CyberSecurity Updates

04 Nov

Hundreds of U.S. News Sites Push Malware in Supply-Chain Attack

Attacks, Malware

This campaign highlights the ever-growing threat of supply-chain attacks. Typically, when browsing a newspaper website, the end user feels as if the site is reputable and secure. Combining this with a fake update alert from SocGholish, many users may trust this alert and fall victim to the threat actor. This form of phishing, while it can be completed at a much smaller scale, is amplified by the undisclosed media company compromise, as it allows the…

Read More
04 Nov

Geopolitics plays major role in cyberattacks, says EU cybersecurity agency

Data Breaches, Malware, Social Engineering

The ongoing Russia-Ukraine conflict has resulted in an increase in hacktivist activity in the past year, with state-sponsored threat actors targeting 128 governmental organizations in 42 countries that support Ukraine, according to the European Union Agency for Cybersecurity (ENISA). In addition, some threat actors targeted Ukrainian and Russian entities during the early days of the conflict, likely for the collection of intelligence, according to the 10th edition of the ENISA threat landscape report. The report—this…

Read More
04 Nov

Video: ESG – CISO’s Guide to an Emerging Risk Cornerstone

Information, News

For many, proactively monitoring ESG risks is not only the right thing to do – it’s the right business strategy. More than ever investors, consumers and partners are using ESG factors to determine who they do business with.  In this session, Mastercard’s Johan Gerber, EVP, Cyber and Security Products, discusses: ● New industry findings on how organizations are navigating this new landscape ● The strategies and tools needed to mitigate ESG risk on a business’s supply chain and…

Read More
04 Nov

A step‑by‑step guide to enjoying LinkedIn safely

Information

LinkedIn privacy settings are just as overwhelming as any other social media settings. There’s a lot of menus, a lot buttons to enable, select, accept or reject. To make sure you have control over your information we bring you a step-by-step guide on how to enjoy LinkedIn safely. Managing our privacy settings is overwhelming. There’s a lot of menus, a lot buttons to enable, select, accept or reject – it certainly gives a sense of…

Read More
04 Nov

Google and Apple release patches for zero‑day flaws – Week in security with Tony Anscombe

Information

Both tech giants rush to release fixes for security vulnerabilities that were being exploited in-the-wild Google and Apple are both release patches for zero-day vulnerabilities that have already been exploited in the wild. ESET cybersecurity expert Tony Anscombe explains what those vulnerabilities are in simpler words, and reiterate the importance of keeping all your apps and devices up-to-date to stay cybersafe. Watch the video to learn more.

Read More
04 Nov

The future starts now: 10 major challenges facing cybersecurity

Information

To mark Antimalware Day, we’ve rounded up some of the most pressing issues for cybersecurity now and in the future Organizations large and small have never been more at risk from cyberattacks, to the point that the litany of evolving and escalating cyberthreats have made cybersecurity a key boardroom-level agenda item. As security is the backbone of a successful digital transformation, getting a grip on it becomes vital. The need to stay ahead of the…

Read More
04 Nov

S3 Ep107: Eight months to kick out the crooks and you think that’s GOOD? [Audio + Text]

Information, Malware

by Paul Ducklin WE DON’T KNOW HOW BAD WE WERE, BUT PERHAPS THE CROOKS WEREN’T ANY GOOD? Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS…

Read More
04 Nov

The CSO guide to top security conferences

Data Breaches, Malware, Social Engineering

There is nothing like attending a face-to-face event for career networking and knowledge gathering, and we don’t have to tell you how helpful it can be to get a hands-on demo of a new tool or to have your questions answered by experts. Fortunately, plenty of great conferences are coming up in the months ahead. If keeping abreast of security trends and evolving threats is critical to your job — and we know it is…

Read More
04 Nov

New US CISO appointments, September 2022

Data Breaches, Malware, Social Engineering

The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief information security officer (CISO) for the first time to support a deeper commitment to information security. Follow this column to keep up with new appointments to senior-level security roles and perhaps gain a little insight into hiring trends. If you have…

Read More
03 Nov

Red Cross Seeks ‘Digital Emblem’ to Protect Against Hacking

Information, News

The International Committee of the Red Cross said Thursday it is seeking support to create a “digital red cross/red crescent emblem” that would make clear to military and other hackers that they have entered the computer systems of medical facilities or Red Cross offices. The Geneva-based humanitarian organization said it was calling on governments, Red Cross and Red Crescent societies, and IT experts to join forces in developing “concrete ways to protect medical and humanitarian…

Read More