Security leaders plan for changing IT roles 05/06/2023 at 22:52 By IT professionals find themselves in hybrid roles that combine traditional development with tasks formerly associated with operations professionals. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:
React to this headline:
Security leaders plan for changing IT roles Read More »
66% of organizations have increased their investment in SaaS apps 05/06/2023 at 21:05 By According to a survey, 58% of organizations estimate their current SaaS security solutions only cover 50% or less of their SaaS applications. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:
React to this headline:
66% of organizations have increased their investment in SaaS apps Read More »
Automation is no longer the future of cybersecurity: It’s the present 05/06/2023 at 16:08 By It’s no secret that we’re facing a critical cybersecurity talent shortage. Despite persistent outcry from security leaders and experts, it’s only getting worse. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to
React to this headline:
Automation is no longer the future of cybersecurity: It’s the present Read More »
Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App 05/06/2023 at 16:08 By Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to a threat actor it tracks as Lace Tempest. “Exploitation is often followed by deployment of a web shell with data exfiltration capabilities,” the
React to this headline:
Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App Read More »
The Annual Report: 2024 Plans and Priorities for SaaS Security 05/06/2023 at 15:10 By Over 55% of security executives report that they have experienced a SaaS security incident in the past two years — ranging from data leaks and data breaches to SaaS ransomware and malicious apps (as seen in figures 1 and 2). Figure
React to this headline:
The Annual Report: 2024 Plans and Priorities for SaaS Security Read More »
Magento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer Attack 05/06/2023 at 09:46 By Cybersecurity researchers have unearthed a new ongoing Magecart-style web skimmer campaign that’s designed to steal personally identifiable information (PII) and credit card data from e-commerce websites. A noteworthy aspect that sets it apart from other Magecart campaigns is that the hijacked sites
React to this headline:
Magento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer Attack Read More »
Alarming Surge in TrueBot Activity Revealed with New Delivery Vectors 05/06/2023 at 08:28 By A surge in TrueBot activity was observed in May 2023, cybersecurity researchers disclosed. “TrueBot is a downloader trojan botnet that uses command and control servers to collect information on compromised systems and uses that compromised system as a launching point for
React to this headline:
Alarming Surge in TrueBot Activity Revealed with New Delivery Vectors Read More »
Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts 05/06/2023 at 08:28 By An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico, Peru, and Portugal. “This threat actor employs tactics such as LOLBaS (living-off-the-land binaries and scripts), along with CMD-based scripts to
React to this headline:
Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts Read More »
Cloud Security Tops Concerns for Cybersecurity Leaders: EC-Council’s Certified CISO Hall of Fame Report 2023 03/06/2023 at 11:36 By A survey of global cybersecurity leaders through the 2023 Certified CISO Hall of Fame Report commissioned by the EC-Council identified 4 primary areas of grave concern: cloud security, data security, security governance, and lack of cybersecurity
React to this headline:
New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal 03/06/2023 at 11:36 By An analysis of the Linux variant of a new ransomware strain called BlackSuit has covered significant similarities with another ransomware family called Royal. Trend Micro, which examined an x64 VMware ESXi version targeting Linux machines, said it identified an “extremely high degree
React to this headline:
New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal Read More »
FTC Slams Amazon with $30.8M Fine for Privacy Violations Involving Alexa and Ring 03/06/2023 at 11:36 By The U.S. Federal Trade Commission (FTC) has fined Amazon a cumulative $30.8 million over a series of privacy lapses regarding its Alexa assistant and Ring security cameras. This comprises a $25 million penalty for breaching children’s privacy laws
React to this headline:
FTC Slams Amazon with $30.8M Fine for Privacy Violations Involving Alexa and Ring Read More »
Trustwave Action Response: Zero Day Exploitation of MOVEit (CVE-2023-34362) 02/06/2023 at 23:42 By On May 31, threat actors were discovered targeting a critical zero day in MOVEit Transfer software resulting in escalated privileges and unauthorized data access. The vulnerability being exploited is an SQL injection and has since been patched. Resources links, including one for
React to this headline:
Trustwave Action Response: Zero Day Exploitation of MOVEit (CVE-2023-34362) Read More »
OSHA cites retail chain for exposing employees to electrical hazards 02/06/2023 at 22:53 By Following several investigations, the Occupational Health and Safety Administration (OSHA) has cited Dollar General for workplace safety violations. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:
React to this headline:
OSHA cites retail chain for exposing employees to electrical hazards Read More »
Health tracking app charged by FTC for sharing sensitive information 02/06/2023 at 22:03 By Fertility app Premom was charged by the FTC for sharing users’ sensitive information with third parties, and sharing sensitive health data to Google. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this
React to this headline:
Health tracking app charged by FTC for sharing sensitive information Read More »
90% of CISOs say certifications improved security confidence 02/06/2023 at 21:34 By According to a report focusing on Chief Information Security Officer (CISO) perspectives, 50% identified cloud security as their top concern. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:
React to this headline:
90% of CISOs say certifications improved security confidence Read More »
Hear From AEG and Trustwave at Gartner Security & Risk Management 2023 02/06/2023 at 20:46 By If you’re heading to Gartner Security & Risk Management 2023 in National Harbor, MD, June 5-7, get ready for a compelling session from Anschutz Entertainment Group (AEG) and Trustwave. This article is an excerpt from Trustwave Blog View Original
React to this headline:
Hear From AEG and Trustwave at Gartner Security & Risk Management 2023 Read More »
CISA seeks input from public safety agencies, organizations 02/06/2023 at 20:07 By Public safety organizations are asked to complete the SAFECOM Nationwide Survey to help assess emergency communications capabilities and needs. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:
React to this headline:
CISA seeks input from public safety agencies, organizations Read More »
Report: Advanced phishing attacks grew 356% in 2022 02/06/2023 at 18:01 By A new report analyzed the most prevalent cyberattack trends and identified an 87% increase in the total number of attacks over the course of last year. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to
React to this headline:
Report: Advanced phishing attacks grew 356% in 2022 Read More »
What CISOs need to know to mitigate quantum computing risks 02/06/2023 at 16:54 By Although quantum computing can lead to positive and transformative solutions, the development also poses a significant threat to cybersecurity. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:
React to this headline:
What CISOs need to know to mitigate quantum computing risks Read More »
Four testing priorities for stronger API security 02/06/2023 at 16:54 By For a modern digital enterprise, the ubiquity, vulnerability and obscurity of APIs creates a perfect storm when it comes to application security. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:
React to this headline:
Four testing priorities for stronger API security Read More »