AVTEST Las empresas deberían apostar por una buena solución de seguridad para asegurar su propio futuro. El laboratorio de AV-TEST ha examinado 19 soluciones de seguridad...
Month: October 2021
ciso2ciso toolbox series – cybersecuritynews – Top 10 Best Free Penetration Testing Tools 2021 –
10 Best Penetration Testing Tools 2021 Source: https://cybersecuritynews.com/penetration-testing-tools/ Metasploit NMAP Wireshark Aircrack Nessus Social Engineering Toolkit W3AF Burp Suite BeEF SQLmap When we talk about the...
darkreading – Password Reuse Problems Persist Despite Known Risks
The vast majority of users worry about compromised passwords, but two-thirds continue to use the same password or a variation, a survey finds. DARKReading While people...
darkreading – The New Security Basics: 10 Most Common Defensive Actions
DARKReading Companies now commonly collect security metrics from their software development life cycle, implement basic security measures, and define their obligations to protect user data as...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Attacks Cyber Security Global Google
securityaffairs – Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020
Google revealed to have sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers since January. Security Affairs Google announced to have sent roughly...
0 - CT 0 – CT – Cybersecurity Architecture – Crypto Security cryptocurrency cryptocyber Cyber Attacks Cyber Security Global
theregister – Ethereum dev admits helping North Korea mine crypto-bucks, faces 20 years jail
Also advised on how smart contracts could help DPRK in US nuke talks The Register A US citizen has admitted to helping the Democratic People’s Republic...
darkreading – Windows 11 Available: What Security Pros Should Know
Microsoft discusses the security requirements and changes coming to the newest version of its Windows operating system. DARKReading Microsoft today announced the official release of Windows...
CISO2CISO EVENTS – WE ARE 50000 MEMBERS IN LINKEDIN CISO2CISO GROUP
We want to thank you !!!Today we are pleased to announce that we are more than 50,000 cybersecurity enthusiasts, constituting one of the largest communities in...
securityaffairs – WhatsApp made available end-to-end encrypted chat backups
WhatsApp made available end-to-end encrypted chat backups on iOS and Android to prevent anyone from accessing user chats. Security Affairs WhatsApp is rolling out end-to-end encrypted chat...
darkreading – Aerospace, Telecommunications Companies Victims of Stealthy Iranian Cyber-Espionage Campaign
Since at least 2018, “MalKamak” group has targeted firms in the Middle East, Russia, and other areas to steal sensitive data, security vendor says. DARKReading A...
theregister – ASUS patches ROG Armoury Crate app after researcher spots all-too-common flaw
It tries to load a file from a location any old user can write to The Register A flaw in ASUS’s ROG Armoury Crate hardware management...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Attacks Cyber Security Global
securityaffairs – Boffins devise a new side-channel attack affecting all AMD CPUs
A group of researchers from the Graz University of Technology and CISPA Helmholtz Center for Information Security devised a new side-channel attack that affects AMD CPUs....
thehackernews – Apple now requires all apps to make it easy for users to delete their accounts
The Hacker News All third-party iOS, iPadOS, and macOS apps that allow users to create an account should also provide a method for terminating their accounts...
0 - CT 0 - CT - Cybersecurity Vendors - Microsoft 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Attacks Cyber Security Global Microsoft
darkreading – Microsoft: 58% of Nation-State Cyberattacks Come From Russia
DARKReading A wealth of Microsoft data highlights trends in nation-state activity, hybrid workforce security, disinformation, and supply chain, IoT, and OT security. Russia is the source of...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Attacks Cyber Security Global
darkreading – North American Orgs Hit With an Average of 497 Cyberattacks per Week
A new analysis confirms a surge in global cyberattacks since the COVID-19 pandemic began. DARKReading New data released this week confirms what numerous others have reported...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Security Data Breaches Global
theregister – Anonymous: We’ve leaked disk images stolen from far-right-friendly web host Epik
Latest data dump also apparently contains ‘a wide range of passwords and API tokens’ The Register Entities using the name and iconography of Anonymous (EUTNAIOA) claim...
