Document, Information Security and Malware - Information Technology Zone

Report Reveals Top Cyber Threats, Trends of 2023 First Half

SecureWorld News

JUNE 13, 2023

Two-step phishing attacks are on the rise, with attackers using convincing emails that resemble legitimate vendor communications, often related to electronic signatures, orders, invoices, or tracking information. The new Beep malware is top of mind for organizations and individuals.

Trends

Trends Report Malware Linux

InfoSec Policies and Standards: Some strategic context for those just diving into this world

CTOvision

MAY 22, 2014

Organizations are giving more priority to development of information security policies, as protecting their assets is one of the prominent things that needs to be considered. So an organization makes different strategies in implementing a security policy successfully. Get Management Support. Write Policies. Implement policies.

Policies

Policies Information Security Fractional CTO Security

Global Effort Seizes EMOTET Botnet

SecureWorld News

JANUARY 28, 2021

One way that EMOTET was so effective was due to its ability to spread via word documents. Europol says the EMOTET group was able to take email as an attack vector to the next level: "Through a fully automated process, EMOTET malware was delivered to the victims’ computers via infected e-mail attachments. EMOTET as an attack for hire.

Malware

Malware Banking Strategy Operating Systems

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Bad Actor Using New Method to Avert Detection, Google Discovers

SecureWorld News

SEPTEMBER 25, 2021

Whether it is ransomware, other types of malware, or any number of cyberattacks, threat actors keep inventing new techniques to cause disruption. In a blog post, Neel Mehta, Information Security lead for Google, explains how a hacker has managed to break certificate code parsing to invade email inboxes and infect users with malware.

Google

Google Malware Analysis Windows

Browser Isolation: The Missing Piece in Your Security Puzzle

SecureWorld News

APRIL 9, 2023

Cyberattacks such as malware infiltration and vulnerability exploitation continue to make headlines, attacking companies of various sizes. However, conventional solutions such as antivirus, firewalls, and other detection and blocking tools can only offer a limited level of security. Users do not have access to web content at all.

Security

Security Malware Virtualization Network

Game Change: Three Reasons Why #SonyHack Will Change Security

CTOvision

DECEMBER 19, 2014

See the interview here: Tactics Not Malware Are the Story. Most corporate hacks we see are focused on either customer data (credit cards, medical records, social security numbers, passwords, bank account information, email addresses) or company proprietary documents. Game Change.

Security

Security Malware Meeting Media

You’re not alone in the cyber battlefield

Dataconomy

SEPTEMBER 6, 2023

In the event of a security incident, such as a data breach or malware attack, the MSSP springs into action. Their team of experts works quickly to contain the threat, minimize damage, and restore systems to a secure state. They must also conduct regular risk assessments and maintain documentation of their compliance efforts.

Security

Security Information Security Data System

You never know who is after your data

Dataconomy

OCTOBER 11, 2023

This breach attempt, which has been the subject of many spy movies, has been overshadowed by ransomware and malware attacks in cybersecurity nowadays, but physical access to the servers of large companies by threat actors can cause a very serious problem. Who is at risk of tailgating attacks?

Data

Data Security Malware Engineering

Self-Audits | Roadmap to Securing Your Infrastructure

Linux Academy

JUNE 17, 2019

However, in information security, I believe we should embrace audits and advocate for them. Now, before you think I’m crazy — hear me out, because it’s important and here’s why: Security Audits Find Red Flags. Security audits are the same thing. Regulatory Information Security Audit Requirements.

Security

Security Firewall Information Security Malware

Continuous Monitoring for Real-Time Compliance

Galido

SEPTEMBER 18, 2018

Security first compliance approach. This approach commences with securing your environment. Information security experts argue that tracking assets, assessing risks, assessing threats and establishing controls first allows you to develop a stronger security stance. How continuous monitoring relates to compliance.

Big Data

Big Data Security Artificial Intelligence Data

The BYOD Problem

Cloud Musings

MARCH 30, 2017

To an employer, however, that smart device is nothing more than a dagger posed to rip apart every shred of corporate security. This reality of modern business was highlighted by the Information Security Community on LinkedIn through their 2016 Spotlight Report on “Bring Your Own Device” (BYOD).

Mobile

Mobile IBM Policies Applications

The anatomy of a Facebook account heist

Vox

SEPTEMBER 28, 2023

In the beginning, the hack seemed to progress mostly via malware found in fake ChatGPT downloads and ads for these bogus extensions right on Facebook. I documented as much as I could,” she said. “I It’s not entirely clear how the Vietnamese hacking ring is stealing so many accounts. It’s heartbreaking.”

Groups

Groups Authentication Security Media

Here’s who Apple and Epic are calling to testify in next week’s trial

The Verge

APRIL 28, 2021

Since these figures were deposed before the trial, court documents have already revealed a few interesting details about the companies’ businesses — and we’ll probably see more as they take the stand. Alphabet — documents submitted. App Annie — documents submitted. Roblox Corporation — documents submitted. Epic employees.

