RSS Feeds: News and Views

KrebsOnSecurity

• Experian Glitch Exposing Credit Files Lasted 47 Days
• Administrator of RSOCKS Proxy Botnet Pleads Guilty
• New T-Mobile Breach Affects 37 Million Accounts
• Thinking of Hiring or Running a Booter Service? Think Again.
• Microsoft Patch Tuesday, January 2023 Edition

Internet Security Alliance

• CISA’s Todt, in foreword to new book, cites need for industry incentives and strengthened partnerships
• FIXING AMERICAN CYBERSECURITY WITH A STRATEGIC PARTNERSHIP AND TOOL-KITS
• INTERNET SECURITY ALLIANCE TOP 25 HIGHLIGHTS FOR 2022
• THE INTERNET SECURITY ALLIANCE (ISA)
• MIT Research Documents Effectiveness of Consensus Cyber Risk Oversight Principles

Schneier on Security

• Friday Squid Blogging: Studying the Colossal Squid
• A Hacker’s Mind News
• Manipulating Weights in Face-Recognition AI Systems
• AIs as Computer Hackers
• Passwords Are Terrible (Surprising No One)

JMBM Cybersecurity Lawyer Forum

Error: Feed has an error or is not valid.

Steptoe Cyberblog

• Bonus Episode 435: How Privilege Undermines Cybersecurity
• Episode 434: ChatGPT Successfully Imitates a Talented Sociopath with Too Many Lawyers
• Episode 432: Toxified Tech
• Episode 431: The Empire Strikes Back, at Twitter
• Episode 430: Election Aftershocks for Cyberlaw

Bank Info Security

Error: Feed has an error or is not valid.

CPO Magazine

Error: Feed has an error or is not valid.

Omnistruct

• How Investing in Cybersecurity can Reduce Legal Risk
• MSP News – April 1, 2022
• Small Business Entrepreneur Cybersecurity News – April 1, 2022
• Regulations, Frameworks, and Controls – April 1, 2022
• Enterprise Leadership News – April 1, 2022

WeLiveSecurity by eset

• Key takeaways from ESET’s new APT Activity Report – Week in security with Tony Anscombe
• Is that survey real or fake? How to spot a survey scam
• Less is more: Conquer your digital clutter before it conquers you
• ESET APT Activity Report T3 2022
• Are you in control of your personal data? – Week in security with Tony Anscombe

Security Intelligence by IBM

• Bridging the 3.4 Million Workforce Gap in Cybersecurity
• The Evolution of Antivirus Software to Face Modern Threats
• How Do Threat Hunters Keep Organizations Safe?
• Contain Breaches and Gain Visibility With Microsegmentation
• CEO, CIO or CFO: Who Should Your CISO Report To?

Naked Security by Sophos

• OpenSSH fixes double-free memory bug that’s pokable over the network
• S3 Ep120: When dud crypto simply won’t let go [Audio + Text]
• Password-stealing “vulnerability” reported in KeePass – bug or feature?
• GitHub code-signing certificates stolen (but will be revoked this week)
• Serious Security: The Samba logon bug caused by outdated crypto

Threatpost

• Student Loan Breach Exposes 2.5M Records
• Watering Hole Attacks Push ScanBox Keylogger
• Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
• Ransomware Attacks are on the Rise
• Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Dark Reading

• What CISOs Can Do About Brand Impersonation Scam Sites
• Iran-Backed Actor Behind 'Holy Souls' Cyberattack on Charlie Hebdo, Microsoft Says
• Scores of Redis Servers Infested by Sophisticated Custom-Built Malware
• How the Cloud Is Shifting CISO Priorities
• MITRE Releases Tool to Design Cyber-Resilient Systems

Ars Technica

• Microsoft alleges attacks on French magazine came from Iranian-backed group
• The newest feature in the Microsoft Store is more ads
• Until further notice, think twice before using Google to download software
• ChatGPT sets record for fastest-growing user base in history, report says
• Up to 29,000 unpatched QNAP storage devices are sitting ducks to ransomware

Tech Republic

• TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download
• The importance of data retention policies
• Study: Companies have upwards of 1,000 apps but only a third are integrated
• Prilex POS malware evolves to block contactless transactions
• Lifetime VPNSecure subscriptions are now just $39.99

CSHub

• The most dangerous cyber security threats of 2023
• Why do hackers target cryptocurrencies?
• Why good email security is essential for every business
• Prevent advanced ransomware attacks with good email security
• Top tips for employee cyber security training

The Record

• CISA adds Oracle, SugarCRM bugs to exploited vulnerabilities list
• Zero day affecting Fortra’s GoAnywhere file transfer tool is actively being exploited
• Customizable new DDoS service already appears to have fans among pro-Russia hacking groups
• New York attorney general fines developer of stalking apps
• Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack