The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has appointed Kiersten Todt as its new chief of staff. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced to have appointed Kiersten Todt as its new chief of staff, she will replace Acting Chief of Staff Kate Nichols. “The Cybersecurity and Infrastructure Security Agency (CISA) announced today Kiersten […]
The post US CISA appointed Kiersten Todt as new chief of staff appeared first on Security Affairs.
Read More US CISA appointed Kiersten Todt as new chief of staff
Microsoft Patch Tuesday security updates for September 2021 addressed a high severity zero-day flaw actively exploited in targeted attacks. Microsoft Patch Tuesday security updates for September 2021 addressed a high severity zero-day RCE actively exploited in targeted attacks aimed at Microsoft Office and Office 365 on Windows 10 computers. The flaw, tracked as CVE-2021-40444, resides in the MSHTML, […]
The post Microsoft Patch Tuesday fixes CVE-2021-40444 MSHTML zero-day appeared first on Security Affairs.
Read More Microsoft Patch Tuesday fixes CVE-2021-40444 MSHTML zero-day
A day after Apple and Google rolled out urgent security updates, Microsoft has pushed software fixes as part of its monthly Patch Tuesday release cycle to plug 66 security holes affecting Windows and other components such as Azure, Office, BitLocker, a…
Read More Microsoft Releases Patch for Actively Exploited Windows Zero-Day Vulnerability
As part of our upcoming attendance at the International Cyber Expo & International Security Expo, we were lucky enough to sponsor The Cyber Security Webinar Series with Nineteen Group and Grey Hare Media. Both Philip Ingram MBE and Emanuel Ghebreye…
Read More Understanding the Benefits of Managed Cyber Services
Apple’s iPhone 13 Pro series, announced today, brings major improvements in connectivity, performance, camera and display. The 6.1-inch iPhone 13 Pro and the 6.7-inch Pro Max use the same design as the iPhone 12 Pro. Not that this is a problem – the phone still looks stunning with its shiny steel band and matte glass […]
The post Apple iPhone 13 Pro and iPhone 13 Pro Max are here first appeared on IT World Canada.
Read More Apple iPhone 13 Pro and iPhone 13 Pro Max are here
Learn about the Transformational Cybersecurity Leader and Operational Cybersecurity Exective triads.
Read More Cybersecurity Leadership Triads
For nearly two years, much of the world has been living online – conducting business, holding meetings, educating and being educated, and retaining some semblance of a normal social life. Businesses have been particularly hard pressed to not only keep clients happy and feeling appreciated but also ensure employees have everything they need to perform […]
The post Why there must be a renewed focus on business continuity first appeared on IT World Canada.
Read More Why there must be a renewed focus on business continuity
Adobe releases security updates for 59 bugs affecting its core products, including Adobe Acrobat Reader, XMP Toolkit SDK and Photoshop.
Read More Adobe Snuffs Critical Bugs in Acrobat, Experience Manager
Microsoft today pushed software updates to plug dozens of security holes in Windows and related products, including a vulnerability that is already being exploited in active attacks. Also, Apple has issued an emergency update to fix a flaw that’s reportedly been abused to install spyware on iOS products, and Google’s got a new version of Chrome that tackles two zero-day flaws. Finally, Adobe has released critical security updates for Acrobat, Reader and a slew of other software.
Read More Microsoft Patch Tuesday, September 2021 Edition
T-Mobile customers should change their password and PIN and set up two-step verification to protect their accounts.
Read More T-Mobile was breached: Here’s how to protect your account
Apple on Monday issued emergency security updates for iOS, macOS and its other operating systems to plug a hole that Canadian researchers claimed had been planted on a Saudi political activist’s device by NSO Group, an Israeli seller of spyware and …
Read More Apple hits the alarm with multi-OS emergency update to patch zero-click flaw
Some people would rather pay money for a phony vaccine card than get the actual shot for free, according to Check Point Research.
Read More Dark Web sees spike in fake COVID vaccine card sales
At its big September event Tuesday, Apple showed us how powerful chips boosted by software and hardware integration and bespoke machine intelligence can deliver real value to every user.What Apple introduced
Read More Apple’s big reveal — the iPhone 13 — seems lucky for most
The company seemingly confirmed all the p…
T-Mobile data breach under investigation by Massachusetts attorney general Maura Healey
Read More Massachusetts AG Launches Probe into T-Mobile Data Breach
On Patch Tuesday, Microsoft fixed 66 CVEs, including an RCE bug in MSHTML under active attack as threat actors passed around guides for the drop-dead simple exploit.
