Day: July 14, 2022

EFF and ACLU File Amicus Brief Objecting to Warrantless, Suspicionless Electronic Device Searches at the Border

In the past couple of decades, EFF has argued that when it comes to suspicionless and warrantless searches at the border, electronic devices like cell phones are not the same as a piece of luggage. Although certain searches at the border are permitted without a warrant, the search of a digital device while crossing into …

EFF and ACLU File Amicus Brief Objecting to Warrantless, Suspicionless Electronic Device Searches at the Border Read More »

Cyble partners with VirusTotal to protect customers’ digital assets from targeted cyberattacks

Cyble announced that it is now a credible source in the list of key contributors to VirusTotal‘s risk analysis. Being a part of VT’s list of website/domain scanning engine contributors will allow Cyble to extend its threat research even beyond its client base and serve the entire cybersecurity fraternity at large. Owned by Chronicle – …

Cyble partners with VirusTotal to protect customers’ digital assets from targeted cyberattacks Read More »

CyberArk Execs: 9 Bets on What's Next in Identity Security

CyberArk Has Pushed Beyond Its Legacy in PAM to Address Broader Identity Use Cases Michael Novinson (MichaelNovinson) • July 14, 2022     CyberArk founder, Chairman and CEO Udi Mokady (Image: CyberArk) CyberArk is looking beyond privileged access management to take on the entire world of identity use cases, especially with new challenges presented by …

CyberArk Execs: 9 Bets on What's Next in Identity Security Read More »

At Half-Year Mark, Ransomware, Vendor Breaches Dominate

Latest Analysis of HHS OCR Health Data Breach Trends Marianne Kolbasuk McGee (HealthInfoSec) • July 14, 2022     A screenshot of HHS OCR’s HIPAA breach reporting website Ransomware incidents and breaches involving business associates affecting millions of individuals dominate the hundreds of major health data breaches reported so far this year to federal regulators. …

At Half-Year Mark, Ransomware, Vendor Breaches Dominate Read More »

3 Tips for Creating a More Efficient Vendor Assessment Process

For many InfoSec teams, most day-to-day operations are focused around a single area: vendor risk management. Over the last few years, building a safe, scalable, and accessible vendor environment has become a top priority for any organization that is sharing or opening up data with customers, partners, or vendors. Because so much time and effort …

3 Tips for Creating a More Efficient Vendor Assessment Process Read More »

Data breaches explained: Types, examples, and impact

What is a data breach? A data breach is a security incident in which a malicious actor breaks through security measures to illicitly access data.   Data about individuals—names, birthdates, financial information, social security numbers and driver’s license numbers, and more—lives in innumerable copies across untold numbers of servers at private companies, public agencies, and …

Data breaches explained: Types, examples, and impact Read More »

Homeland Security warns: Expect Log4j risks for ‘a decade or longer’

Organizations can expect risks associated with Log4j vulnerabilities for “a decade or longer,” according to the US Department of Homeland Security. The DHS’ Cyber Safety Review Board‘s inaugural report [PDF] dives into the now-notorious vulnerabilities discovered late last year in the Java world’s open-source logging library.  The bugs proved to be a boon for cybercriminals …

Homeland Security warns: Expect Log4j risks for ‘a decade or longer’ Read More »

Cyber Safety Review Board's First Report: Log4j Here to Stay

The Department of Homeland Security’s (DHS) Cyber Safety Review Board (CSRB) has released its first report, providing detailed information on the Log4j vulnerability. The CSRB was established in February of this year as part of the United States government’s effort to bolster cybersecurity as a whole. The Board was created to “review and assess significant …

Cyber Safety Review Board's First Report: Log4j Here to Stay Read More »

Rocky Linux 9 Brings Security Enhancements and Better Performance for Enterprise Users

Which browser do you usually use on Linux? No answer selected. Please try again. Please select either existing option or enter your own, however not both. Please select minimum {0} answer(s). Please select maximum {0} answer(s). /main-polls/80-which-browser-do-you-usually-use-on-linux?task=poll.vote&format=json 80 radio Tor (1 vote / 11.11%) 11.11% votes Firefox (4 votes / 44.44%) 44.44% votes Chrome (3 …

Rocky Linux 9 Brings Security Enhancements and Better Performance for Enterprise Users Read More »

Alexander Pagoulatos joins Praetorian as VP of Product

Praetorian announces the appointment of renowned industry leader Alexander Pagoulatos to the position of vice president of Product. “Alex is an energetic and collaborative leader experienced in consistently growing effective teams, shaping the strategy of organizations, and successfully executing with vision in both the public and private sectors. The depth and breadth of his experience, …

Alexander Pagoulatos joins Praetorian as VP of Product Read More »

Langevin amendment to boost cyber defenses for critical infrastructure wins House approval

Written by Suzanne Smalley Jul 14, 2022 | CYBERSCOOP An amendment that includes cyber protections to defend “systemically important” critical infrastructure — such as large energy utilities, telecom providers and major financial institutions — won adoption in the U.S. House of Representatives Thursday. The legislation is an outgrowth of the wo rk of the Cyberspace …

Langevin amendment to boost cyber defenses for critical infrastructure wins House approval Read More »

