the Information Commissioner’s Office, outlined the privacy watchdog’s expectations for 2020 and beyond with particular focus on regulations and data protection. “We are still coming to terms with our new [regulatory] powers,” Eckersley said, “and we are still learning how...
Read More
Adobe conducted a large-scale rollout of security updates for a variety of its products for February Patch Tuesday, including a critical patch for Flash Player that if exploited could result in arbitrary code execution in the context of the current user. Joining Adobe Flash Player in receiving security updates are Framemaker, Acrobat Reader and DC,...
Read More
Speaking at The European Information Security Summit in London, Helen L, technical director for sociotechnical security at the National Cyber Security Centre, discussed strategies for effective password management within the enterprise. Helen L challenged common, traditional password management strategies, saying that “what looks good in theory and on paper, may not work in the real...
Read More
At The European Information Security Summit in London, Thom Langford, founder of TL(2) Security, said that effective storytelling is important to security professionals if they want to evoke reactions, behaviors and actions from others. “Stories are important to us as security professionals, because, to be blunt, we’re normally really bad at putting across information to people...
Read More
The realistic approach to security is that incidents occur. While ideally, the CISO would want to prevent all of them, in practice, some will succeed to a certain degree—making the ability to efficiently manage an incident response process a mandatory skill for any CISO. Moreover, apart from the management of the actual response process, the...
Read More
At this time, nearly every business outsources some aspect of their operations. But it’s becoming increasingly tricky for organizations to ensure that third-party providers remain a source of strength for their business — not a weak link. In a 2016 survey of 170 firms conducted by Deloitte, 87% of those firms experienced an incident with...
Read More
Written by Benjamin Freed Feb 11, 2020 | STATESCOOP State IT officials and the federal government’s top civilian cybersecurity official told members of the U.S. Senate Tuesday that the federal government needs to provide state and local governments with more assistance and expertise in protecting their networks and other critical infrastructure. Chris Krebs, director of...
Read More
Another PayPal scam, Estee Lauder leaves database open and Canadian banks get tough on customers Welcome to Cyber Security Today. It’s Wednesday February 12th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com. To hear the podcast click on the arrow below:  A new scam aimed at getting sensitive personal information from PayPal users...
Read More
The research study provided by Acquire Market Research on Global ’Web Scraper Software Industry’ offers a strategic assessment of the Web Scraper Software market. The industry report focuses on the growth opportunities, which are expected to help the market expand their operations in the existing markets. Market figures such as Basis Points[BPS], CAGR, market share,...
Read More
Fresh attack vector lacks working exploit… for now Web applications with regex-enabled search may soon be forced to defend against a new exploit class, after a security researcher unveiled what he’s calling ‘blind regular expression injection attacks’. During the OWASP Night 2020/02 event in Tokyo last week, Japanese security researcher Takashi Yoneuchi revealed the fruits...
Read More
The US has charged the Chinese military with plundering Equifax in 2017. The Justice Department (DOJ) on Monday released a nine-count indictment that accused four members of the People’s Liberation Army (PLA) of being hackers behind the breach, which was one of the largest in US history. The breach exposed millions of names and dates...
Read More
The shift toward cloud-native applications is changing the building blocks of IT. Development and maintenance of infrastructure and applications in-house just isn’t an option anymore in many cases. Cloud-native application development and the use of containers and orchestration frameworks like Kubernetes offer undeniable advantages in performance, portability and scale. However, it’s obvious to security teams...
Read More
Losses from business email compromise (BEC) attacks soared by hundreds of millions of dollars over the past year, to once again account for half of all cybercrime losses reported to the FBI. BEC scammers made nearly $1.8 billion in 2019, over half the $3.5 billion total, according to the FBI’s 2019 Internet Crime Report. That’s...
Read More
Microsoft has fixed almost a century of CVEs this month, although experts suggest the workload shouldn’t be too hard on admins. The 99 vulnerabilities fixed this month feature 12 critical CVEs, including one zero-day, and another four that have been publicly disclosed and so will also need to be prioritized. The zero-day being exploited in...
Read More
A Swiss company thought to have sold among the most secure encryption products in the world was actually owned by US and German intelligence, allowing the CIA and BND to spy on allies and enemies around the world, it has emerged. A new report from The Washington Post and Germany’s ZDF claims that Crypto AG,...
Read More
Nearly a month after advising patrons that a system-wide ransomware attack had hit Contra Costa County’s libraries, officials had restored the vast majority of online services and those available at the 26 branches. On Jan. 3, administrators alerted patrons via email of the network outage and took the affected servers offline. The Sheriff’s Department and...
Read More
The various threat intelligence stories in this iteration of the Weekly Threat Briefing (WTB) discusses the following topics: APT, Data Leak, Phishing, PII, Ransomware, TA505, Targeted Attacks, and Vulnerability. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary...
Read More
Third-party risk management can help protect organizations from mass attacks launched through third-party vendors We’ve made it through one full month of the New Year and the outlook for terrorism-related cyber incidents is already pretty stormy. During the standoff with Iran, cyberattacks were listed as one of their top possible responses. The City of Las...
Read More
In an effort to help political campaigns tighten security, Google is partnering with nonprofit organization Defending Digital Campaigns to give qualifying political groups free access to Titan security keys. The physical keys, used as part of Google’s Advanced Protection security program, provide another level of two-factor authentication to protect Google accounts. And perhaps even more...
Read More
New research from PWC finds almost half (48%) of CEOs in the UK are concerned enough about cyberattacks that they are shuttering their social media accounts. The report, the “23rd Annual Global CEO Survey,” also reveals most CEOs (around 80%) have changed their online behavior due to potential risks. Social media has been a challenge...
Read More
1 2 3 4
Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW