300,000 banking Trojan infections from Google Play in 4 months

In the span of only four months, four large Android families were spread via Google Play, resulting in 300.000+ infections via multiple dropper apps, according to ThreatFabric research. 

from Cyber Security News https://ift.tt/3rnUICU

Password management strategies differ across the US

The annual Password Decisions Survey from Bitwarden explores how U.S. companies manage their login credentials.

from Cyber Security News https://ift.tt/3pgl2fh

Mitigating cyber threats within 5G cloud infrastructure

As part of the Enduring Security Framework, the National Security Agency and the Cybersecurity and Infrastructure Security Agency published guidance to mitigate cyber threats within 5G cloud infrastructure.

from Cyber Security News https://ift.tt/3xxRvSj

Will the convergence of IGA, PAM and AM fix the fractured identity landscape?

Identity is fast becoming less of a tool and more of a strategic framework to secure digital assets and protect data privacy.

from Cyber Security News https://ift.tt/3pbwicP

Why the threat of wire fraud is particularly high for private capital markets – and what’s being done to address it

Although cybercriminals will always try to adapt to new security measures and insert themselves in the middle of a financial transaction, financial firms can prevent cyberattacks by using fingerprint, facial recognition, and other verification methods that cannot be stolen or faked. 

from Cyber Security News https://ift.tt/3rj20b8

Metropolitan school system blocks threats with cybersecurity platform

A large K-12 school system implemented a cybersecurity platform from CloudCover to mitigate cyber risk.

from Cyber Security News https://ift.tt/3lwFB6v

Apple is suing NSO Group

Apple is suing NSO Group, an Israeli firm that sells software to government agencies and law enforcement that enables them to hack iPhones.

from Cyber Security News https://ift.tt/3DSSQoZ

45% of companies do not employ a CISO

Navisite's "The State of Cybersecurity Leadership and Readiness" report found that 45% of companies do not employ a Chief Information Security Officer (CISO).

from Cyber Security News https://ift.tt/3nOzoEv

5 minutes with Chris Hass: Why you shouldn't rely on cyber insurance

from Cyber Security News https://ift.tt/32wWgA7

Standardizing video conferencing security guidelines should be a top government priority

The new realities of communicating in the remote work environment have led to a whole new set of challenges. Initiatives related to protecting users on virtual meeting tools should be at the forefront of every government’s cybersecurity agenda. 

from Cyber Security News https://ift.tt/32hKdGz

Wesley Story joins Genesys as Chief Information Officer

Experienced cybersecurity professional Wesley Story joins Genesys as the new Chief Information Officer (CIO).

from Cyber Security News https://ift.tt/3l477HZ

GoDaddy breach: Up to 1.2 million user records compromised

A breach of the GoDaddy Managed WordPress hosting environment exposed information from up to 1.2 million users, including email addresses, login information and more.

from Cyber Security News https://ift.tt/2ZhsOwB

Jason Lobell named Chief Technology Officer at Cyber Defense Labs

Jason Lobell, the new Chief Technology Officer (CTO) at Cyber Defense Labs, has protected company operations from cyber threats and built and managed security operations centers on behalf of a range of multinational companies.

from Cyber Security News https://ift.tt/3r4pWii

Artificial intelligence, machine learning, cloud computing, 5G will be most important tech in 2022

A new IEEE study covers the most important technologies in 2022, industries most impacted by technology in the year ahead, and technology trends through the next decade.

from Cyber Security News https://ift.tt/3oSO0C2

5 minutes with Jann Yogman: The cure for human error? Comedy.

