Aggregator

NCSC-2021-0649 [1.00] [M/H] Kwetsbaarheden verholpen in Apple Mac OS

5 days 3 hours ago
Apple heeft kwetsbaarheden verholpen in Apple MacOS Big Sur, Catalina en Mojave. Een kwaadwillende kan de kwetsbaarheden misbruiken voor het veroorzaken van de volgende types schade: Denial-of-Service (DoS) Omzeilen van beveiligingsmaatregel (Remote) code execution (Administrator/Root rechten) (Remote) code execution (Gebruikersrechten) Toegang tot gevoelige gegevens Verhoogde gebruikersrechten

Reduce End-User Password Change Frustrations

5 days 4 hours ago
Organizations today must give attention to their cybersecurity posture, including policies, procedures, and technical solutions for cybersecurity challenges.  This often results in a greater burden on the IT service desk staff as end-users encounter issues related to security software, policies, and password restrictions.  One of the most common areas where security may cause challenges for
The Hacker News

Did you know a third of cybersecurity pros have experienced harassment?

5 days 6 hours ago

Around a third of cybersecurity professionals have had personal experience of harassment online (32%) and in-person (35%), according to a study from Respect in Security — a new initiative set up to support victims and encourage coordinated industry action to tackle the problem. Respect in Security engaged Sapio Research to poll 302 industry professionals (male, female and non-binary) across multiple age groups, organisation sizes and levels of seniority. Of those that reported experiencing in-person harassment, … More →

The post Did you know a third of cybersecurity pros have experienced harassment? appeared first on Help Net Security.

Help Net Security

Oracle Warns of Critical Remotely Exploitable Weblogic Server Flaws

5 days 6 hours ago
Oracle on Tuesday released its quarterly Critical Patch Update for July 2021 with 342 fixes spanning across multiple products, some of which could be exploited by a remote attacker to take control of an affected system. Chief among them is CVE-2019-2729, a critical deserialization vulnerability via XMLDecoder in Oracle WebLogic Server Web Services that's remotely exploitable without
Ravie Lakshmanan

Another Hacker Arrested for 2020 Twitter Hack and Massive Bitcoin Scam

5 days 6 hours ago
A U.K. citizen has been arrested in the Spanish town of Estepona over his alleged involvement in the July 2020 hack of Twitter, resulting in the compromise of 130 high-profile accounts. Joseph O'Connor, 22, has been charged with intentionally accessing a computer without authorization and obtaining information from a protected computer, as well as for making extortive communications. The Spanish
Ravie Lakshmanan

XLoader Windows InfoStealer Malware Now Upgraded to Attack macOS Systems

5 days 8 hours ago
A popular malware known for stealing sensitive information from Windows machines has evolved into a new strain capable of also targeting Apple's macOS operating system. The upgraded malware, dubbed "XLoader," is a successor to another well-known Windows-based info stealer called Formbook that's known to vacuum credentials from various web browsers, capture screenshots, record keystrokes, and
Ravie Lakshmanan

Questions that help CISOs and boards have each other’s back

5 days 8 hours ago

Boards of directors and executives seem increasingly interested in understanding their companies’ security posture. And why wouldn’t they be? The ransomware threat posed by organized crime groups is considerable, and its impact can be devastating and threaten the entire business. This makes it imperative for boards to ensure the company has taken necessary cybersecurity precautions to resist the threat. Additionally, executives have seen the value of efficient infosec firsthand over the last eighteen months. The … More →

The post Questions that help CISOs and boards have each other’s back appeared first on Help Net Security.

Help Net Security

Asset inventory management: What’s the ROI?

5 days 9 hours ago

Asset inventory management is critical to any company’s planning and accounting process. Having an accurate, up-to-date view of every asset (all devices, equipment, vehicles, and properties) that your organization owns means that you can better optimize your inventory, account for the current state, forecast upcoming costs, and protect your assets from cybersecurity vulnerabilities. The challenge? This often requires tracking hundreds or thousands of assets across their full lifecycles—from purchasing and maintenance to retirement. Plus, if … More →

The post Asset inventory management: What’s the ROI? appeared first on Help Net Security.

Help Net Security

Financial services accounting for nearly 40% of all phishing URLs

5 days 9 hours ago

Vade released its Phishers’ Favorites report for H1 2021, which revealed that there has been a major jump in phishing attacks since the start of the year with a 281 percent spike in May and another 284 percent increase in June, for a total of 4.2 billion phishing emails detected by Vade for June alone. For this 6-month window researchers identified Crédit Agricole as the most impersonated brand, with 17,555 unique phishing URLs, followed by … More →

The post Financial services accounting for nearly 40% of all phishing URLs appeared first on Help Net Security.

Help Net Security

Who is responsible for improving security in the software development environment?

5 days 10 hours ago

Venafi announced the findings of a global survey that evaluates the impact of software supply chain attacks like SolarWinds/SUNBURST, CodeCov and Kaseya/REvil on how development organizations are changing their approach to securing software build and delivery environments. The survey evaluated the opinions of over 1,000 information security professionals, developers and executives in the IT and software development industries. Misalignemnt between security and development teams According to the survey, respondents nearly unanimously agree (97%) that the … More →

The post Who is responsible for improving security in the software development environment? appeared first on Help Net Security.

Help Net Security

DDoS attacks are up, with ever-greater network impact

5 days 10 hours ago

Telia Carrier has announced the findings of a report with a perspective on today’s cyber threats from traffic data. The report investigates changes in attack vector, size and frequency, and reveals a staggering 50% increase in peak attack traffic compared to 2019, with a jump to 1.18 Terabytes per Second (TBps) or 887 Mega Packets Per Second (Mpps). In 2020, a staggering 57 Petabits or 14 tera packets of malicious data have been cleaned. During … More →

The post DDoS attacks are up, with ever-greater network impact appeared first on Help Net Security.

Help Net Security

US and Global Allies Accuse China of Massive Microsoft Exchange Attack

5 days 11 hours ago
The U.S. government and its key allies, including the European Union, the U.K., and NATO, formally attributed the massive cyberattack against Microsoft Exchange email servers to state-sponsored hacking crews working affiliated with the People's Republic of China's Ministry of State Security (MSS). In a statement issued by the White House on Monday, the administration said, "with a high degree of
Ravie Lakshmanan

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer