LATEST POST
MOVEit Was a SQL Injection Accident Waiting to Happen
Omkhar Arasaratnam writes that the same type of attack that took advantage of poor security in 1998 is still taking advantage of poor security in 2023. He writes: SQL injection — among the lowest hanging of security fruit — is still included in the Open Worldwide Application Security Project (OWASP) Top 10 list of security […]
Broward County Declines Investigation into Admin Data Breach
The Florida county’s State Attorney’s office declined to formally investigate former Schools Superintendent Robert Runcie and two other former administrators for attempting to hide a massive March 2021 ransomware attack from the public. Broward County, Fla., prosecutors have declined to launch a formal investigation into former Schools Superintendent Robert Runcie and two other former administrators’ […]
Bringing Safety check to the chrome://extensions page
And some good news for consumers (for a change!). Google will be introducing a new “Safety Check” feature in Chrome 117 that will warn you if an extension might be malware or if there is some concern about it. Read more of this article at Extension Safety Hub.
This well-known smart bulb can be hacked to steal your Wi-Fi password
Can a smart bulb be hacked to steal your wi-fi password? Researchers say one of the best-selling and most popular smart bulbs in the world has vulnerabilities that put your security at risk. Read more of this article by By Elizabeth George at Gearrice.
Sneaky Amazon Google ad leads to Microsoft support scam
A legitimate-looking ad for Amazon in Google search results redirects visitors to a Microsoft Defender tech support scam that locks up browsers. Read more of this article by Lawrence Abrams at Bleeping Computer
Haggling With Hackers: Surprising Lessons From 50 Negotiations With Ransomware Gangs
You’ve become the victim of a ransomware attack and received a ransom demand that is not something you can afford. Can you negotiate with the ransomware gang? Yes, you can, and it may save you money if you do your homework first on different gangs and negotiators. Read more of this article By Christopher Janaro […]
The Shifting Dynamics of Cyber Insurance
With the increased threat landscape and the increasing likelihood that clients will be attacked, cyberinsurers now require more extensive assessments and increased costs to renew policies. Erik Decker, vice president and CISO of Intermountain Healthcare, outlined five critical controls that cyber insurance providers look for when assessing an organization’s eligibility for coverage: endpoint detection and […]
India Passes Digital Personal Data Protection Act
Stephen Mathias from Kochhar & Co. reports that in early August 2023, the Indian Parliament passed the Digital Personal Data Protection Act (the “Act”), bringing to a close a 5-year process to enact an omnibus data privacy law in India. The Act was ratified by the President of India and will come into effect once notified […]