Security talks to Jann Yogman, who has written and produced comedy for Michael J. Fox, Dana Carvey and Conan O'Brien during his career. Yogman brought his comedy skills to Mimecast to help out with cybersecurity awareness training, structuring the program like seasons of a situation comedy, with actual comedic actors playing repeating characters.

from Cyber Security News https://ift.tt/3xfQTAm

Try creating employee personas to customize your security communications efforts

Security awareness should be an ongoing campaign, not just an event. That campaign, just like any marketing campaign, starts with a thorough understanding of the target audience — the people you wish to influence to adapt security best practices.

from Cyber Security News https://ift.tt/2ZfZQxf

The 10 best US cities for IT security professionals

Where are the best cities for IT security analysts? New rankings from AdvisorSmith compare average salary, cost of living and cybersecurity job density to find cities in the U.S. best suited for IT security careers.

from Cyber Security News https://ift.tt/3CHDbY4

John Kreul joins Jewelers Mutual Group as Chief Information Officer

John Kreul will oversee the operations and strategy of Jewelers Mutual Group's technology department as the insurance provider's Chief Information Officer.

from Cyber Security News https://ift.tt/3CG9W84

CISA issues holiday warning: Critical infrastructure stay vigilant

The Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation are reminding critical infrastructure partners to stay vigilant against threats during holidays and weekends.

from Cyber Security News https://ift.tt/3oTL73A

Banks now required to report cyber incidents within 36 hours

Federal bank regulatory agencies approved a rule to improve the sharing of information about cyber incidents that may affect the U.S. banking system.

from Cyber Security News https://ift.tt/3xiQ4XF

Why network-based zero trust doesn’t protect your most valuable assets

By shifting to data-centric zero trust with innovative solutions that integrate enhanced levels of control to data security, organizations can boost their ability to prevent breaches, defend against attacks, and combat increasingly sophisticated cybercriminal enterprises. 

from Cyber Security News https://ift.tt/3cC4Ter

Passwordless made simple with user empowerment

While relying on passwordless authentication is both easier and safer for IT and end users, the transitional period is everything but. 

from Cyber Security News https://ift.tt/30OLoNr

AI tracks illegal wildlife trafficking at Heathrow

A recent test of artificial intelligence (AI) designed to identify illegally trafficked animals and animal products in air cargo and baggage proved successful in over 70% of cases. The AI model represents a collaboration between Smiths Detections, Microsoft and the Heathrow Airport.

from Cyber Security News https://ift.tt/3HFo4lE

Emotet malware returns; here's what to look out for

Once described as "the world's most dangerous malware," Emotet, has allegedly returned and is being installed on Windows systems infected with TrickBot malware. 

from Cyber Security News https://ift.tt/3kNVAwo

100,000 California Pizza Kitchen employee SSNs compromised in data breach

In a data breach of California Pizza Kitchen, personal data from over 100,000 employees including names, Social Security numbers and other identifying information was accessed by cybercriminals. Security leaders around the globe give their insights into the cyberattack.

from Cyber Security News https://ift.tt/3kRLta0

70% of security pros find security hygiene and posture more challenging

JupiterOne announced the findings of a new survey by Enterprise Strategy Group (ESG), which warns of inadequate security hygiene and posture management practices at many organizations.

from Cyber Security News https://ift.tt/3kONwM4

The unforeseen risks of sharing smartphone location data

From app usage to location data, developers are siphoning consumer data and selling it to data brokers and advertisers for top dollar. And while this data may be inconsequential, at its core, this issue is about consumers’ right to privacy. 

from Cyber Security News https://ift.tt/30DDy94

Mitigating the risk posed by remote work

In a remote or hybrid environment, employers have less visibility into employee activity, and as a result, the risk has greatly increased.

from Cyber Security News https://ift.tt/3qRRQOj

73% of airline passengers interested in biometrics replacing passports

The 2021 Global Passenger Survey from the International Air Travel Association (IATA) highlighted how biometric data collection is perceived and used within the air travel industry.

from Cyber Security News https://ift.tt/3Cscsif

Are your critical IT assets safe from cyberattacks?

A new study from Telos Corporation and conducted by Vanson Bourne, "Critical IT Assets Need Protection Beyond Standard Network Security," revealed that 99% of security professionals believe an attack on their critical IT assets would have both organizational and societal repercussions.

from Cyber Security News https://ift.tt/3Fsi1Px

Multi-cloud adoption will be strong in 2022 but key security gaps and challenges remain

While 95% of businesses are making multi-cloud a strategic priority in 2022 with security being top of mind (96%), only 54% feel highly confident that they have the tools or skills they need to execute, Valtix research reveals.

from Cyber Security News https://ift.tt/3DpD30J

Despite breaches, consumer trust remains high

According to a new White Hat Security, 35% of consumers indicated that they would continue shopping with a retailer that experienced a security breach, while only 25% said they would begin taking their business elsewhere.

from Cyber Security News https://ift.tt/3Hygv06

The rising tide of cyber insurance premiums in the age of ransomware

Insurance providers have had to take on increased risk with ransomware attacks on the rise, thus the surging price of insurance premiums. What are some trends fueling the cyber insurance industry?

from Cyber Security News https://ift.tt/30DM0oN

How Ireland’s second city emerged as a global cybersecurity hub

Cork may be Ireland’s second city, but it’s clearly punching above its weight. Because it’s here that several multinational companies — and many Irish start-ups — have established or expanded their cybersecurity operations. How did Cork land this distinction?

from Cyber Security News https://ift.tt/3HAYQ8j

An unfortunate side effect: How privacy trends are weakening website security

Enterprises and security vendors alike need to better understand how these privacy improvements affect the way companies ascertain which traffic is human and which is fake, and thus the impact it has on stopping online fraud.

from Cyber Security News https://ift.tt/3cppl21

2022 Ransomware Resilience Summit Europe to take place in February

The 2022 Ransomware Resilience Summit Europe will bring organizations and expert advisors together to benchmark resilience and business continuity planning, share lessons learned and enable businesses to better protect themselves.

from Cyber Security News https://ift.tt/3Dr5w6d

Dan Lohrmann named Field CISO at Presidio

Cybersecurity leader Dan Lohrmann has been named Field Chief Information Security Officer (CISO) for the Public Sector at Presidio.

from Cyber Security News https://ift.tt/3qGUWVk

Minnesota IT Services bolsters cloud security

Minnesota IT Services, the state cybersecurity and information technology agency, added cloud protection from Radware to better serve the Minnesota community. Read more about the solution in this case study.

from Cyber Security News https://ift.tt/3kN8FpL

Actionable tips to create a business cybersecurity plan

Just as you wouldn’t recommend going to a basement during a fire nor running outside during a tornado, it is crucial to outline safety plans according to cyber disasters. Organizations can do this by implementing a business cybersecurity plan.

from Cyber Security News https://ift.tt/3qLuABI

Securing multi-cloud environments: Why DIY privilege access management doesn’t work

Organizations are moving to multi-cloud environments in droves, largely because the cloud is fast, agile and powerful. But is it secure? Inherently — no.  

from Cyber Security News https://ift.tt/3DnMuOk

2021 BlackBerry Security Summit roundup

This year, on October 13th, the BlackBerry Security Summit 2021 took place — fully virtual. Keynote speakers included a range of BlackBerry organizational leaders across specialties, from Cybersecurity and Threat Detection to Product Management and Engineering.

from Cyber Security News https://ift.tt/3DoOWEj

Data access strategy helps hotels on- and offboard employees

Village Hotels, a hotel group with over 30 locations across the United Kingdom, has implemented a data management solution from CloudM to help on- and offboard employees. Read more about the solution in this case study.

from Cyber Security News https://ift.tt/30Azgzt

Study finds knowledge gaps in K-12 cloud security

A report from ManagedMethods and administered by the EdWeek Research Center, "What You Don't Know Can Hurt You: New Survey Identifies Gaps in K-12 Cloud Security," details cybersecurity knowledge gaps in the K-12 sector.

