Category: Cybersecurity Insiders

Are you one of those who play games by investing real money to earn double or triple the amount in return? If yes, then you should be wary of scammers who are indulging in various kinds of gaming frauds. Account…

Read more →

“Cloud is the present, and the future. It affects everything, every day, both in business and our personal lives.” With these words Panagiotis Soulos summarizes his philosophy of why the CCSP credential is important to any cybersecurity professional. Panagiotis holds…

Read more →

AT&T Alien Labs researchers have discovered a new variant of BlackGuard stealer in the wild, infecting using spear phishing attacks. The malware evolved since its previous variant and now arrives with new capabilities. Key takeaways: BlackGuard steals user sensitive information…

Read more →

News is breaking about a software supply chain attack on the 3CX voice and video conferencing software. 3CX, the company behind 3CXDesktopApp, states to have more than 600,000 customers and 12 million users in 190 countries. Notable names include American…

Read more →

Seasoned CISOs/CSOs understand the importance of effectively communicating cyber risk and the need for investment in cybersecurity defense to the board of directors. To ensure cybersecurity becomes a strategic part of the corporate culture, it is crucial for CISOs to…

Read more →

Zero trust security has become a buzzword in the cybersecurity world, emphasizing the need for a more robust and reliable security model. While most guides and articles focus on the technical aspects, there is a crucial element often overlooked: the…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  News broke in early February that the ACN,…

Read more →

Apple has almost made it official that it has acquired WaveOne company that uses Artificial Intelligence technology to compress videos. Well, the tech company did not release a press statement on the issue yet. But one of the former employees…

Read more →

alphaMountain has launched a new platform called “threatYeti,” designed to aid cyber threat analysts, security researchers, and in-house security operations teams with domain research. Built on alphaMountain’s domain and IP threat intelligence APIs, threatYeti is a browser-based investigation tool that…

Read more →

As the fear of AI machines grips most technologists, Tesla’s chief’s latest words are playing the role of a catalyst to intensify the buzz. Speaking during a conference at SpaceX’s Starbase Facility, Elon Musk expressed fears that robots might launch…

Read more →

KillNet is bad for your health, TikTok facing further bans, ransomware impacts cancer test results, Russia allegedly increasing its cyberwarfare efforts.   By Joe Fay  Microsoft Demonstrates How KillNet Is Bad for Our Healthcare Sector  Microsoft has highlighted a rise in…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  “While defenders pursue the most powerful and advanced…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Mobile security refers to the technologies and processes…

Read more →

OpenAI-developed conversational AI ChatGPT is hitting the news headlines almost daily, and as it is now a part of Microsoft, the software giant is also getting a lot of credit for devising such a tool that can do anything and…

Read more →

In 2021, the LockBit Ransomware group breached the servers of New York-based law firm HPMB and stole sensitive information from one of its healthcare-related clients. The stolen data included names, DOBs, social security numbers, driving license details, biometric information of…

Read more →

Attack simulation and penetration testing are both methods used to identify vulnerabilities in a company’s cybersecurity infrastructure, but there are some differences between the two. Penetration testing, also known as pen testing, involves a team of cybersecurity professionals attempting to…

Read more →

By John Weiler   FBI arrests Breached hacking forum leader, smartphones hijacked without any user involvement and 330,000 customers compromised in Australia by a data breach. Here are the latest threats and advisories for the week of March 24, 2023. Threat…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. ​ According to the Open Web Application Security Project…

Read more →

By Muhammad Chbib, CEO of Autobahn Security Is your organization suffering from cybersecurity paralysis? Many businesses are in cybersecurity panic-mode due to the steady stream of alarming news that ‘nobody is safe’ from hackers. While it’s true that all businesses are technically ‘hackable’, it’s…

Read more →

By Joe Fay The U.K. writes a cybersecurity prescription for the NHS and for social care, data protection hardware is becoming a big security gap, security specialist MITRE partners up to tackle supply chain security threats, while the E.U. turns…

