Day: October 13, 2021

Top Signs of Identity Theft

When it comes to identity theft, trust your gut when something doesn’t feel right. Follow up. What you’re seeing could be a sign of identity theft.  A missing bill or a mysterious charge on your credit card could be the tip of an identity theft iceberg, one that can run deep if left unaddressed. Here, we’ll look at several signs of identity theft that likely need some investigation …

Top Signs of Identity Theft Read More »

20 Years Later, Xbox Creator Apologizes To AMD CEO For Last-Minute Switch To Intel

The original Xbox was released 20 years ago next month, and to mark the upcoming anniversary, the console’s designer has apologized to AMD’s engineers and its CEO for Microsoft’s last-minute decision to drop AMD for rival Intel. GameSpot reports: Seamus Blackley apologized on Twitter to the AMD engineers who worked with Microsoft to create the …

20 Years Later, Xbox Creator Apologizes To AMD CEO For Last-Minute Switch To Intel Read More »

US Convenes Global Ransomware Summit Without Russia

China, Russia Both Absent from 30-Nation Gathering on the Threat of RansomwareThe White House National Security Council this week kicked off its international counter-ransomware event with participation from more than 30 nations. This gathering aims to elevate both law enforcement collaboration and diplomatic efforts. Noticeably absent from the summit: Russia.Read the article

Shift5 raises $20M to secure commercial and military transportation fleet systems

Shift5 raised $20 million in Series A funding to provide enhanced cybersecurity and operational intelligence for today’s commercial fleet operators and military platforms. The round was led by 645 Ventures, with participation from Squadra Ventures, General Advance, and First In. Operational technology underpins critical infrastructure, enabling it to run continuously and reliably. Transportation fleets — …

Shift5 raises $20M to secure commercial and military transportation fleet systems Read More »

How hacker group CryptoRom is cashing out bank accounts of Tinder, Bumble, Grindr and Facebook Dating users

In their latest investigation, Sophos security team detailed how a group of threat actors managed to steal millions of dollars from users of Tinder, Grindr, Facebook Dating, Bumble and other dating apps in their iOS version. Apparently, the attackers chose a potential victim and then gained their trust to make them download fraudulent cryptocurrency investment …

How hacker group CryptoRom is cashing out bank accounts of Tinder, Bumble, Grindr and Facebook Dating users Read More »

Apple silently fixed iOS zero-day without crediting the expet who reported it

Apple has silently addressed a zero-day vulnerability that could allow attackers to gain access to sensitive user data. Apple has silently addressed zero-day vulnerability with the release of iOS 15.0.2, the vulnerability could allow attackers gain access to sensitive user information. The flaw was reported to the IT giant by software developers Denis Tokarev seven …

Apple silently fixed iOS zero-day without crediting the expet who reported it Read More »

3 Things Every SOC Team Needs to Know About DevSecOps in a Cloud-Native World

It is one of the hottest buzzwords in the cybersecurity landscape not named zero trust.  DevSecOps has grown in prominence as more organizations adopt a cloud-native approach to build and deploy applications faster, improve scalability and reliability, and emphasize continuous improvement. The rising demand for the “Sec” part of the equation should not surprise anyone …

3 Things Every SOC Team Needs to Know About DevSecOps in a Cloud-Native World Read More »

CYTRIO raises $3.5M to help mid-market enterprises comply with data privacy regulations

CYTRIO has raised $3.5 million in seed funding to address mid-sized companies’ challenges of meeting increasing data privacy regulations. CYTRIO has secured funding from angel investors and institutional seed investors, including Dreamit Ventures, Food Retail Ventures, and Rockwood Group. The raise also included CYTRIO’s founding team, industry experts with 50 years of collective data, privacy …

CYTRIO raises $3.5M to help mid-market enterprises comply with data privacy regulations Read More »

(ISC)² announces InclusionREADY to focus on diversity, equity and inclusion in cybersecurity

