A federal district court judge blew a hole in the SEC's case against SolarWinds, saying that while the company and its CISO could be tried for statements made before the high-profile Sunburst attack, those that came after were based on "speculation and hindsight."
The post Judge Dismisses Most SEC Charges Against SolarWinds appeared first on Security Boulevard.
BSODs beyond belief: A buggy update to CrowdStrike Falcon made Windows PCs and servers crashβworldwide.
The post Global Outage Outrage: CrowdStrike Security Tool Blamed appeared first on Security Boulevard.
A survey shows that nearly half of all small-to-medium enterprises (SMEs) fell victim to cyberattacks in the first half of this year.
The post Survey: Nearly Half of SMEs Fell Victim to Cyberattack in Last Six Months appeared first on Security Boulevard.
Understanding the risks associated with the cloud environment and adopting technologies, such as zero-trust network access, DSPM, generative AI and other security measures, helps mitigate the risks and strengthen the cloud posture.
The post Future of Hybrid Cloud Security: New Approaches and Innovations appeared first on Security Boulevard.
Malware pretending to offer a safe web-browsing experience can alter what the users sees on the requested page or direct them to another one and also allows other bad actors to run malicious codes on Windows systems using the highest level of privilege.
The post ESET: Chinese Adware Opens Windows Systems to More Threats appeared first on Security Boulevard.
A crypto phishing campaign has been identified in which a threat actor employs AI-generated content to create 17,000 phishing lure sites impersonating more than 30 major cryptocurrency brands, including Coinbase, Crypto.com, Metamask and Trezor.
The post Phishing Threat Actor Leverages AI to Target Multiple Crypto Brands appeared first on Security Boulevard.
These proactive defense measures - vulnerability management, MFA and EDR - remain critical in the ongoing battle against RaaS groups and bad actors.
The post Strengthening Security Posture in the World of Outsourced Ransomware-as-a-Service (RaaS) appeared first on Security Boulevard.
The number of data breach victims in the first half (H1) of 2024 has surged to 1,078,989,742, marking a 490% increase compared to the same period in 2023, which saw 182,645,409 victims.
The post Data Breaches Impact Growing Number of Victims, ITRC Finds appeared first on Security Boulevard.
A hacker who calls themselves "emo" says they accessed the information of 15 million Trello users in January through an unsecured REST API endpoint and six months later leaked the information on an underground forum.
The post Hacker Leaks Data of More Than 15 Million Trello Users appeared first on Security Boulevard.
Steamboat bloat: Hacktivist group wields infostealer Trojan, leaks 1,200 GB of mouse droppings.
The post Disney 1.2β―TB Slack Hack: NullBulge Claims Leak is its Own appeared first on Security Boulevard.
The APT group Void Banshee exploited a now-patched Windows security flaw and the retired Internet Explorer browser to distributed the Atlantida malware to steal system information and sensitive data from victims.
The post Void Banshee Group Used βWindows Relicβ IE in Phishing Campaign appeared first on Security Boulevard.
Generative AI has great potential for scaling and automating security practices, but to be effective, organizations need to have a strong security foundation.
The post Fortifying Digital Infrastructure: Why Companies Must Strengthen Cloud Security Before Going βAll Inβ on Generative AI appeared first on Security Boulevard.
Baffle today extended its ability to secure multitenant applications running on the Amazon Web Services (AWS) cloud to include the relational databases many of them are deployed on.
The post Baffle Extends Encryption Reach to AWS Databases appeared first on Security Boulevard.
SMBs are increasingly becoming the cyberattackerβs goldmine. Device management is one way to stay ahead of malicious actors and protect your crown data jewels.
The post Why SMB Security Needs Efficient Device Management appeared first on Security Boulevard.
The Satori Threat Intelligence Team funded by HUMAN Security, a provider of a platform thwarting bot-based attacks, today disclosed it has uncovered a massive ad fraud operation involving the setting up of βevil twinsβ of applications found in the Google Play Store..
The post Report Identifies More Than 250 Evil Twin Mobile Applications appeared first on Security Boulevard.
A class-action lawsuit claims that outdoor clothing retailer Patagonia violated plaintiffs' privacy rights by letting Talkdesk's AI-based call center products record, store, and analyze customer conversations without their knowledge or consent.
