All tagged news
UPDATED December 16, 2021
If you are reading this, you likely have heard about Log4Shell, the December, 2021 critical zero-day remote-code execution vulnerability in the popular Log4j software library that is developed and maintained by the Apache Software Foundation. Apache has patched this vulnerability in version 2.15.0, however vendors who use this library will need to…
Annual cybersecurity reports are a rich resource of statistics and information for cybersecurity professionals, academics, journalists and anyone who is interested in cybersecurity. Below is a categorized list of many of these reports…
The March 2021 issue of Security magazine, partnering with (ISC)2, featured their inaugural list of the Top Cybersecurity Leaders for 2021. As the author of this blog, I am both humbled and honored, to not only be part of the inaugural team, but also to be recognized with these accomplished cybersecurity professionals.
This week on Between The Hacks: The SolarWinds hack explained in plain English, D-Link router vulnerabilities, Google explains their global outage, 28 malware-infected browser extensions and cybercrime book for the security enthusiast on your gift list.
By now you have probably heard about the SolarWinds supply-chain compromise that has impacted government and businesses all over the world. This story is still unfolding so I won’t try to explain everything in detail, rather, I’ll attempt to explain the situation for the less-technical reader and link to some resources so that you can follow the story.
This week on Between The Hacks: A dental data breach, the U.S. IoT Security Law, a 2020 Microsoft vulnerability report, the final sunset of Adobe Flash, Rebooting by Lisa Forte and the Smashing Security Christmas party.
An important step toward securing the Internet was achieved on December 4, 2020, when President Trump signed an IoT security bill into law. The Internet of Things Cybersecurity Improvement Act of 2020 has been in the works since 2017 and was passed by the U.S. House of Representatives in September 2020 and the U.S. Senate in November 2020.
The bi-partisan team that backed the IoT bill included…
This week on Between The Hacks: Google used for phishing, the U.K. reveals their National Cyber Force, the state of CISA, ransomware takes over printers, and password managers are needed more than ever.
This week on Between The Hacks: Will the head of CISA be fired?, Microsoft discourages SMS MFA, The North Face credential stuffing attack, a new smishing campaign revealed, and The Perfect Weapon becomes a documentary.
This week on Between The Hacks: Three iOS zero-days, a zero-day for Chrome on Android, a new ransomware report, a gaming company falls victim to ransomware, and how to fix the Mac/HP “malware” problem.
This week on Between the Hacks, week 5 of Cybersecurity Awareness Month, Trump Campaign site defaced, ransomware threat against U.S. hospitals, a Facebook MFA bypass attack and how to enable MFA on your accounts.
This week on Between the Hacks, week 4 of Cybersecurity Awareness Month, Trump on cybersecurity, a Chrome zero-day, 63 billion credential stuffing attacks, and a malware museum.
This week on Between the Hacks, week two of Cybersecurity Awareness Month, 61% of Exchange servers unpatched, governments want encryption backdoors, new Android ransomware, and tips to avoid ransomware.
This week on Between the Hacks, it’s Cybersecurity Awareness Month, potentially steep fines for paying a ransom, a New Jersey hospital pays a ransom to prevent sensitive data leakage, a warning about election misinformation, and a tool to test website privacy.
This week on Between the Hacks, new social media phishing campaigns, Microsoft reports of ZeroLogon attacks, a sports official data breach, and the EFF releases a new tool.
This week on Between the Hacks, a ransomware attack results in human death, The U.S. House passes an IoT security bill, the Mozi botnet makes up 90% of IoT traffic on the Internet and a tool to create and protect your online brand.
This week on Between the Hacks, Black Hat keynote addresses election security, more fallout from the Blackbaud breach, the NSA warns of location tracking abuse, 20 GB of Intel data is leaked and watch the DEF CON YouTube channel.
This week on Between the Hacks, data breaches galore, three arrested in the Twitter hack, will TikTok be banned?, the dumpster fire of the week and a nostalgic tool that’s useful and fun.
It’s August 2020 and many families take this time to go on vacations. COVID-19 has caused many people to delay or cancel those plans so instead of Beach Week, here at Between The Hacks, we are dubbing this week as Breach Week.
Why? Because there was an unusually large number of data breaches made public this week. Avon, Drizly, Dave.com, Havenly and many others had data breached publicly online this week. So if you didn’t make it to the beach this year, put on your swimsuit, grab a frozen, fruity drink and relax as you learn which companies were breached, check if you were impacted, and learn how to be alerted if you are impacted by data breaches in the future.
This week on Between the Hacks, Garmin is under attack, a Twitter hack update, a data breach involving a university and non-profit cloud vendor, critical Adobe patches, and the DEF CON documentary.