Apple

Apple Policies Engineering Fractional VPE

Former Amazon exec inherits Microsoft’s complex cybersecurity legacy in quest to solve ‘one of the greatest challenges of our time’

GeekWire

FEBRUARY 3, 2022

.” Two decades later, that line from the Microsoft co-founder’s Trustworthy Computing memo would seem quaint if the reality weren’t so terrifying: ransomware, software supply chain attacks, privacy breaches, nation-state hacks, malware, worms, and adversarial machine learning are just a few of the looming threats.

Microsoft

Microsoft Security Web Services Software

Invincea Integrates Cloud Analysis and Enterprise Response Capabilities at the Endpoint

CTOvision

APRIL 15, 2015

1] Today, Invincea Advanced Endpoint Protection 5 becomes the first unified advanced threat protection solution to contain targeted attacks, identify existing compromises and re-establish control by eradicating malware – all with a single small-footprint integrated agent. For more information, visit [link].

Analysis

Analysis Enterprise Enterprise Cloud

Hardest tech roles to fill (+ solutions!)

Hacker Earth

OCTOBER 4, 2019

Writing project documentation and its support. A few examples of these courses include network security, information security, cyber investigation, cybersecurity management and policy, and others. Malware analysis and reversing. Cloud security. Security analysis. Management skills . Communicability.

Engineering

Engineering Software Software Software Development

The CPRA: What You Should Know as an InfoSec Professional

SecureWorld News

DECEMBER 1, 2022

A panel of practitioner experts breaks it all down in our recent Remote Sessions webcast, "Countdown to CPRA: What Information Security Professionals Need to Know Now," now available on-demand. Well documented policies and standards for employees (data handling). Training for employees (awareness). Cyber insurance (critical).

Data

Data Training Insurance Comparison

Hardest tech roles to fill (+ solutions!)

Hacker Earth

OCTOBER 4, 2019

Writing project documentation and its support. A few examples of these courses include network security, information security, cyber investigation, cybersecurity management and policy, and others. Malware analysis and reversing. Cloud security. Security analysis. Management skills . Communicability.

Engineering

Engineering Software Software Software Development

EP 49: LoL

ForAllSecure

JUNE 21, 2022

So I started thinking about other ways to hide messages or even how to get malware onto a system without it being detected. Vamosi: Welcome to the hacker mind and original podcast from for all secure. Vamosi: Living off the land or fireless malware is a threat actor leveraging the utilities readily available on a system.

Operating Systems

Operating Systems System Microsoft Examples

The Hacker Mind Podcast: Gaining Persistence On Windows Boxes

ForAllSecure

FEBRUARY 8, 2023

If you’re running edge detection, if your scanning your networks, even occasionally rebooting your servers these activities will remove some running malware, yet the bad actors somehow return and remain persistent. These APTs have somehow found a way to bypass most security tools, hence their persistence. Stealth malware.

Windows

Windows Course Examples Tools

The Hacker Mind Podcast: Hacking Real World Criminals Online

ForAllSecure

MAY 2, 2023

VAMOSI: Once the classified documents were found online, there was an effort -- both by law enforcement and by the media -- to identify the leaker. It turns out some of the classified documents were photographed on a marble countertop, like in a kitchen countertop. Let's analyze malware. They could. And there were. Not the same.

Open Source

Open Source Media Social Hotels

What newsrooms can learn from threat modeling at Facebook

The Verge

SEPTEMBER 14, 2020

Jay Rosen: You’re a former chief security officer at Yahoo and Facebook, among other roles you have had. Alex Stamos: Traditionally, the chief information security officer is the most senior person at a company who is solely tasked with defending the company’s systems, software, and other technical assets from attack.

Exercises

Exercises Resources Security Media

Information Technology Zone

Report Reveals Top Cyber Threats, Trends of 2023 First Half

InfoSec Policies and Standards: Some strategic context for those just diving into this world

Webinars

Trending Sources

Global Effort Seizes EMOTET Botnet

Webinars

Bad Actor Using New Method to Avert Detection, Google Discovers

Browser Isolation: The Missing Piece in Your Security Puzzle

Game Change: Three Reasons Why #SonyHack Will Change Security

You’re not alone in the cyber battlefield

You never know who is after your data

Self-Audits | Roadmap to Securing Your Infrastructure

Continuous Monitoring for Real-Time Compliance

The BYOD Problem

The anatomy of a Facebook account heist

Here’s who Apple and Epic are calling to testify in next week’s trial

Former Amazon exec inherits Microsoft’s complex cybersecurity legacy in quest to solve ‘one of the greatest challenges of our time’

Invincea Integrates Cloud Analysis and Enterprise Response Capabilities at the Endpoint

Hardest tech roles to fill (+ solutions!)

The CPRA: What You Should Know as an InfoSec Professional

Top 10 Stories from SecureWorld in 2021

Hardest tech roles to fill (+ solutions!)

EP 49: LoL

The Hacker Mind Podcast: Gaining Persistence On Windows Boxes

The Hacker Mind Podcast: Hacking Real World Criminals Online

What newsrooms can learn from threat modeling at Facebook

Stay Connected