%term

New Mobile Banking Malware Impersonating Messaging Apps

Jun 28, 2023 By Noel Llimos In Cyberint

Following our research regarding the abuse of Malvertising using Malicious Ads, Cyberint has uncovered a new strain of mobile banking malware. This malware is being distributed on third-party APK sites and is disguised as advertisements for popular messaging applications like KIK and Viber. Our Cyberint team has conducted an analysis of the malware’s source code. Based on our findings, it appears that the campaign is primarily targeting Asia.

Read Post

Cyberint

Read more about New Mobile Banking Malware Impersonating Messaging Apps

A Red Team's Perspective: How to Scope a Penetration Test

Jun 28, 2023 By Courtney Bell In Sedara

Penetration testing is a crucial part of a comprehensive cybersecurity plan. By simulating a real-world attack, a penetration test can help identify vulnerabilities and weaknesses across systems, networks, and applications before a malicious actor can exploit them. To get off on the right foot with a penetration test and get an accurate timeline and budget for the test, it’s important to have a proper scope. Learn how to scope a penetration test from the perspective of the Sedara Red Team.

Read Post

Sedara

Read more about A Red Team's Perspective: How to Scope a Penetration Test

API Security: Navigating the Threat Landscape

Jun 28, 2023 By Tripwire Guest Authors In Tripwire

An Application Programming Interface (API) is an essential and ubiquitous software that allows the exchange of information between day-to-day applications and processes, such as Software as a Service (SaaS) applications, Internet of Things (IoT) devices, universal profile login pages, and autonomous vehicles. APIs synchronize and maintain the data exchange between clients and servers, responding to each request.

Read Post

Tripwire

Read more about API Security: Navigating the Threat Landscape

Tanium Patch: Zero Touch + Self Service - Tanium Tech Talks #64

Jun 28, 2023 By Tanium In Tanium

"Reliable, verifiable, zero-touch patching." On today's Tanium Tech Talk learn about Zero Touch patching and Self Service. The everyday block and tackle of IT operations is patching. The security teams needs it to cover the holes. The risk team needs to satisfy compliance. And the ops team is stuck doing it. That has been the story for years… until Tanium. Today we're going to see how Tanium has turned patching into quite literally a "set it and forget it" activity where everybody wins, even the end user. It truly is a game changer.

View Video

Tanium

Read more about Tanium Patch: Zero Touch + Self Service - Tanium Tech Talks #64

Free CCPA Vendor Questionnaire Template (2023 Edition)

Jun 28, 2023 By Edward Kost In UpGuard

Often regarded as the Californian version of the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) aims to protect the personal information rights of Californian-based employees, contractors, customers, and vendors. The inclusion of third-party vendors means your Vendor Risk Management program needs to be updated to include CCPA compliance tracking, not only during due diligence but through the entire vendor security posture management process.

Read Post

UpGuard

Read more about Free CCPA Vendor Questionnaire Template (2023 Edition)

Is the CMMC 2.0 Rollout on the Horizon?

Jun 28, 2023 By Tripwire Guest Authors In Tripwire

The Department of Defense (DoD) introduced the Cybersecurity Maturity Model Certification (CMMC) in 2019. This framework outlined a series of security standards contractors must meet to win DoD contracts, so it’s a big concern for many companies. However, four years later, the Cybersecurity Maturity Model Certification rollout has yet to take effect. Part of this delay comes from the fact that the DoD has revamped the CMMC.

Read Post

Tripwire

Read more about Is the CMMC 2.0 Rollout on the Horizon?

5 Essential Elements of a Municipal Cyber Security Plan

Jun 28, 2023 By Kaitlyn Graham In BitSight

Cyberattacks on state and local governments are on the rise. In 2020, more than 100 government agencies, including municipalities, were targeted with ransomware – an increasingly popular attack vector. Recently, average down time from cyber attacks on these targets is 7.3 days and results in an average loss of $64,645. These incidents are costly and disruptive. Most state cybersecurity budgets are a paltry 0% to 3% of their overall IT budget on average.

Read Post

BitSight

Read more about 5 Essential Elements of a Municipal Cyber Security Plan

Keeper Launches New Global Password Report

Jun 28, 2023 By Jason O'Connor In Keeper

Keeper Security has released its latest research, Password Management Report: Unifying Perception with Reality, which assesses the password habits of individuals across the United States and Europe.

Read Post

Keeper

Read more about Keeper Launches New Global Password Report

Obrela at CRESTCon Europe | Interview Iraklis Mathiopoulos, Chief Services Delivery Officer

Jun 28, 2023 By Obrela In Obrela

Interview with Iraklis Mathiopoulos presenting his role as Chief of Service Delivery at Obrela, and his CRESTCon Europe highlights.

View Video

Obrela

Read more about Obrela at CRESTCon Europe | Interview Iraklis Mathiopoulos, Chief Services Delivery Officer

Increase Cyber Resilience With the Trusted, Must Have Standard for Measuring Cyber Risk

Jun 28, 2023 By SecurityScorecard In SecurityScorecard

Gain a complete understanding of your attack surface and business ecosystem risk. Know in an instant whether an organization deserves your trust and show others your deserve theirs. From security ratings and third-party risk management to digital forensics and incident response, SecurityScorecard is here for you. Together, we make the world a safer place.

View Video