Read more →

This month, we asked women in the (ISC)² Blog Volunteers group to weigh in on a few questions from their perspective as a female working in cybersecurity. While their experiences in the industry have varied, this group unanimously responded that…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Introduction: Dridex, also known as Cridex or Bugat,…

Read more →

China has urged Apple CEO Tim Cook to bolster its products’ data security and privacy protections. While, most people in the United States believe that Apple offers iPhones and Macs with the utmost security, Zheng Shanjie, the Chairperson of the…

Read more →

If you handle consumer financial data, you need to be aware of the U.S. Federal Trade Commission‘s (FTC) revised Safeguards Rule cybersecurity regulation. The rule applies to a wide range of businesses, including those that may not consider themselves to be financial institutions.…

Read more →

A report compiled by Barclays states that the amount of money lost in romance scams has reached an average of £10k in the UK in the last 6-8 months. This amount is what fraudsters earn on average, and the actual…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Customers’ willingness to give you their personal data…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  In today’s digital world, it’s no surprise that…

Read more →

Twitter issued a public statement stating that parts of its source code were leaked on GitHub and that its officials were trying their best to file a DMCA to take down the leaked content from the web and identify the…

Read more →

OpenAI-developed ChatGPT has hit the news headlines because user information has been leaked on the web by some threat actors who claim to have accessed and stolen data from the database of the OpenAI platform via a bug vulnerability. As…

Read more →

Artificial intelligence (AI) and machine learning (ML) are two terms that are often used interchangeably, but they are not the same. As AI and ML are related, but they have distinct differences. In this article, we will explore the differences…

Read more →

Are you ready to take your (ISC)² exam? If so, there is a slight change to the process! When you’re ready to schedule your exam, please log in to your account at isc2.org.* Whether you’re pursuing your first (ISC)² certification,…

Read more →

Health-ISAC, a nonprofit, private sector, member-driven organization, has released its annual cyber threat report on current and emerging threat activity in the healthcare industry, in collaboration with Booz Allen Hamilton Cyber Threat Intelligence. The report provides actionable intelligence to healthcare…

Read more →

Microsoft has detected that a Russian-affiliated hacking group dubbed Killnet has been targeting healthcare apps being hosted on the Azure cloud platform. The tech giant claims that the activity has occurred for over three months, i.e. between November 2022 and…

Read more →

For the first time in the Indian history and probably in the world, the police officials of Hyderabad City of Telangana, India have arrested a gang for committing data thefts and selling data of appx 16.8 crore citizens including 1.2…

Read more →

By Gal Helemski, co-founder and CTO, PlainID The number of access rules that must be managed across directories, applications, repositories, and other platforms by today’s digitally oriented enterprises is growing at an unprecedented pace. One of the major security headaches…

Read more →

AT&T Alien Labs researchers have discovered a new variant of BlackGuard stealer in the wild, infecting using spear phishing attacks. The malware evolved since its previous variant and now arrives with new capabilities. Key takeaways: BlackGuard steals user sensitive information…

Read more →

The law enforcement agencies from South Korean and Germany have issued a red-alert against a threat actor named Kimsuky for using rogue browser extensions to steal data from the Gmail inboxes of users. Issuing a statement on a joint note,…

Read more →

When a smartphone starts recording a conversation that took place in its vicinity without the knowledge of the user, it leads to the crisis of ‘Sonic Snooping’. And according to a study made by cybersecurity specialists from NORDVPN, this phenomenon…

Read more →

Is your organization doing enough to protect its environment from hackers? In 2021, U.S. companies lost nearly $7 billion to phishing scams, malware, malvertising, and other cybercrimes. Experts estimate that by 2025, such schemes will cost businesses worldwide more than…

Read more →

By John E. Dunn  Two arrests for alleged ransomware crimes and some useful intel. But will the latest Europol action make any difference?  Following an international operation encompassing law enforcement agencies in Germany, Ukraine, the Netherlands and the U.S., Europol…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Customers’ willingness to give you their personal data…