Read More Microsoft Patches Actively Exploited Windows Zero-Day Bug
Latvian vendor MikroTik revealed that recently discovered Mēris botnet is targeting devices that were compromised three years ago. Last week, the Russian Internet giant Yandex has been targeting by the largest DDoS attack in the history of Runet, the Russian Internet designed to be independent of the world wide web and ensure the resilience of the country to an […]
The post Mēris Bot infects MikroTik routers compromised in 2018 appeared first on Security Affairs.
Read More Mēris Bot infects MikroTik routers compromised in 2018
Saryu Nayyar, CEO at Gurucul, peeks into Mitre’s list of dangerous software bug types, highlighting that the oldies are still the goodies for attackers.
Read More 2021’s Most Dangerous Software Weaknesses
The general who leads U.S. efforts to thwart foreign-based cyberattacks, and punish those responsible, says he’s mounting a “surge” to fight incursions that have debilitated government agencies and companies responsible for critical infrastructure.
Read More General Promises US ‘Surge’ Against Foreign Cyberattacks
Israeli-British cybersecurity company to buy leading VPN provider in deal worth nearly $1bn
Read More Kape Technologies to Acquire ExpressVPN
Today’s VERT Alert addresses Microsoft’s September 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-964 on Wednesday, September 15th. In-The-Wild & Disclosed CVEs CVE-2021-40444 This CVE…
Read More VERT Threat Alert: September 2021 Patch Tuesday Analysis
Double trouble: two zero-days, patched in the same emergency update. So please don’t delay – patch today!
Read More Apple products vulnerable to FORCEDENTRY zero-day attack – patch now!
Microsoft on Tuesday shipped a major security update to blunt zero-day attacks targeting a gaping hole in its proprietary MSHTML browsing engine.
Read More Patch Tuesday: Microsoft Plugs Exploited MSHTML Zero-Day Hole
Apple has spent the past week rushing to develop a fix for a major security flaw which allows spyware to be downloaded on an iPhone or iPad without the owner even clicking a button. But how do such “zero-click” attacks work, and can they be stopped?…
Read More Apple Security Flaw: How do ‘Zero-Click’ Attacks Work?
Read More Paving the Way: Inspiring Women in Payments – A Q&A Featuring Zeal Somani
Women alone can be powerful. But women who empower each other can have an even greater impact. In this edition of our blog, Zeal Somani, who was greatly influenced by her grandmother and by her female colleagues, explains that formi…
This is a current list of where and when I am scheduled to speak:
Read More Upcoming Speaking Engagements
A high severity vulnerability, tracked as CVE-2021-3437, in HP OMEN laptop and desktop gaming computers exposes millions of systems to DoS and privilege escalation attacks. Millions of HP OMEN laptop and desktop gaming computers are exposed to multiple attacks by a high severity vulnerability tracked as CVE-2021-3437 that was discovered by SentinelLabs researchers. “Potential security vulnerabilities […]
The post Millions of HP OMEN gaming PCs impacted by CVE-2021-3437 driver flaw appeared first on Security Affairs.
Read More Millions of HP OMEN gaming PCs impacted by CVE-2021-3437 driver flaw
Social media is overflowing with quizzes, surveys and opportunities to tell the world about yourself. Learn why you should skip these to protect yourself and your identity.
Read More Why you should avoid those fun social media “tell us about yourself” questions
The cornerstone of Chinese national and international policy is a fundamental principle: China First. So, while its new data privacy law, the Personal Information Protection Law (PIPL), will provide solid protection for its people’s personal informatio…
Read More The Implications of China’s New Personal Information Protection Law
The Facebook-owned messaging service plans to roll out the feature to both iOS and Android users in the coming weeks.
Read More WhatsApp announces end‑to‑end encrypted backups
The post WhatsApp announces end‑to‑end encrypted backups appeared first on WeLiveSecurity
Coffee Briefings are timely deliveries of the latest ITWC headlines, interviews, and podcasts. Today’s Coffee Briefing is delivered by IT World Canada reporter Pragya Sehgal, with files from the rest of the editorial team! Missed last week’s Coffee Briefing? We’ve got you covered. What’s new this week Ransomware remained the standout threat in America as […]
The post Coffee Briefing, Sept. 14, 2021 – Uber partners with Aeroplan; new Twitter features; and more first appeared on IT World Canada.
Read More Coffee Briefing, Sept. 14, 2021 – Uber partners with Aeroplan; new Twitter features; and more
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday announced that it has appointed Kiersten Todt as its new chief of staff.