The post Patagonia Sued for Using AI-Based Software to Analyze Customer Calls appeared first on Security Boulevard.
A month after the U.S. Commerce Department banned it from selling its security software in the country, Russian company Kaspersky Lab said it is shuttering its U.S. operations and laying off staff in the country by July 20.
The post Russian Antivirus Firm Kaspersky Shuts Down U.S. Operations After Ban appeared first on Security Boulevard.
DeFAIL: Cryptocurrency fans lose their worthless tokens via phishing attacks on decenΒtralΒized finance sites.
The post Squarespace Hacked β DeFi Wallets Drained (Imaginary Money Stolen) appeared first on Security Boulevard.
As you think about how to ensure your APIs are within your risk tolerance, ensure that you have a sound understanding of your inventory and the data associated with them.
The post API Transformation Cyber Risks and Survival Tactics appeared first on Security Boulevard.
While it's unclear how new, advanced technologies like AI and ML will ultimately change the data security landscape, now is not the time to stand still.
The post How U.S. Businesses can Fight the Deepfake ThreatΒ appeared first on Security Boulevard.
The Summer Olympic Games will be held in Paris this year, and while the athletes will be focused on breaking world records, there are plenty of opportunistic cyberthreat actors who will be focused on breaking into the eventβs complex, fragmented digital environment.
The post Olympic Gold at Risk: AI Cybercriminals Target 2024 Games. appeared first on Security Boulevard.
Alphabet Inc.βs Google is closing in on a $23 billion acquisition of cybersecurity firm Wiz β its largest purchase ever.
The post Google Nears $23 Billion Purchase Of Wiz: Reports appeared first on Security Boulevard.
Advance Auto Parts, a massive auto parts dealer, says 2.3 million people had their information compromised in a data breach of information stored with cloud storage services provider Snowflake.
The post Advance Auto Parts: Data of 2.3 Million People Stolen in Breach appeared first on Security Boulevard.
Financial firms should explore how the vast array of SASE services can improve the services they offer while providing unparalleled security for the network.
The post Addressing Financial Organizationsβ Digital Demands While Avoiding Cyberthreats appeared first on Security Boulevard.
Explore the importance of zero-trust in safeguarding sensitive information, enhancing organizational visibility, and ensuring a secure and seamless user experience.
The post Zero-Trust Strategies: Paving the Way for a Secure Future & Sustainable Enterprise Growth appeared first on Security Boulevard.
Shouldβve used MFA: $T loses yet more customer dataβthis time, from almost all of them.
The post AT&T Says 110M Customersβ Data Leaked β Yep, itβs Snowflake Again appeared first on Security Boulevard.
We're primed to face another Y2K-like event: Q-Day, the point at which quantum computers become capable of breaking traditional encryption, totally upending security as we know it.
The post Q-Day Prepping: What Businesses Can Do Now to Address Quantum Security Risks appeared first on Security Boulevard.
Threat actors targeting the upcoming Paris Olympics release a three-part video series called "Olympics Has Fallen II" and use AI-generated deepfake technology to make it appear that Tesla CEO Elon Musk is narrating the story.
The post Muskβs Voice, Likeness Used in Deepfake Scam Targeting the Olympics appeared first on Security Boulevard.
The FTC found in a review of studies that more than three-quarters of websites and apps used dark patterns to deceptively manipulate consumers into buying products they didn't want or to hand over information.
The post Most Websites and Apps Use Dark Patterns to Cheat Consumers: FTC appeared first on Security Boulevard.
A survey of 322 IT and security professionals finds nearly two-thirds (63%) have confidence in the effectiveness of their organizationβs data security measures with another 30% uncertain despite the volume of breaches and ransomware attacks being regularly reported.
The post Survey Finds Confidence in Data Security Despite Ransomware Scourge appeared first on Security Boulevard.
Hardware VPNs are the primary method the enterprise uses to connect remote, or what we now call the hybrid workforce, to the IT tools that power our digital economy.
The post Hard Truths about Remote Access Hardware VPNs appeared first on Security Boulevard.
Cloud security in 2024 is akin to playing a team sport β it requires clear communication and collaboration between technology vendors and customers.
