Cyber News

Because complete isolation is not practical for most networks, network segments, and devices, perimeter controls are needed to limit who and what can get inside the network.

Using this tool, security professionals can conduct zero trust assessments of AWS environments to help identify the potential gaps in an organization’s AWS security posture that can put data at risk.

Although the BGP routing leak occurred in Vodafone's autonomous network (AS55410) based in India, it has impacted U.S. companies, including Google, according to various sources.

Google Project Zero will be shifting from a 90-day deadline to a new model that incorporates a new 30-day grace period to gives users time to install patches before technical details are revealed.

Did you know you are 100 times more likely to lose a laptop or mobile devices than have it stolen? When you are traveling, always double-check to make sure you have your devices with you, such as when leaving airport security, exiting your taxi or check out of your hotel.

New research sheds light on cyberattack incidents by the nation-backed cybercriminal groups, revealing a 100% rise in nation-state incidents between 2017 and 2020.

A previously undocumented malware downloader has been spotted in the wild leveraging phishing attacks to deploy credential stealers and other malicious payloads.

U.S. federal investigators are purportedly looking into a security breach at Codecov, a platform used to test software code with more 29,000 customers worldwide, Reuters reported on Saturday.

European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result of the SolarWinds supply chain attack in a response to a question filed by an EU Parliament member.

A high-level manager and systems administrator associated with the FIN7 threat actor has been sentenced to 10 years in prison, the U.S. Department of Justice announced Friday. Fedir Hladyr, a 35-year-old Ukrainian national, is said to have played a crucial role in a criminal scheme that compromised tens of millions of debit and credit cards, in addition to aggregating the stolen information,

People talk about the cybersecurity job market like it's a monolith, but there are a number of different roles within cybersecurity, depending not only on your skill level and experience but on what you like to do. In fact, Cybercrime Magazine came up with a list of 50 cybersecurity job titles, while CyberSN, a recruiting organization, came up with its own list of 45 cybersecurity job categories

Amid the cascade of U.S. sanctions imposed on Russian cybersecurity companies and officials alleged to be operating on behalf of the Kremlin’s intelligence services, one company stood out: the Fresh Air Farm House in Karachi, Pakistan.

A high-level manager of cybercrime group FIN7, also known as the Carbanak Group and the Navigator Group, has been sentenced to ten years in prison, the Department of Justice reports.

The BazarLoader downloader, written in C++, has the primary function of downloading and executing additional modules. BazarLoader was first observed in the wild last April – and since then researchers have observed at least six variants.

Sweetgreen is one of a number of high-profile customers listed on the website of Codecov, which suffered a breach that some believe could have widespread security implications.

Juniper Networks addressed a critical vulnerability in Junos OS, tracked as CVE-2021-0254, that could allow an attacker to remotely hijack or disrupt affected devices. This flaw stems from the improper buffer size validation, which c

Divers find three-foot “blobs” — egg sacs of the squid Illex coindetii — off the coast of Norway.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

Cyber insurance is gaining favor in the business world. An expert offers tips on how to get what's needed for the best price.

Two cyberattack campaigns are making the rounds using unique social-engineering techniques.

Security Boulevard recently listed the “Top-21 Cybersecurity Experts You Must Follow on Twitter in 2021.” I came in at #7. I thought that was pretty good, especially since I never tweet. My Twitter feed just mirrors my blog. (If you are one of the 134K people who read me from Twitter, “hi.”)