Read More CISA Appoints Kiersten Todt as New Chief of Staff
Attention, my fellow Android-owning hominids: Your favorite virtual assistant is learning a few new skills.Google Assistant is in the midst of getting some significant upgrades on Android — small-seeming features that could have a supersized impact …
Read More 3 new time-saving Assistant tricks to try on Android
Switzerland’s national postal organization Swiss Post is offering bug bounty rewards of up to €230,000 (roughly $271,000) for critical vulnerabilities identified in a future digital voting system.
Read More Swiss Post Offers up to €230,000 for Critical Vulnerabilities in e-Voting System
Apple released security updates trying to solve two zero-day vulnerabilities that were exploited in the wild to attack iPhones and Macs. The flaw in the latest Apple software release facilitates Pegasus Spyware to be installed on the above-mentioned de…
Read More Apple IOS Zero-day Vulnerabilities Running Rampant in 2021
Users searching for TeamViewer remote desktop software on search engines like Google are being redirected to malicious links that drop ZLoader malware onto their systems while simultaneously embracing a stealthier infection chain that allows it to ling…
Read More New Stealthier ZLoader Variant Spreading Via Fake TeamViewer Download Ads
A five-year study conducted by cybersecurity firm Imperva showed that nearly half of on-premises databases globally have at least one vulnerability that could expose them to attacks.
Read More Nearly Half of On-Premises Databases Vulnerable to Attacks: Study
What is Sextortion? Sextortion is a scam via email or any other medium to blackmail the victim and…
Read More Sextortion Scam: Blackmail scam emails that demand Bitcoin
The post Sextortion Scam: Blackmail scam emails that demand Bitcoin appeared first on Quick Heal Blog | Latest computer security news, tips, and advi…
Google on Monday released security updates for Chrome web browser to address a total of 11 security issues, two of which it says are actively exploited zero-days in the wild.
Read More Update Google Chrome to Patch 2 New Zero-Day Flaws Under Attack
Tracked as CVE-2021-30632 and CVE-2021-30633, the vulner…
Cybersecurity ratings company BitSight on Monday announced receiving a $250 million investment from credit ratings giant Moody’s in a deal valuing BitSight at $2.4 billion.
Read More BitSight Raises $250 Million at $2.4 Billion Valuation
BitSight said it will use the money to further enhance its offerings and capabi…
Designed to combat zero-day flaws exploited in Apple’s operating systems, the patch applies to the iPhone, iPad, Apple Watch and Mac.
Read More Apple releases emergency patch to protect all devices against Pegasus spyware
Some form of malicious activity was detected on roughly one-third of the industrial control system (ICS) computers monitored by Kaspersky in the first half of 2021.
Read More Belarus, Ukraine Saw Largest Increase in ICS Attacks During H1 2021: Kaspersky
Since the outbreak of the Covid-19 pandemic last year, and the necessary uptake in video collaboration, Zoom has become the go-to video answer for a lot of companies. At this week’s Zoomtopia event, the company spelled out how it plans build on its …
Read More Zoom talks up a video-centric workplace
Cybersecurity researchers on Tuesday disclosed details about a high-severity flaw in the HP OMEN driver software that impacts millions of gaming computers worldwide, leaving them open to an array of attacks.
Read More HP OMEN Gaming Hub Flaw Affects Millions of Windows Computers
Tracked as CVE-2021-3437 (CVSS score: 7.8), …
User and device management provider JumpCloud on Monday announced that it has raised $159 million in Series F funding at a $2.56 billion valuation. To date, the company has raised $350 million in funding.
Read More JumpCloud Raises $159 Million at $2.56 Billion Valuation
When President Joe Biden issued an executive order for a vaccine mandate for all federal workers and contractors—and a requirement that all businesses with 100 or more workers either mandate vaccines or regular testing for employees—I was all in fav…
Read More Don’t fight the COVID-19 vaccine mandate
Security researchers discovered an unauthorized Cobalt Strike Beacon Linux version used in attacks against companies all across the world. Cobalt Strike is a legitimate penetration testing tool created as an attack framework for red teams (security pro…
Read More A Version of Linux Cobalt Strike Beacon Is Being Used in Ongoing Attacks
Every once in a while, an industry term will get overused by marketing to the point of becoming a cliche. “Zero Trust” may have reached this threshold.
Read More Zero Trust Requires Cloud Data Security with Integrated Continuous Endpoint Risk Assessment
In some ways, we understand why this is happening. Security perimeters have become obsolete as peopl…
Discover the best ways to mitigate your organization’s attack surface, in order to maximize cybersecurity.
Read More What is a cyberattack surface and how can you reduce it?
The post What is a cyberattack surface and how can you reduce it? appeared first on WeLiveSecurity