Read more →

Ransomware is a form of malicious software (malware) that restricts access to computer files, systems, or networks until a ransom is paid. In essence, an offender creates or purchases ransomware, then uses it to infect the target system. Ransomware is…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. ​ According to the Open Web Application Security Project…

Read more →

The latest meeting that took place between two powerful leaders of the world has given the world the hint that both these leaders intend to rule the fields related to Information Technology, Cyber Security and Artificial Intelligence in the near…

Read more →

Cybercriminals are smarter, faster, and more relentless in their attacks than in times past. Data breaches are a serious threat to organizations, but vulnerability management automation can help reduce the number of incidents businesses face each year. Managing vulnerabilities is…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  “Why are you here if you cannot decrypt…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  More and more, people are completing the entire…

Read more →

With the increasing need for online privacy and security, Virtual Private Networks (VPNs) have become a popular solution for internet users. VPNs allow users to access the internet securely and privately by encrypting their internet traffic and hiding their IP…

Read more →

Firewall optimization (also known as firewall analysis) is the process of analyzing and adjusting the configuration and policy set of a firewall to improve performance and security. This process involves reviewing and corelating log data and device configurations, identifying potential…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  In a highly connected, internet-powered world, transactions take…

Read more →

For some of you, the phrase “Shoulder Surfing” might be new or you might assume it to be synonymous, but is not in practical. What is Shoulder Surfing? It is nothing but a threat actor trying to gain sensitive information…

Read more →

Ferrari, the luxury car maker has made an official announcement that some of its systems were operating under control of hackers, resulting in a data breach. The company immediately pulled down the compromised servers from the corporate computer network and…

Read more →

By John E. Dunn  Phishing attacks depend on creating huge numbers of lookalike ‘confusable’ domains. A new report has highlighted the most prevalent examples and suggested a way to detect phishing domains before they are used in anger.   Ever since…

Read more →

Some of the biggest prevailing challenges in the cybersecurity world over the last year have been those revolving around securing the software supply chain across the enterprise. The software that enterprises build for internal use and external consumption by their…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  News broke in early February that the ACN,…

Read more →

Google’s dedicated team of cybersecurity researchers from ‘Project Zero’ have found a flaw in Samsung Exynos Modems that can give unauthorized data access to hackers, without the knowledge of users. And it’s discovered that the vulnerability allows a cyber criminal…

Read more →

After the release of ChatGPT in November 2022, the OpenAI CEO and the people behind the conversational chatbot launch say that they are equally scared of the negative consequences that the newly developed technology can fetch in the future. Sam…

Read more →

Cybercriminals pounce on SVB collapse, privacy concerns around ChatGPT and the FBI warns of a rise in crypto scams. Here are the latest threats and advisories for the week of March 17, 2023.    By John Weiler  Threat Advisories and Alerts …

Read more →

The U.K. Online Safety Bill triggers a security rebuke from WhatsApp, the Czech Republic concerned about TikTok, an international law enforcement effort shuts down the NetWire RAT infrastructure, while a study suggests workforce malaise towards reporting security incidents.   By Joe…

Read more →

After Rubrik, Hitachi Energy issued a public statement that some of its customer accounts might have been compromised, after a ransomware attack took place on a third-party software called Fortra GoAnywhere MFT. Clop ransomware gang is the company that managed…

Read more →

All these days, we have seen cyber criminals infiltrating networks and taking down computers. But after the spread of the Covid-19 pandemic, the focus of hackers has shifted more towards the smart phones with more phishing and social engineering attacks…

Read more →

By Nidhi Kannoujia, (ISC)² Candidate  The cybersecurity industry is a dynamic and promising field that welcomes diverse perspectives. It requires individuals who understand the intricacies of other industries since security is a collective responsibility. While the security industry is embracing diversity,…