Bishop Fox Secures $75 Million in Growth Funding From Carrick Capital Partners

PHOENIX, AZ – July 14, 2022 – Bishop Fox, the leading authority in offensive security, today announced $75 million in Series B funding from growth-oriented investment firm, Carrick Capital Partners. The strategic second round brings total funding to $100 million for the 17-year-old cybersecurity firm. The funding will be used to grow the company’s unparalleled …

Bishop Fox Secures $75 Million in Growth Funding From Carrick Capital Partners Read More »

Deque Systems appoints Glenda Sims as Chief Information Accessibility Officer

Deque Systems announced the appointment of Glenda Sims to Chief Information Accessibility Officer (CIAO) where she will offer strategic leadership, provide governance and oversight, empower accessibility both with its customers spearheading innovation as well as within the organization. As the industry continues to see a demand for digital accessibility, the company felt it was necessary …

Deque Systems appoints Glenda Sims as Chief Information Accessibility Officer Read More »

Facebook Judge Rips 'Empty' Data Scrape Deal In Approving It

By Dorothy Atkins (July 14, 2022, 10:07 PM EDT) — A California federal judge said Thursday he’ll preliminarily approve Meta’s non-monetary settlement to end a proposed class action accusing Facebook of surreptitiously scraping Android users’ call and text logs to sell to advertisers, but he criticized it as being “pretty empty” and repeatedly questioned its …

Facebook Judge Rips 'Empty' Data Scrape Deal In Approving It Read More »

How Can Password-Free Identity Verification Safeguard User Privacy?

Passwords are the default identity verification method on the Internet, but a wide range of other methods such as dynamic tokens, SMS verification codes, and biometric authentication have emerged, as awareness of password theft has grown among both developers and users. This article discusses the security risks associated with several common identity verification methods, and …

How Can Password-Free Identity Verification Safeguard User Privacy? Read More »

Webinar | How to Turn Passive Data Backup Systems into Active Measures of Cyber Defense

Fraud Management & Cybercrime , Next-Generation Technologies & Secure Development Presented by Rubrik     60 minutes     With the rise of cyber attacks, organizations continue to struggle to meet aggressive goals for recovery and remediation time. Many approaches to threat intelligence and incident response can inadvertently tax production systems and still lead to …

Webinar | How to Turn Passive Data Backup Systems into Active Measures of Cyber Defense Read More »

Microsoft Says Phishing Campaign Skirted MFA to Access Email

Attackers Targeted More Than 10,000 Organizations Since Last September Prajeet Nair (@prajeetspeaks) • July 14, 2022     Microsoft is warning business email customers about a large-scale phishing campaign that circumvented multifactor authentication to break into inboxes in a bid to commit fraud by obtaining payment data from corporate vendors. See Also: OnDemand Crowdsourced Security …

Microsoft Says Phishing Campaign Skirted MFA to Access Email Read More »

$9M Aerojet FCA Settlement Could Embolden Whistleblowers

By Ben Kochman (July 14, 2022, 9:24 PM EDT) — Aerojet Rocketdyne’s $9 million deal to end a False Claims Act suit alleging that it misled the government about its cybersecurity could spawn similar cases if the Justice Department is committed to backing up whistleblowers, industry attorneys say. The settlement announced last week includes a $2.61 million payout for …

$9M Aerojet FCA Settlement Could Embolden Whistleblowers Read More »

Cracking MEGA … in Six Queries

While the methods that we use in cryptography are often highly secure in their operation, it is often the implementation that lets them… Continue reading on ASecuritySite: When Bob Met Alice » Read more

Bills to Prevent Conflicts of Interest in Acquisition Clear House Committee

The House Committee on Oversight and Reform favorably reported legislation that would instruct the Federal Acquisition Regulatory Council to craft new language agencies must use in guarding against conflicts of interest in the procurement process. After voice votes during a business meeting Thursday, Chairwoman Carolyn Maloney, D-N.Y., moved the bills—H.R. 7602 and H.R. 8325, to …

Bills to Prevent Conflicts of Interest in Acquisition Clear House Committee Read More »

Charting Machine Learning Advancements Through Transformers, and Beyond

“One morning, I shot an elephant in my pajamas. How it got into my pajamas, I’ll never know.” -Groucho Marx (as Captain Spaulding), “Animal Crackers” (1930) Given how fast and powerful artificial intelligence (AI) computing technology has become over the past two decades, it’s humbling to think that the machines still can’t quite grasp the …

Charting Machine Learning Advancements Through Transformers, and Beyond Read More »

Survey Shows Cyber Insurance Marketplace Badly Needs Risk Quantification

A survey of 400 global insurers finds the cyber insurance business “isn’t working for insurers, brokers or their customers.”  According to the survey report, insurers are raising cyber insurance premiums, reducing coverage limits, requiring increasingly burdensome technical questionnaires from customers — and in the end, over half of the firms surveyed still reported being only …

Survey Shows Cyber Insurance Marketplace Badly Needs Risk Quantification Read More »

ASW #202 – Mike Benjamin

Paul’s Security Weekly Thu, 14 Jul 2022 20:46:44 +0000 Thu, 14 Jul 2022 20:54:12 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ production@securityweekly.net (production@securityweekly.net) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly paul@securityweekly.com hacking,security false production@securityweekly.net episodic no ASW #202 – Mike Benjamin Thu, 14 Jul 2022 20:46:44 +0000 01:15:00 false podcast full Read more