Welcome to The Cybersecurity 202! And greetings from (just outside of) San Francisco, one of my favorite few cities. As I type this, I have a...
Day: April 2, 2023
Pro-Russian hackers target elected US officials supporting Ukraine
Enlarge / Locked out. Threat actors aligned with Russia and Belarus are targeting elected US officials supporting Ukraine, using attacks that attempt to compromise their email...
New IcedID variants shift from bank fraud to malware delivery
New IcedID variants have been found without the usual online banking fraud functionality and instead focus on installing further malware on compromised systems. According to Proofpoint, these...
Is ChatGPT A Silver Bullet For Cybercriminals?
Executive Vice President at Proofpoint, overseeing global cybersecurity strategy. getty By now, you’ve heard of ChatGPT—or more likely, you’ve heard that it’s coming to take your...
Security Awareness Training Needs to Change. Here’s Why.
Despite repeated urges from IT professionals to be wary of clicking on links in emails and opening attachments from strange messages, phishing is still wildly successful...
Police pounce on ‘pompompurin’ – alleged mastermind of BreachForums
In Brief A man accused of being the head of one of the biggest criminal online souks, BreachForums, has been arrested in Peekskill, New York. Conor...
Build resilience in a world of weaponized trust
Cybercrime, Identity and access Lucia Milică Stacy March 16, 2023 Today’s columnist, Lucia Milică Stacy of Proofpoint, writes that the SolarWinds, Kaseya, and Log4J attacks illustrate...
Analysts Spot a Wave of SVB-Related Cyber Fraud Striking the Business Sector
Right now, hackers are developing phishing campaigns that capitalize on the news of Silicon Valley Bank’s failure. SVB was the 16th-largest bank in the United States,...
Russia Calling? Scammers Target High-level Western Officials
An image of Alexei Stolyarov or Lexus (L) impersonating Leonid Volkov next to a picture of the real Volkov (R) for comparison Handout Text size A...
GUEST ESSAY: AntiguaRecon – A call to train and promote the next generation of cyber warriors
By Adam Dennis Imagine being a young person who wants a career, of whatever type you can find, as a cybersecurity professional. Related: Up-skilling workers to...
GUEST ESSAY — The rationale for pursuing a culture of cybersecurity– and a roadmap to get there
By Matthew T. Carr Organizations with strong cybersecurity cultures experience fewer cyberattacks and recover faster than others. Related: Deploying human sensors This results from emulating the...
FIRESIDE CHAT: U.S. banking regulators call out APIs as embodying an attack surface full of risk
By Byron V. Acohido APIs have been a linchpin as far as accelerating digital transformation — but they’ve also exponentially expanded the attack surface of modern...
GUEST ESSAY: Here’s why a big cybersecurity budget won’t necessarily keep your company safe
By Zac Amos The cybersecurity landscape is constantly changing. While it might seem like throwing more money into the IT fund or paying to hire cybersecurity...
GUEST ESSAY: Scammers leverage social media, clever con games to carry out digital exploitation
By Collin McNulty One common misconception is that scammers usually possess a strong command of computer science and IT knowledge. Related: How Google, Facebook enable snooping...
SHARED INTEL Q&A: Bi-partisan report calls for a self-sacrificing approach to cybersecurity
By Byron V. Acohido A new report from the Bipartisan Policy Center (BPC) lays out — in stark terms – the prominent cybersecurity risks of the...
GUEST ESSAY: Could CISOs be on the verge of disproving the ‘security-as-a-cost-center’ fallacy?
By Jess Burn This year has kicked off with a string of high-profile layoffs — particularly in high tech — prompting organizations across all sectors to...
GUEST ESSAY: Five stages to attain API security — and mitigate attack surface exposures
By Rakshith Rao APIs (Application Programming Interfaces) play a critical role in digital transformation by enabling communication and data exchange between different systems and applications. Related:...
GUEST ESSAY: Why CISOs absolutely must take authentication secrets much more seriously
The IT world relies on digital authentication credentials, such as API keys, certificates, and tokens, to securely connect applications, services, and infrastructures. Related: The coming of...
GUEST ESSAY: Testing principles to mitigate real-world risks to ‘SASE’ and ‘Zero Trust’ systems
By Sashi Jeyaretnam A new generation of security frameworks are gaining traction that are much better aligned to today’s cloud-centric, work-from-anywhere world. Related: The importance of...
Cyberwarfare leaks show Russian army is adopting mindset of secret police
A consortium of media outlets have published a bombshell investigation about Russia’s cyber-capabilities, based on a rare leak of documents. The files come from NTC Vulkan,...
‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics
The inconspicuous office is in Moscow’s north-eastern suburbs. A sign reads: “Business centre”. Nearby are modern residential blocks and a rambling old cemetery, home to ivy-covered...
TechScape: How the world is turning against social media
Government workers in the UK, US, Canada and European Union (the list will have grown by the time you read this) are banned from installing TikTok...
Yes, it’s crazy to have TikTok on official phones. But it’s not good for any of us | John Naughton
As of this moment, government officials in 11 countries are forbidden to run TikTok on their government-issued phones. The countries include the US, Canada, Denmark, Belgium,...
TikTok banned on London City Hall devices over security concerns
London City Hall staff will no longer have TikTok on their devices in the latest ban imposed on the Chinese-owned social media app over security concerns....
TikTok to be banned from UK parliamentary devices
Parliament is to ban the Chinese-owned video-sharing app TikTok from “all parliamentary devices and the wider parliamentary network”, citing the need for cybersecurity. The move goes...
BBC urges staff to delete TikTok from company mobile phones
The BBC has urged its staff to delete the Chinese-own social media app TikTok from corporate mobile phones. Guidance to BBC staff circulated on Sunday said:...
Why is TikTok banned from government phones – and should the rest of us be worried?
TikTok is wildly popular, with more than 1 billion people consuming its short video posts around the world. But the app is less favoured by politicians...
The TikTok wars – why the US and China are feuding over the app
TikTok is once again fending off claims that its Chinese parent company, ByteDance, would share user data from its popular video-sharing app with the Chinese government,...
MPs and peers ask information commissioner to investigate TikTok
A cross-party group of MPs and peers have asked the information commissioner to investigate whether the Chinese-owned TikTok’s handling of personal information is in breach of...
The FDA’s Medical Device Cybersecurity Overhaul Has Real Teeth, Experts Say
The Food and Drug Administration (FDA) this week put into effect fresh guidance concerning the cybersecurity of medical devices — long a concerning area of risk...