Read more →

What have all these webinars got in common? They feature women at the top their cybersecurity game. March 8, 2023, is International Women’s Day, a focal point for recognizing the achievements and contributions that women have made to every element of…

Read more →

On International Women’s Day, we look back at the legacy of Rear Admiral Grace Hopper, an innovator and trailblazer in software development and standards for testing computer systems and components.  It would be wrong, as we reach International Women’s Day…

Read more →

Spoiler alert: the obvious answer is not always the correct one! Migrating services, apps and data to the cloud is both promising and challenging. The advantages of scalability, flexibility, reduced operational costs and supporting a hybrid workforce can be eliminated…

Read more →

Cybercrime may have less of a gender issue than cybersecurity, LastPass gives attack update, CISA warns on Royal ransomware gang while WHSmith and DISH Network count the cost after both suffer cyber attacks.  Study: Gender No Barrier To Participating In…

Read more →

Whenever we see a YouTube video that is informative, we tend to go through the description or ‘show more’ feature and have a habit of clicking on the links. What if the link leads us to a website that is…

Read more →

Australian firm Latitude Financial Services is hitting news headlines as a cyber attack on its servers has led to the data breach of 225,000 customers. Among the stolen data, a majority of the documents are related to driving licenses, employee…

Read more →

By John Weiler  Mexico timeshare scams, the DoppelPaymer ransomware gang gets busted and a major data leak rocks Oakland, California. Here are the latest threats and advisories for the week of March 10, 2023.   Threat Advisories and Alerts  FBI Issues…

Read more →

By Dave Cartwright, CISSP  In February 2023, something very unusual happened. Following a ransomware attack on Royal Mail International, a division of the U.K.’s (formerly state-owned) mail and parcel delivery service, the negotiation between the firm’s representatives and the LockBit…

Read more →

We are continuing the popular bi-monthly CPE credit quiz as we transition from InfoSecurity Professional to our new web-based content platform.  The first (ISC)² News and Insights CPE Credit Quiz of 2023 is now live. Every two months, we publish a…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Mobile security refers to the technologies and processes…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Integrating Cybersecurity in UX design The digital landscape…

Read more →

We’re so excited to announce our 2023 Partner of the Year awards. These annual awards recognize AT&T Cybersecurity partners that demonstrate excellence in growth, innovation, and implementation of customer solutions based on our AT&T USM Anywhere platform. AT&T Cybersecurity’s 2023…

Read more →

Cyber Criminals are smartly exploiting SmartScreen bugs in the Microsoft software to deliver Magniber Ransomware. And so far, the infection spread to thousands of devices, as the Windows operating giant in advance issued no red flag alerts. Google’s Threat Analysis…

Read more →

India is probably the only country in the world to provide free power to all of their farmers, as these folks provide the nation much needed food for survival. However, only a few states like Telangana are genuinely offering free…

Read more →

Major U.S. government and corporate breaches, the White House enforces TikTok ban and the NCSC issues zero trust guidance. Here are the latest threats and advisories for the week of March 3, 2023.  Threat Advisories and Alerts  NCSC Publishes Guidance…

Read more →

In 1999, the United States began to shape its QIS strategy. The first document on file is a Scientific and Technical Report (STR) entitled: “Quantum Information Science. An Emerging Field of Interdisciplinary Research and Education in Science and Engineering.” This…

Read more →

Ransomware is a form of malicious software (malware) that restricts access to computer files, systems, or networks until a ransom is paid. In essence, an offender creates or purchases ransomware, then uses it to infect the target system. Ransomware is…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. ​ According to the Open Web Application Security Project…

Read more →

China is using Artificial Intelligence technology for destruction and the latest developments stand as the best example to explain it in deep. Beijing has started using an AI developed Warship design program that enables the technical guys draw a complex…

Read more →

For the past 1 year or so, a museum is unable to access its artecraft database because of a ransomware attack on the servers of Gloucester City Council. The Phishing email attack took place in the year 2021 and the…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  More and more, people are completing the entire…

