Security News
DeltaNet International announced the availability of its Phishing Simulator, to help organizations strengthen their cybersecurity awareness training against phishing attacks. The phishing simulation tool can be used simply to test the susceptibility of an organization from falling victim to a phishing attack, but when combined with follow-up training to close knowledge and risk gaps, users can experience true added value.
Microsoft patched two bugs in its Chromium-based Edge browser last week, one of which could be used by an attacker to bypass security and to remotely inject and execute arbitrary code on any website just by sending a message. The flaw stems from a universal cross-site scripting issue that's triggered when automatically translating web pages using the Edge browser's built-in Microsoft Translator feature: a feature through which the browser automatically prompts users to translate a webpage when the page is in a language other than those listed under the user's preferred languages in settings.
The UN Security Council on Tuesday will hold its first formal public meeting on cybersecurity, addressing the growing threat of hacks to countries' key infrastructure, an issue Joe Biden recently raised with his Russian counterpart Vladimir Putin. Tuesday's meeting, called by Estonia which heads the Council for the month of June and is a leader in the fight against hacking, is itself being held online, at a ministerial level.
NVIDIA gaming graphics software called GeForce Experience, bundled with the chipmaker's popular GTX GPU, is flawed and opens the door to a remote attacker that can exploit the bug to steal or manipulate data on a vulnerable Windows computer. NVIDIA notified customers late last week of the bug and released a software patch for the flaw, which is present in its GeForce Experience Windows software.
New survey finds that the attack also motivated more information sharing within the industry and improved supply chain security. The good news is that security teams are beefing up network defenses, but the bad news is that most companies have recently suffered a cybersecurity incident that required a board meeting.
New survey finds that the attack also motivated more information sharing within the industry and improved supply chain security. The good news is that security teams are beefing up network defenses, but the bad news is that most companies have recently suffered a cybersecurity incident that required a board meeting.
SOC burnout is real: 3 preventative steps every CISO must takeFor those that spend every day as a security professional and for anyone who truly appreciates the demands applied to these essential security team members, burnout is a harsh reality. Cloud security skills in high demandCloud security is critically important for organizations across the globe as adoption of cloud infrastructure continues to grow at a rapid clip.
After enabling two-factor authentication, one player was able to sign back in without issue, according to posts on the PS3 subreddit, which includes a link to instructions on how to opt into 2FA on the PS3. It appears threat actors have started using the stolen PS3 console IDs for malicious purposes, causing the legitimate players to get banned. Another player on the PSNProfies forum put the stolen PS3 IDs and the ban together back on June 18.
The response to the Colonial Pipeline ransomware attack may be the first step in doing just that. Bryan Oliver, a senior analyst at Flashpoint said that the response from governments in the wake of the Colonial Pipeline attack has made it harder for ransomware groups to recruit partners.
Jeremiah Grossman's Bit Discovery has banked another $4 million in venture capital funding to compete in the crowded attack surface management space. Bit Discovery has raised a total of $6.6 million to build and sell an attack surface management tool to help security programs to identify and manage Internet-connected assets.