Cybersecurity Skills and Breaches: What Tech Pros Need to Know

The results, however, remained mixed.

“While many companies have diversity hiring goals, we aren’t seeing hiring numbers increase significantly among women, minorities and veterans,” said Rob Rashotte, vice president of global training and technical field enablement at Fortinet.

“Despite 91% of respondents saying they prefer to hire candidates with technical certifications, 71% of organizations require potential new hires to hold a four-year degree”.

Cyber_Security_Channel

Читать полностью…

Google Workspace Authentication Vulnerability Allowed Thousands of Emails to be Compromised

In its message sent to impacted emails, Google said it fixed the vulnerability within 72 hours of it being discovered and that it has since added “additional detection” processes to ensure it cannot be repeated.

Cyber_Security_Channel

Читать полностью…

“Humans Remain the Weakest Link”: Pentesters’ 98% Success in Social Engineering

We monitored the responses with bated breath the day we sent the email. Within minutes, the first few employees clicked on the link.

By the end of the day, over 80% of the employees, including several high-ranking executives, had fallen for the ruse.

They clicked the link and entered their usernames and passwords without hesitation.

Cyber_Security_Channel

Читать полностью…

Most Airlines Except One Are Recovering From the CrowdStrike Tech Outage. The Feds Have Noticed

Transportation Secretary Pete Buttigieg spoke to Delta CEO Ed Bastian on Sunday about the airline’s high number of cancellations since Friday.

Buttigieg said his agency had received “hundreds of complaints” about Delta, and he expects the airline to provide hotels and meals for travelers who are delayed and to issue quick refunds to customers who don’t want to be rebooked on a later flight.

Cyber_Security_Channel

Читать полностью…

Wiz Walks Away From $23 Billion Deal with Google, Will Pursue IPO

Wiz has walked away from a $23 billion deal to be bought by Google, in what would have been the search giant’s largest-ever acquisition, telling employees it would pursue an IPO as previously planned.

Rappaport wrote that the company would focus on its next milestones: an initial public offering and $1 billion in annual recurring revenue.

The deal would have nearly doubled the $12 billion valuation of the startup from its most recent round of funding.

Wiz was founded in 2020 and has grown rapidly under Assaf Rappaport, who had been targeting an IPO as recently as May.

Discussion question for the community:

→ Do you think that was the right decision for them?

@Cyber_Security_Channel

Читать полностью…

Arrest Made in MGM Resorts $100 Million Hacking Attack

A 17-year-old boy from Walsall has been arrested in connection with a global cyber online crime group targeting large organisations with ransomware and gaining access to computer networks.

The BetMGM 2024 cyber attack is one of the significant cases under investigation.

Cyber_Security_Channel

Читать полностью…

💡 Computer Networking: All-in-One For Dummies

Our partners at Codelivly created a hyper effective resource for Cyber Security beginners.

13 modules, full of value:

— Theory + hands-on learning
— Fundamentals + advanced topics
— Knowledge + skills to navigate networking

= A no-brainer offer.

Helping you become a better specialist.

Grab 178 pages of content and upskill yourself:

↳ https://codelivly.gumroad.com/l/computer-networking

Читать полностью…

What Is Cloud Penetration Testing & Why Is It Important?

Cloud computing involves the storage, processing and management of data and applications on remote servers, often provided by third-party service providers.

These applications can range from your simple email service to something as robust as cloud identity and management access services.

Cyber_Security_Channel

Читать полностью…

Google Near $23 Billion Deal for Cybersecurity Startup Wiz

This deal is set to be company's largest acquisition in history, so far.

Google has been working to bulk up its cybersecurity business, focused on the cloud.

Alphabet is eyeing the deal at a time of intense antitrust scrutiny of the search company and other tech giants.

The acquisition could also help boost Alphabet’s efforts in cloud computing, an important and growing business but one where it has lagged behind peers.

@Cyber_Security_Channel

Читать полностью…

Cybersecurity Stakes Higher Than Ever at Paris Olympics 2024

As the world gears up for the Paris Olympic Games 2024, attention turns to the athletic feats that will be on display and the massive cybersecurity challenges of hosting such a high-profile international event.

With nearly 3 million spectators expected to attend the 329 events held over a 6-week period, spending an estimated $4 billion...

The stakes for cybersecurity are higher than ever.