(ISC)² announced InclusionREADY, a series of special events focused on diversity, equity and inclusion (DEI) at the (ISC)² Security Congress 2021. InclusionREADY is dedicated to igniting industry passion for diversifying the profession, celebrating diverse professionals and their voices, and increasing awareness of why DEI is essential to cybersecurity programs. Taking place virtually on October 18-20, …

(ISC)² announces InclusionREADY to focus on diversity, equity and inclusion in cybersecurity Read More »

Immigrant Gets Misdemeanor for Participating in US Coup

Fascinating development. Attacking the U.S. federal government to overthrow it… does not prevent citizenship path for immigrant. Eliel Rosa, 53, avoided a felony, which would have threatened future citizenship by pleading to a misdemeanor. According to court documents, Rosa and his wife fled political persecution in Brazil and arrived in the US in 2016. The …

Immigrant Gets Misdemeanor for Participating in US Coup Read More »

Academics find Meltdown-like attacks on AMD CPUs, previously thought to be unaffected

Two academic papers have been published over the past two months detailing new side-channel attacks in AMD processors that have eerily similar consequences to the Meltdown attack disclosed in early 2018, to which AMD CPUs were previously thought to be immune. The original idea of the Meltdown attack was that malicious apps could abuse a CPU’s speculate execution operations …

Academics find Meltdown-like attacks on AMD CPUs, previously thought to be unaffected Read More »

Spotlight: COVID Broke Security. Can We Fix It In 2022?

Podcast: Play in new window | Download (Duration: 29:29 — 40.5MB) | Embed Subscribe: Google Podcasts | Email | In this Spotlight Podcast, Pondurance Founder and Chief Customer Officer Ron Pelletier joins me to discuss his predictions about the security trends that will shape 2022. After a devastating 18 months of COVID – which included a surge in cyber attacks …

Spotlight: COVID Broke Security. Can We Fix It In 2022? Read More »

13 important vulnerabilities affecting SAP environmental compliance. Update immediately

In its latest security update, SAP announced the patching of a total of 13 security flaws, all considered critical and of high severity. The most serious of these failures were tracked as CVE-2020-10683 and CVE-2021-23926, two XML injection errors that received scores of 9.8/10 according to the Common Vulnerability Scoring System (CVSS). As some users …

13 important vulnerabilities affecting SAP environmental compliance. Update immediately Read More »

FTC Puts 700+ Companies on Notice to Expect to Pay Penalties for Any Endorsement Violations

By: Linda Goldstein, Amy Mudge, Randy Shaheen, Jack Ferry and Matt Renick The Federal Trade Commission (FTC or Commission) announced on Oct. 13 a widespread enforcement action against deceptive endorsement practices. The Commission sent a Notice of Penalty Offenses to more than 700 companies, notifying them that conduct related to fake or misleading endorsements and …

FTC Puts 700+ Companies on Notice to Expect to Pay Penalties for Any Endorsement Violations Read More »

New Cloud Security Alliance Guidance Provides Framework for Protecting Critical Healthcare Systems While Taking Risk to Patient Safety Into Account

Paper from IoT Working Group highlights the importance of not treating medical device incident response as a one-size-fits-allSEATTLE – Nov. 9, 2021 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today released the CSA Medical Device Incident …

New Cloud Security Alliance Guidance Provides Framework for Protecting Critical Healthcare Systems While Taking Risk to Patient Safety Into Account Read More »

Come Back with a Warrant: Congress Should Pass the Protecting Data at the Border Act

We do not lose our constitutional rights at the border. The U.S. Department of Homeland Security (DHS), however, believes you do. In fiscal year 2019 alone (before the pandemic curbed international travel), U.S. Customs and Border Protection (CBP) officers conducted nearly 41,000 electronic device searches without seeking a warrant supported by probable cause of wrongdoing …

Come Back with a Warrant: Congress Should Pass the Protecting Data at the Border Act Read More »