Cyber Insights 2023: Attack Surface Management
About SecurityWeek Cyber Insights | At the end of 2022, SecurityWeek liaised with more than 300 cybersecurity experts from over 100 different organizations to gain insight into the security issues of today – and how these issues might evolve during 2023 and beyond. The result is more than a dozen features on subjects ranging from AI, quantum […] more…Meta Awards $27,000 Bounty for 2FA Bypass Vulnerability
A researcher has disclosed the details of a two-factor authentication (2FA) vulnerability that earned him a $27,000 bug bounty from Facebook parent company Meta. Gtm Manoz of Nepal discovered in September 2022 that a system designed by Meta for confirming a phone number and email address did not have any rate-limiting protection. A fix was […] more…The Effect of Cybersecurity Layoffs on Cybersecurity Recruitment
On Friday, January 20, 2023, Google announced it would lay off 12,000 employees. Amazon and Microsoft have laid off a combined 28,000 people; Twitter has reportedly lost 5,200 people; Meta (Facebook, etcetera) is laying off 11,000… This is just the tech giants, and almost all the staff looking for new positions are, by definition, tech-savvy […] more…Industry Reactions to Hive Ransomware Takedown: Feedback Friday
Authorities in the United States and Europe have announced the results of a major law enforcement operation targeting the Hive ransomware. Agencies from around the world worked together to take down Hive’s leak website and servers. In addition, agents hacked into Hive systems in July 2022, allowing them to identify targets and obtain decryption keys […] more…Start the New Year Right With This 3-Step Digital Detox
Pledging to follow healthier habits is consistently the most popular new year’s resolution. That January 1st promise looks different to everyone: snacking less often, going to the gym more often, drinking more water, drinking less soda, etc. This year, instead of a juice cleanse subscription, opt for a healthier habit that’s not an unappetizing shade […] more…BeReal – The Newest Kid On The Social Media Block
Without doubt, the biggest criticism we all have of social media is that everyone always looks fabulous! And while we all know that everyone is only sharing the best version of themselves, let’s be honest – it can be a little wearing. Well, there’s a new social media platform that is determined to uproot our […] more…Threat Hunting with VirusTotal
We recently conducted our first “Hunting with VirusTotal” open training session, providing some ideas on how to use VT Intelligence to hunt for in-the-wild examples of modern malware and infamous APT campaigns. In case you missed it, here you can find the video recording available on Brighttalk. We also created a PDF version of the […] more…McAfee Personal Data Cleanup: Your Partner in Living a More Private Online Life
Do yourself a favor: Open a new browser tab and head to your search engine of choice. Type in your full name and home address. Then, see what pops up. Are the results sparking an ember of unease in the back of your brain? Whether you’re a private person online or you’re comfortable sharing your […] more…Privacy, Identity, and Device Protection: Why You Need to Invest in All Three
Protecting your devices with antivirus is a great start, yet it’s only one part of staying safer online. With the way scammers and thieves target people today, you need to protect yourself too—specifically your identity and privacy. Threats have evolved over the years. While hackers still wage malware attacks on computers, tablets, and smartphones, the […] more…Deception at scale: How attackers abuse governmental infrastructure
Continuing our initiative of sharing VirusTotal’s visibility to help researchers, security practitioners and the general public better understand the nature of malicious attacks, we are proud to announce our “Deception at scale: How attackers abuse governmental infrastructure” report. Here are some of the main ideas presented there: Governmental domains are among the top categories used […] more…Patch Tuesday includes 6 Windows zero-day flaws; patch now!
Microsoft on Tuesday released a tightly focused but still significant update that addresses 68 reported (some publicly) vulnerabilities. Unfortunately, this month brings a new record: six zero-day flaws affecting Windows. As a result, we have added both the Windows and Exchange Server updates to our “Patch Now” schedule. Microsoft also published a “defense in depth” […] more…How much of your personal info is available online? A simple search could show you plenty.
What you paid for your home, who lives there with you, your age, your children, your driving record, education, occupation, estimated income, purchasing habits, and any political affiliations you may have—all pretty personal information, right? Well, there’s a good chance that anyone can find it online. All it takes is your name and address. […] more…Protect yourself from scams this Diwali
It’s Diwali, a time of light, a time of togetherness, and, of course, a time of celebration. Along with Diwali comes the traditional acts of dana and seva, as well as gift-giving to the friends and family members they honor and love. However, it’s also a time when thieves get busy—where they hop online and […] more…What Is Smishing? Here’s How to Spot Fake Texts and Keep Your Info Safe
Your phone buzzes. You hope it’s a reply from last night’s date, but instead you get an entirely different swooping feeling: It’s an alarming SMS text alerting you about suspicious activity on your bank account and that immediate action is necessary. Take a deep breath and make sure to read the message carefully. Luckily, your […] more…What is Doxxing?
Social media has become a part of our everyday lives. Each day millions of people log on to Facebook, Twitter, and other social sites and engage with friends and family. We share our lives more freely and publicly than ever before, and connect with people around the world more easily than our ancestors could have […] more…See Yourself in Cyber – Five Quick Ways You Can Quickly Get Safer Online
With “See Yourself in Cyber” as the theme for this year’s Cybersecurity Awareness Month, the focus is on you with a look at several quick ways you can quickly get safer online. Now in its 21st year, Cybersecurity Awareness Month marks a long-standing collaboration between the U.S. government and private industry. It’s aim, empower people […] more…More information
- Meal Kit Service Home Chef Confirms Data Breach
- What Does Summer Vacation Have to do With Information Security?
- Resolved: Penn State Worthington Scranton: Scheduled circuit maintenance
- Resolved: smtp.psu.edu and authsmtp.psu.edu to be moved to a new load balancer – May 16
- Xen CVE-2019-17343 Local Privilege Escalation Vulnerability
- What We Know About Suspected Iranian Cyber Intrusion in the US Presidential Race
- Warrantless GPS tracking of vehicles is unconstitutional, US court rules
- Google’s Schmidt: what we need is an internet "Delete" button
- Australia Set to Pass Sweeping Cyber Laws Despite Tech Giant Fears
- Unmasking Black Hat SEO for Dating Scams