Olympics have increasingly become a major target for cyber attacks.

The Tokyo Olympics 2021 saw a staggering 450 million attempted cyberattacks – a 2.5x increase from the London Olympic Games 2012.

For bad actors, the Olympics present an enticing combination of factors:

— Large crowds
— Limited physical presence
— Highly distributed events staff
— Zero margin for error and downtime

@Cyber_Security_Channel

Читать полностью…

Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability

To mitigate the risk, it is crucial to update all Microsoft Outlook and Office applications with the latest patches.

Additionally, implementing robust email security measures, such as disabling automatic email previews and educating users about the risks of opening emails from unknown sources, is essential.

Cyber_Security_Channel

Читать полностью…

Unleash Your Growth Potential: 90+ Actionable Tactics for Your SaaS Business

Are you a SaaS Business Owner? Or would you like to start one?

Unlock the growth potential of your product with a list of 90+ hand-picked, proven growth tactics for early-stage B2B SaaS Start-Ups.

The content of this product:

• Cold Calling
• Discount policy
• Virality features
• Lead generation
• Referral programs
• Content Marketing
• Product-led growth
• Product Onboarding
• Sales Demos & Discovery
• Multichannel Outbound Sales
• Landing Page & Website structure

This bundle is right for you, if:

[01] You are a Founder/Leader of a SaaS Start-Up.

[02] Your revenue is between 0€ and 3.000.000€ ARR.

[03] You want to learn from the experience of others before starting your own SaaS Company.

Click below to find out more:

→ https://gumroad.com/a/1023033043/nuftu

Читать полностью…

Why Windows Recall Feature Creates a Data Privacy Nightmare

Microsoft promoted Recall as essentially a new type of search engine.

For example, if wanted to revisit a document, video, or webpage but can’t remember where you saw it, you can enter what you remember into a text interface.

Windows will then use AI to find what you are looking for.

Cyber_Security_Channel

Читать полностью…

Evolve Bank Shares Data Breach Details as FinTech Firms Report Being Hit

Wise, a fintech firm whose services are widely used for international money transfers, revealed late last week that the Evolve data breach impacts some of its customers.

Wise had worked with Evolve to provide USD account details between 2020 and 2023.

While the companies no longer work together, it seems Evolve was still storing some data provided by Wise.

Cyber_Security_Channel

Читать полностью…

👨‍💻 HTML and CSS | Programming Notes and Flashcards

This bundle = 70+ pages and 500+ flashcards on every major concept of HTML and CSS.

Web Development Fundamentals

→ URL
→ DOM
→ Developer Tools
→ HTTPS, Request, Response

HTML Basics

→ Links
→ Class, ID
→ Text, entities
→ Head Section
→ Document Tree
→ Tags, attributes

CSS Basics

→ Responsive design
→ Full website example
→ Lists, links, videos, forms
→ Pseudo-classes, Pseudo-elements
→ Box Model (marding, padding, border)

CSS Advanced

→ Grid and position
→ Display and flexbox
→ Animation and shadow

Always wanted to learn HTML and CSS?

This is your sign to start:

↳ https://gumroad.com/a/94518995/lcqjl

Читать полностью…

ℹ️ Cybersecurity Talent Isn't as in Demand as You Might Think (2024)

Although the need for security professionals is increasing in certain nations, several large economies are experiencing a decline.

In Europe, France witnessed a 4.5% decrease from May 2023 to 2024, marking this the third largest reduction among the 15 countries reviewed by LinkedIn's Economic Graph team.

The USA and Singapore had even greater declines.

Source: LinkedIn News Europe

📷 Image credit: Business Standard

@Cyber_Security_Channel

Читать полностью…

🗂 GDPR Data Classification & Cyber Security Template

Ideal starting point for SMBs and developing companies.

Table of Contents

— '3rd party Access’ page
— 'Where' and 'Why' sheet
— 60 types of personal data
— 'User Permissions Tracker’

+ additional tools inside.

Special Bonus

↳ 'A Practical Guide to GDPR for Small Businesses' eBook (53 pages) for FREE!

Enjoy this generous deal from our partners...

