CSO Online

"UK Parliament follows government by banning TikTok over cybersecurity concerns."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 24 March 2023, 1354 UTC.  Content provided by "CSO Online."

Source:  https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.csoonline.com%2Findex.rss ("CSO Online").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

CSO Online

17K followers29 articles per week#security#ciso#tech
29

MOST POPULAR

UK parliament follows government by banning TikTok over cybersecurity concerns
TikTok US Chinese China
2h
The commissions of the House of Commons and House of Lords have followed the UK government by banning social media app TikTok over cybersecurity concerns. A parliament spokesman said that TikTok “will be blocked from all parliamentary devices and the wider parliamentary network,” a move that TikTok has described as “misguided” and “based on fundamental misconceptions” about the company. The lates
Android-based banking Trojan Nexus now available as malware-as-a-service
3 TTPs
26min
Nexus Android Trojan
Italian cybersecurity firm Cleafy has found “Nexus”, a new Android Trojan capable of hijacking online accounts and siphoning funds from them, to be targeting customers from 450 banks and cryptocurrency services worldwide. First observed in June 2022 as a variant of SOVA, another Android banking Trojan, Nexus has since improved targeting capabilities and is available via a malware-as-a-service (Ma
Sharing sensitive business data with ChatGPT could be risky
542d
The furor surrounding ChatGPT remains at a fever pitch as the ins and outs of the AI chatbot’s potential continue to make headlines. One issue that has caught the attention of many in the security field is whether the technology’s ingestion of sensitive business data puts organizations at risk. There is some fear that if one inputs sensitive information — quarterly reports, materials for an inter

YESTERDAY

Russian hacktivists deploy new AresLoader malware via decoy installers
6 TTPs
by lucian_constantin@idg.com / 17h
Security researchers have started seeing attack campaigns that use a relatively new malware-as-a-service (MaaS) tool called AresLoader. The malicious program appears to be developed and used by several members of a pro-Russia hacktivist group and is typically distributed inside decoy installers for legitimate software. Security researchers from threat intelligence firm Intel 471 first spotted Are
BrandPost: The latest intel on wipers
by Brand Post / 21h
The mass distribution of wiper malware continues to showcase the destructive evolution of cyberattacks. Does the evidence corroborate the theory that the ongoing conflict in Europe is to blame for the rise in wipers? Indeed. Furthermore, given that Russia is the main source of wiper activity, one can anticipate an increase in the use of wipers against countries and organizations that provide aid,
Security at the core of Intel’s new vPro platform
Intel Core vPro Platform
21h
Intel has introduced its 13 th Generation Core processor line, which the company claims is the first to build threat detection into hardware. In combination with endpoint detection and response (EDR) platforms from Intel partners, the new vPro processors promise a 70% reduction in attack surface compared to four-year-old PCs. Windows 11 systems can also take advantage of vPro’s memory encryption
BrandPost: Fortinet 2023 Skills Gap Report: How organizations can fill the talent shortage
by Brand Post / 22h
The ongoing cybersecurity talent shortage presents challenges for organizations everywhere. As critical roles remain vacant far too long, already overburdened IT and security teams are grappling with a long list of responsibilities to safeguard their corporate networks, and that’s just the tip of the iceberg. Meanwhile, cybercriminals show no signs of slowing, launching new, more sophisticated at
Critical flaw in AI testing framework MLflow can lead to server and data compromise
by lucian_constantin@idg.com / 1d
MLflow, an open-source framework that's used by many organizations to manage their machine-learning tests and record results, received a patch for a critical vulnerability that could allow attackers to extract sensitive information from servers such as SSH keys and AWS credentials. The attacks can be executed remotely without authentication because MLflow doesn't implement authentication by defau
New vulnerabilities found in industrial control systems of major vendors
2 TTPs
1d
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued advisories on 49 vulnerabilities in eight industrial control systems (ICS) this week, which are used across multiple critical infrastructure sectors. The vulnerabilities identified by CISA were tracked in products from ICS providers including Siemens, Hitachi, Rockwell, Delta Electronics, VISAM, and Keysight. To read this a