from Cyber Security News https://ift.tt/30suJyP

Ethical hackers reduce $27 billion in risk during COVID-19

Ethical hackers prevented 27 billion dollars worth of cybercrime from May 1, 2020 to August 31, 2021, according to Bugcrowd.

from Cyber Security News https://ift.tt/30mI4sh

Eliminate the growing pains from your security strategy

Delaying the evolution of your organization’s security is a big mistake. As your organization scales, so does the magnitude of the security threats you face. To avoid costly growing pains, the time to start planning a modern security strategy is today.

from Cyber Security News https://ift.tt/3wRy8TQ

Remote productivity surveillance could increase staff turnover

Email monitoring, video surveillance and keylogger software are some of the methods employers use to track productivity in the remote work environment. However, a new study from VMware, "The Virtual Floorplan: New Rules for a New Era of Work," has found a higher employee turnover rate in businesses that monitor productivity remotely.

from Cyber Security News https://ift.tt/3cb3QSy

Nearly half of employees have been asked to aid ransomware attacks

A new survey from Pulse and Hitachi ID reveals that nearly half of all enterprise team members have been approached by cybercriminals to assist a ransomware attack.

from Cyber Security News https://ift.tt/3wPshON

One-third of retail and hospitality organizations have experienced a data breach

Cornell researchers and FreedomPay have partnered to release the "Check Please! How Restaurant, Retail and Hospitality Businesses are Managing Cybersecurity Risks" study, which measures enterprise leaders' perspectives on cybersecurity in the retail and hospitality sector.

from Cyber Security News https://ift.tt/3DcGKa0

3 tips for stopping the next insider attack

Reducing our threat surface by limiting what any one person can access and improving organizational efficiency processes can go a long way in mitigating damage from the vast majority of attacks  — no matter if they come from inside or outside your organization.

from Cyber Security News https://ift.tt/3Cbj4Bp

Pentagon to launch zero trust cyber office in December

The Pentagon is set to launch a new office dedicated to expediting the adoption of a new zero trust cybersecurity model.

from Cyber Security News https://ift.tt/30qDY2L

DHS requests public comment on AI, facial recognition

The Department of Homeland Security (DHS) has requested feedback from industry leaders and interested parties on the subject of artificial intelligence, including facial recognition. The technologies have been used widely by the department, but DHS highlighted concerns around bias and privacy that follow AI and facial recognition implementations.

from Cyber Security News https://ift.tt/3c5zqAW

Pinny Tam named CISO at FastTrack

Pinny Tam brings over 20 years of information security experience to the Chief Information Security Officer (CISO) role at FastTrack.

from Cyber Security News https://ift.tt/3H9Zn0C

Expect 2022 to be the year of cybersecurity

2022 is just around the corner, and we are already following new developments in cybersecurity that will significantly impact your business in this upcoming year and the rest of the decade.

from Cyber Security News https://ift.tt/3HdAvVO

Robinhood data breach impacts seven million users

American financial services company Robinhood has suffered a data breach that affects seven million customers. 

from Cyber Security News https://ift.tt/3D5AC3k

DOJ charges REvil ransomware leaders with Kaseya attack

from Cyber Security News https://ift.tt/30aI7b6

Chris Gebhardt joins Synoptek as CISO

Chris Gebhardt brings over 30 years of experience to his new role as Synoptek’s Chief Information Security Officer.

from Cyber Security News https://ift.tt/2YyP5FX

Account compromises may decrease by 96% at Florida State

After implementing a two-factor authentication program, Florida State University projects account compromises to decrease by 96% in 2021.

from Cyber Security News https://ift.tt/3kqNjyd

DDoS attacks and botnets in 2021 – Mozi, takedowns and high-frequency attacks reshape the threat landscape

The first half of 2021 brought both bad news and good news about distributed denial-of-service (DDoS) attacks. The DDoS threat continues to be a global problem, at a massive scale, with increasing complexity, but proactive actions have had a positive impact.