The post The Team Sport of Cloud Security: Breaking Down the Rules of the Game appeared first on Security Boulevard.
A survey of 1,031 CISOs finds that cybersecurity leaders are paradoxically getting more comfortable with current levels of risks at a time when CEOs may be finally becoming more cautious.
The post Survey Sees Modern CISOs Becoming More Comfortable With Risk appeared first on Security Boulevard.
Google and Apple look to give users better protections against social engineering attacks like phishing, with Google giving high-risk users access to the APP service with a passkey and Apple educating users about the threats with a detailed support document in the wake of a recent smishing campaign.
The post Google and Apple Move to Strengthen User Protections appeared first on Security Boulevard.
The DOJ, FBI, and counterparts in Canada and the Netherlands seized two domains and 968 social media accounts on X that were being used to spread Russian disinformation in the United States and elsewhere.
The post DOJ Shutters Massive Russian Bot Farm Spreading Disinformation appeared first on Security Boulevard.
MD5 MITM Muddle: Ancient, widely used protocol has CVSS 9.0 vulnerability.
The post βBlast-RADIUSβ Critical Bug Blows Up IT Vacation Plans appeared first on Security Boulevard.
Three crucial ways to achieve zero-trust through your PAM strategy, ensuring that every privileged user session within your IT environment is safe by design.
The post 3 Ways to Achieve Zero-Trust With Your PAM Strategy appeared first on Security Boulevard.
Grasping how biometric attacks work is crucial for organizations to make informed decisions based on actual threat intelligence.
The post Deepfake Threats and Biometric Security Vulnerabilities appeared first on Security Boulevard.
As cyberthreats continue to increase, automation and proactive measures will be essential for mitigating the risks associated with third-party relationships and safeguarding valuable data and infrastructure.
The post Beyond Checklists: The Rise of Automated Vendor Assessment and Enhanced Security appeared first on Security Boulevard.
APT40, a threat group backed by China's government, quickly adapts POC exploits of popular software like Microsoft Exchange and Log4j to attack corporate and government networks in the U.S., Australia, and elsewhere, according to an alert issued by government security agencies around the world.
The post China-Backed Threat Group Rapidly Exploits New Flaws: Agencies appeared first on Security Boulevard.
Credential crunch: Ten billion plain-text passwords in a fileβsky falling or situation normal?
The post Biggest Ever Password Leak β but is ObamaCareβs RockYou2024 Really NEW? appeared first on Security Boulevard.
While thereβs no one-size-fits-all option for securing the cloud, next-generation agents thrive in these fast-moving environments and serve as the critical component of any cloud security strategy.
The post Unleashing the Power of Next-Gen Agents for Robust Cloud-Native Security appeared first on Security Boulevard.
The need for robust authentication mechanisms has become paramount in the ever-evolving landscape of digital security.
The post Navigating Authentication Challenges: A Closer Look at Contemporary CIAM appeared first on Security Boulevard.
Data breaches are growing more prevalent and sophisticated, and companies must make every effort to minimize the impact of an attack.
The post Minimize Data Breaches with Planning, Transparency and Technology appeared first on Security Boulevard.
The supplier performance risk system (SPRS) is a database maintained by the DoD that βutilizes suppliersβ performance data in areas of product delivery and quality to rate performance and predict potential risk.β
The post Why SPRS Matters and 4 Steps to Improve Your Security Posture appeared first on Security Boulevard.
Even as manufacturers tackle convenience issues, the need for digital trust throughout EV infrastructure and ecosystems still remains.
The post Balancing Security and Convenience with EV Charging appeared first on Security Boulevard.
While many organizations are adopting AI at an alarming pace to gain efficiencies and lower operating costs through technology and headcount reduction, they may also be sacrificing their security.
The post Human Vigilance is Required Amid AI-Generated Cybersecurity Threats appeared first on Security Boulevard.
Researchers claim to have uncovered what they claim is the biggest cache of stolen credentials ever found.
The post Researchers Discover Cache of Billion Stolen Passwords appeared first on Security Boulevard.
Spackle attack: Chinese company takes over widely used free web serviceβalmost 400,000 websites at risk.
The post βPolyfillβ Supply Chain Threat: 4x Worse Than We Thought appeared first on Security Boulevard.
Login