MAR 22

How training and recognition can reduce cybersecurity stress and burnout
1d
Cybersecurity is a demanding profession that comes with significant stress and burnout — it presents a complex problem for many businesses, with constantly evolving threats, ambiguous issues, and no clear-cut solutions. Security professionals bear a great deal of responsibility and are subject to long hours of work and high pressure in an unpredictable and constantly shifting landscape. Many secu
BrandPost: Why the phishing blame game misses the point
by Brand Post / 1d
Phishing is a big problem that’s getting even bigger as cybercriminals find new ways to hook employees. With threats coming from every direction—emails on company computers, text, and voice messages on mobile devices and in personal communications channels, malicious typosquatting sites, phony marketing QR codes, and more—it’s only a matter of time before someone trips up and opens or clicks on s
BrandPost: Deconstructing Identity Security
by Brand Post / 1d
Most companies now recognize the serious and insidious nature of cybersecurity threats. But many fail to grasp that the digital transformation, remote work, automation, and cloud migration activities of the last few years have turbocharged the number of identities seeking access to data and critical business systems. This surge in identities has exponentially increased the likelihood of cyberatta
BrandPost: Identity Security: bridging the perception vs. reality gap
Identity Security IF
by Brand Post / 1d
In recent years, cybersecurity has become a board-level issue resulting in several executives taking greater responsibility in cybersecurity-related decisions. As a result, the CISO is no longer a technical subject matter expert but an executive risk manager who shares a responsibility matrix with the board of directors, CEOs, and other executives to make informed risk decisions. At the highest l
Splunk adds new security and observability features
Splunk Unified Security
1d
New security and observability features will be added to Splunk Mission Control and its Observability Cloud to identify threats and incidents more efficiently, the company said.
BrandPost: How to secure secrets in multi-cloud environments
Backslash Security
by Brand Post / 1d
It wasn’t too long ago that using a single cloud for some business operations was cutting-edge technology. Now the cloud is essential for accelerating growth, improving efficiency, and remaining competitive. Most organizations have multiple cloud environments deployed, in addition to private cloud and on-premises environments. In fact, in a soon-to-release CyberArk survey, 85% of respondents said
BrandPost: Why intelligent privilege controls are essential for identity security
by Brand Post / 1d
Organizations are experiencing explosive growth in identities—both machine and human. In fact, machine identities now outnumber human identities 45:1. And in 2023, the total number of identities is expected to at least double. With new norms such as hybrid work, public cloud adoption and rapid innovation, the reality is that organizations are facing a constant onslaught of identity-related attack
55 zero-day flaws exploited last year show the importance of security risk management
2 TTPs
by lucian_constantin@idg.com / 1d
Deploying security patches as quickly as possible remains one of the best ways to prevent most security breaches, as attackers usually rely on exploits for publicly known vulnerabilities that have a patch available -- the so-called n-day exploits. But mitigating the risk from vulnerabilities unknown to the affected software developers and don't have a patch available -- the zero-day flaws -- requ
Landmark UK-Israeli agreement to boost mutual cybersecurity development, tackle shared threats
1d
The UK and Israeli governments have signed a landmark agreement to define bilateral relations between the two countries and boost mutual cybersecurity advancement until 2030. The 2030 Roadmap for Israel-UK Bilateral Relations is the culmination of efforts that began with the signing of a Memorandum of Understanding in November 2021 to work more closely over the next decade on security, technology

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deplo...
Read more

Cyber War News Today.

Image
"International Defence Cooperation:  A key to regional stability." Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 15 December 2024, 0134 UTC. Content and Source:   https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Cyber War News Monitoring Get by    Email    •     RSS Published on  Dec 13, 2024 The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 13.3% WILMINGTON, DE, UNITED STATES, December 13, 2024 /⁨EINPresswire.com⁩/ -- According to the report, The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 1...
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2...
Read more