from Cyber Security News https://ift.tt/2YwD8jW

Canadian healthcare system suffered cyberattack

A widespread cyberattack has targeted the public health system in Newfoundland and Labrador, Canada. Officials recently confirmed the attack as hospital systems in the province struggle to reinstitute health services.

from Cyber Security News https://ift.tt/3EZWeyK

Cybercriminals target mobile banking apps

The 2021 Threat Intelligence Report from Nokia detailed this year's security trends, focusing on a rise in malware attacks on mobile banking apps.

from Cyber Security News https://ift.tt/3mUcyL2

New strategic direction for CMMC 2.0 announced

The Department of Defense announced the strategic direction of the Cybersecurity Maturity Model Certification (CMMC) program, marking the completion of an internal program assessment led by senior leaders across the Department.

from Cyber Security News https://ift.tt/3CVtKFB

7 out of 10 IT employees may quit their jobs

A new survey on how information technology (IT) employees perceived their work environment revealed that 72% of IT professionals are considering leaving their jobs an looking for other opportunities within the next twelve months. Find out why here.

from Cyber Security News https://ift.tt/3BGa4nx

$1 million CISA grant funds cybersecurity training for underserved populations

"You can't expect to have the best and brightest if you're only recruiting from 50% of the population. You have to recruit from 100% of the population and if you don't, you're not going to get the best and brightest," said CyberWarrior COO Jonathan Edwards. The Cybersecurity and Infrastructure Security Agency (CISA) awarded CyberWarrior a grant to develop cyber workforce training for underserved populations.

from Cyber Security News https://ift.tt/3kcOUaP

US offers reward of up to $10 million for information on DarkSide

The U.S. Department of State is offering up to $10,000,000 for information leading to the identification or location of any individual(s) who hold a key leadership position in the DarkSide ransomware crime group. 

from Cyber Security News https://ift.tt/3nVIPRc

John McCorry named CIO and VP of Business Tech at Airlines Reporting Corp

John McCorry will join the Airlines Reporting Corp. (ARC) team as their new Chief Information Officer (CIO) and Vice President of Business Technology.

from Cyber Security News https://ift.tt/3o4dhsi

US government blacklists four companies due to national security concerns

The United States Government has added four foreign companies to the Entity List for engaging in activities contrary to the national security or foreign policy interests of the U.S. 

from Cyber Security News https://ift.tt/3k9oCGw

Ransomware actors use financial events to target companies

Ransomware actors are using significant, time-sensitive financial events, such as mergers and acquisitions, to target and leverage victim companies, according to the Federal Bureau of Investigation (FBI) recent Private Industry Notification (PIN). 

from Cyber Security News https://ift.tt/3BPF5FV

Why cyber risk assessments should be a part of your business strategy

It’s vital for C-suites to include cybersecurity as part of their capital planning. And the key to that is determining what “just enough security” is for the organization to meet its business goals. What’s the best way to determine how much security is “just enough”? 

from Cyber Security News https://ift.tt/3CNAAgo

Rohinee Mohindroo joins Sitecore as Chief Information Officer

Rohinee Mohindroo brings cybersecurity experience to the Chief Information Officer (CIO) position at Sitecore from her roles at three other firms, where she helped design cyber strategies to best defend against threats.

from Cyber Security News https://ift.tt/3q7T73A

Biden administration issues cybersecurity mandate for federal agencies

The Biden administration issued a broad new order — Binding Operational Directive 22-01 - Reducing the Significant Risk of Known Exploited Vulnerabilities — requiring nearly all federal agencies to patch hundreds of cybersecurity flaws considered major vulnerabilities for damaging intrusions into government computer systems. 

from Cyber Security News https://ift.tt/3GUox3o

BlackMatter ransomware gang claims to have shut down

Distributors of BlackMatter ransomware have announced plans to shut down amid mounting pressure from law enforcement.