threatpost – Facebook Blames Outage on Faulty Router Configuration
THREATPOST One easily disproved conspiracy theory linked the ~six-hour outage to a supposed data breach tied to a Sept. 22 hacker forum ad for 1.5B Facebook...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad cryptocurrency Cyber Attacks Cyber Security Global Ransomware
theregister – Attacks against Remote Desktop Protocol endpoints have exploded this year, warns ESET’s latest Threat Report
Security firm points to a ‘stalkerware’ epidemic, new Nobelium group activity The Register Security specialist ESET’s latest Threat Report warns of a massive increase in attacks...
securityaffairs – Russia-Linked TA505 targets financial institutions in a new malspam campaign
SECURITY AFFAIRS Russia-linked TA505 group leverages a lightweight Office file to spread malware in a campaign, tracked as MirrorBlast, aimed at financial institutions. Russia-linked APT group TA505 (e.g....
0 - CT 0 - CT - CISO Strategics - CISO Strategics CISO CISO2CISO Video Series featured_ciso2ciso_video Global Jon Good Security Advisor Training & Security Leadership
CISO2CISO VIDEO SERIES – JON GOOD – ¿ What Are the Best Cyber Security Certifications For 2021?
As a Cyber Security professional, you should be planning your certification goals every year so that you can keep progressing your career. With so many different...
theregister – Revealed: How to steal money from victims’ contactless Apple Pay wallets
Boffins devise tricks to dupe stolen or nearby iPhones into paying out when in transit mode and using Visa The Register Apple’s digital wallet Apple Pay...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Attacks Ecuador Global
securityaffairs – Ecuador’s Banco Pichincha has yet to recover after recent cyberattack
Security Affairs The customers of Banco Pichincha, the largest bank in Ecuador, are still experiencing service disruptions after a massive cyberattack hit the financial organization early...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Attacks Cyber Security Data Breaches Global
threatpost – Twitch Leak Included Emails, Password: Researcher
THREATPOST A researcher combed through the Twitch leak and found what they said was evidence of PayPal chargebacks with names and emails, employees’ emails, and more....
theregister – Google to auto-enroll 150m users, 2m YouTubers with two-factor authentication
The Register Google is going to automatically enroll 150 million users and two million YouTube creators into using two-factor authentication for their accounts by the end...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Attacks Cyber Security Data Breaches Global
securityaffairs – Twitch security breach had minimal impact, the company states
security affairs Twitch provided an update for the recent security breach, the company confirmed that it only had a limited impact on a small number of...
nakedsecurity – How to steal money via Apple Pay using the “Express Transit” feature
naked security by SOPHOS A not-yet-published paper from researchers in the UK has been making media headlines because of its dramatic claims about Apple Pay. Apple-centric...
threatpost – Office 365 Spy Campaign Targets US Military Defense
THREATPOST An Iran-linked group is taking aim at makers of drones and satellites, Persian Gulf ports and maritime shipping companies, among others. A new threat actor,...
nakedsecurity – Serious Security: Let’s Encrypt gets ready to go it alone (in a good way!)
NAKED SECURITY You’ve probably heard of Let’s Encrypt, an organisation that makes it easy and cheap (in fact, free) to get HTTPS certificates for your web servers....
0 - CT 0 - CT - SOC - CSIRT Operations - Red - Blue & Purple Teams Operations 0 – CT – Cybersecurity Events & Conferences – Black Hat – US Cyber Attacks Cyber Security Global
darkreading – 10 Hot Red Team Tools Set to Hit Black Hat Europe
The slate of Arsenal presentations at Black Hat Europe is set to feature lots of low-cost and free goodies for offensive security pros. DARKReading USBsamurai Presenter:...
threatpost – Windows Zero-Day Actively Exploited in Widespread Espionage Campaign
THREATPOST The cyberattacks, linked to a Chinese-speaking APT, deliver the new MysterySnail RAT malware to Windows servers. Researchers have discovered a zero-day exploit for Microsoft Windows...