Read more →

This is unimaginable, but is taking place in practical, seriously! Russian ransomware gang BlackCat Ransomware group has targeted a hospital operating in Pennsylvania this time and are threatening to leak intimate photos of the patient, say their private parts, taken…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  “Why are you here if you cannot decrypt…

Read more →

All these days, the media was busy discussing the new AI-based conversational Chatbot ChatGPT. In the coming days, the discussions will shift a bit, towards a similar product named GPT-4, a Large Language Model (LLM) machine learning tool to generate…

Read more →

Spoiler alert: the obvious answer is not always the correct one! Migrating services, apps and data to the cloud is both promising and challenging. The advantages of scalability, flexibility, reduced operational costs and supporting a hybrid workforce can be eliminated…

Read more →

Cybercrime may have less of a gender issue than cybersecurity, LastPass gives attack update, CISA warns on Royal ransomware gang while WHSmith and DISH Network count the cost after both suffer cyber attacks.  Study: Gender No Barrier To Participating In…

Read more →

TikTok, the subsidiary of Chinese Conglomerate Byte Dance, has announced a new data security regime for European users and named it as “Project Clover”. The decision was taken amid building pressure from the lawmakers of the continent who expressed their…

Read more →

TikTok, the subsidiary of Chinese Conglomerate Byte Dance, has announced a new data security regime for European users and named it as “Project Clover”. The decision was taken amid building pressure from the lawmakers of the continent who expressed their…

Read more →

From 2024, the ECB will launch cyber attacks on major noted banks to check their IT infrastructure’s cyber resilience towards sophisticated attacks. Andrea Enria, the head of the ECB, announced the decision Supervisory, after banks operating in Europe observed a…

Read more →

We are continuing the popular bi-monthly CPE credit quiz as we transition from InfoSecurity Professional to our new web-based content platform.  The first (ISC)² News and Insights CPE Credit Quiz of 2023 is now live. Every two months, we publish a…

Read more →

Firewall optimization (also known as firewall analysis) is the process of analyzing and adjusting the configuration and policy set of a firewall to improve performance and security. This process involves reviewing and corelating log data and device configurations, identifying potential…

Read more →

Traditional vulnerability management is in need of a desperate change due to the lack of effectiveness in combating modern cyberattacks. It’s a bold statement, but true, nonetheless, because it’s just not enough. Numbers don’t lie, and the only direction the…

Read more →

We are excited to announce the winners of the 2023 Cybersecurity Excellence Awards! The 2023 Cybersecurity Excellence Awards honor individuals and organizations that demonstrate excellence, innovation and leadership in information security. With over 800 entries in more than 300 award…

Read more →

Major U.S. government and corporate breaches, the White House enforces TikTok ban and the NCSC issues zero trust guidance. Here are the latest threats and advisories for the week of March 3, 2023.  Threat Advisories and Alerts  NCSC Publishes Guidance…

Read more →

1.) A ransomware gang named Medusa is asking for a ransom of $1,000,000 from the Minneapolis Public Schools and has threatened to leak sensitive details if the victim fails to pay the demanded sum on time. MedusaLocker is a new…

Read more →

ChatGPT, the sensational conversational app of Microsoft, has been identified as a threat to national security due to its increased sophistication in phishing scams. The Silicon Valley sophisticated sensation developed by OpenAI has become a part of every tech discussion…

Read more →

By Nidhi Kannoujia, (ISC)² Candidate  The cybersecurity industry is a dynamic and promising field that welcomes diverse perspectives. It requires individuals who understand the intricacies of other industries since security is a collective responsibility. While the security industry is embracing diversity,…

Read more →

By Joe Fay China is ‘most active, and most persistent threat’ as government pinpoints need for a bigger and more diverse cybersecurity workforce to meet the long-term challenge.  The Biden administration has unveiled its long-awaited cybersecurity strategy, effectively putting the…

Read more →