from Cyber Security News https://ift.tt/3mHymth

UAE Central Bank establishes cybersecurity center

The Central Bank of the United Arab Emirates (CBUAE) has added a cybersecurity center to its security strategy. The CBUAE Networking and Cyber Security Operations Centre aims to mitigate cyber risk in the country's financial sector.

from Cyber Security News https://ift.tt/3k5ej6r

Michael Gregg named North Dakota CISO

A cybersecurity leader with over 20 years of experience in the field, Michael Gregg will focus on end point protection, risk management and more as the State of North Dakota's new Chief Information Security Officer (CISO).

from Cyber Security News https://ift.tt/3EIo568

80% of organizations report employee misuse or abuse of access to business applications

New research released by CyberArk reveals that organizations continue to operate with limited visibility into user activity and sessions associated with web applications, despite the ever-present risk of insider threats and credential theft.

from Cyber Security News https://ift.tt/3bESXrG

Marco Maiurano joins First Citizens Bank as Chief Information Security Officer

Marco Maiurano has joined First Citizens Bank as Chief Information Security Officer. He is responsible for overseeing the company’s information security operations, identity and access management, information security architecture and security consulting solutions.

from Cyber Security News https://ift.tt/3wc5dte

CCPA enforcement: Implications on the big data ecosystem

The tech giants that the CCPA attempted to target were able to escape liability by capitalizing on a convenient loophole that excluded data analytics from the definition of a sale. New CCPA enforcement letters could have major implications for the broader data ecosystem — third-party data may disappear as we know it. The time has come to provide consumers with value for opting in.

from Cyber Security News https://ift.tt/3w9VQKw

Kicking off National Critical Infrastructure Security and Resilience Month

November is Infrastructure Security Month and a time to think about how organizations can contribute to the security and resilience of the U.S.'s essential services and functions.

from Cyber Security News https://ift.tt/3CJqoFy

Mobile phishing threats surged 161% in 2021

Lookout, Inc. released a report showing that mobile phishing exposure surged 161% within the energy industry between the second half of 2020 and the first half of 2021. 

from Cyber Security News https://ift.tt/2ZJPbeA

Passwordless made simple with user empowerment

You must’ve heard it dozens of times by now: passwords are not secure enough to protect business data. But everyone mentions alternatives to passwords as if uprooting your current identity authentication system is a piece of cake.

from Cyber Security News https://ift.tt/3q0ddN2

Miro Pihkanen named CSO and Board Member at OwlGaze

Miro Pihkanen joins OwlGaze as their new Chief Security Officer (CSO) and Board Member. In his security and advisor roles, Pihkanen will help the organization finalize a cyber threat detection solution.

from Cyber Security News https://ift.tt/3jXJLU6

New 'AbstractEmu' Android malware seizes total control of your device, evades detection

Security researchers at the Lookout Threat Labs have discovered a new Android malware, dubbed AbstractEmu, with rooting capabilities distributed on Google Play and major third-party stores, including the Amazon Appstore and Samsung Galaxy Store.

from Cyber Security News https://ift.tt/3jQFQbB

Defining synthetic identity fraud once and for all

Jeffrey Feinstein, Vice President of Global Analytic Strategy, LexisNexis Risk Solutions, had the honor of serving on a Federal Reserve committee this past winter to define synthetic identity fraud. The result of this effort was the release of a paper that defines it for the industry, an essential step forward in the fight against this pervasive threat.

from Cyber Security News https://ift.tt/3mFNsj7

How a layered defense strategy protects organizations from security incidents occurring at the seams

Incidents tend to happen at the seams and cracks of your organization, where the automation is incomplete, observability is not omniscient, and humans are still in the loop. Our blind spots are constantly evolving, and we must update our mental models of how to approach security accordingly.

from Cyber Security News https://ift.tt/3bsBRNB