Download your resources here:

→ https://gumroad.com/a/710907859/loChz

Читать полностью…

North Korean Hackers Target Critical Infrastructure for Military Gain

The threat actor primarily targets organizations in the:

— Energy
— Nuclear
— Defense
— Aerospace
— Engineering

Sectors, to exfiltrate information such as:

— Contract specification
— Design drawings
— Project data

Cyber_Security_Channel

Читать полностью…

🎙"80% of Your Security Comes from 20% of Your Controls"

→ 2024 Strategies for Balancing Cost and Security Controls with Mads Nielsen

[LIVE WEBINAR]

📅 Thursday, 1st of August
⏰ 2:00 PM, GMT+2

Mads will Cover

• Identifying Misplaced Priorities: Which controls might you have wrong?

• Top Priority Controls: Three essential controls for maximum impact.

• Cost-Effective Playbook: Craft a CISO playbook that balances security needs and budget constraints.

• CISO Priority Map: Hardening, Firewalls/WAP, Strong passwords.

Featured Insights

• Recent Data Breaches & Budget Impacts: Learn from UnitedHealth Group and Trello incidents — recent high-profile data breaches.

• CrowdStrike Incident: Understand the lessons from the recent CrowdStrike update failure.

• Emerging 2024 Threats: Insights from the CrowdStrike 2024 Global Threat Report.

How to Attend?

↳ Register via the following link → click here.

-----

#ad #paidpromotion #sponsored

@Cyber_Security_Channel

Читать полностью…

📩 CyberWeekly by Hacklido — Issue №6; 20th of July, 2024

Dive into the latest insights with the current edition of the CyberWeekly Newsletter, courtesy of Hacklido.

Uncover discussions on a wide range of themes, such as:

• HIPPA
• Snort IPS
• Crowdstrike outage
• CVE202427956 - SQLi
• Healthcare ransmoware
• RAG manipulation attacks
• Oracle bulk patch updates
• Active Directory pentesting
• CVE202440626 - XSS (Stored)

There is much more to explore in this version.

Read the full article here.

-----

→ If your Company / Project / Community wants to become a partner of Cyber Security News...

Please, do not hesitate to contact us by sending a direct message to @cybersecadmin

-----

@Cyber_Security_Channel

Читать полностью…

Major Data Breaches That Have Rocked Organizations in 2024

Find out what led to the breaches and how they affected the breached organizations.

The information in this recap might help your organization strengthen its cybersecurity posture.

Cyber_Security_Channel

Читать полностью…

⚡️Microsoft Users Around the World Report Widespread Outages

Banks, airlines, TV stations and health systems in countries around the world that rely on Microsoft's 365 apps reported widespread outages Friday.

Microsoft IT outage disrupts flights, banks, media outlets, and companies worldwide.

Thousands of flights and train services were cancelled in the U.S. and Europe, and there were disruptions to many other public and retail services.

In a statement to CBS News later on Friday, CrowdStrike CEO George Kurtz said that the issue had been identified and a solution was being implemented.

"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted," Kurtz said.

"This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed."

@Cyber_Security_Channel

Читать полностью…

Nearly All Customers Affected by New AT&T Data Breach

The company said that it believes that none of the data is publicly available.

AT&T serves upwards of 100 million customers in the US, meaning that data from hundreds of millions of people has been obtained and could be used for various nefarious activities.

Cyber_Security_Channel

Читать полностью…

📩 CyberWeekly by Hacklido — Issue №5; 13th of July, 2024

The CyberWeekly Newsletter powered by our partners (Hacklido) is back on your feed.

Get ready to explore all of the exhilarating things that are on the table in this release:

• WGU
• STOK
• EvilnoVNC
• Polyfill(.)io
• Pentesting AD
• Windows Remoting
• False File Immutability
• Evernote & Universal RCE
• Reverse engineering .NET
• Global AppSec 2024 Lisbon
• CVE|2021|40444, MSHTML

Find more exciting materials inside this version.

Read the full publication here.

-----

→ If your Company / Project / Community wants to become a partner of Cyber Security News...

Please, do not hesitate to contact us by sending a direct message: @cybersecadmin

-----

@Cyber_Security_Channel

Читать полностью…

A Hacker Posted Nearly 10 Billion Passwords Online — Likely the Biggest Leak Ever

The report claimed that not all the passwords in the file appeared to be new which means that they have been leaked previously and this increases the chance of “credential stuffing.”

As per the practice, a bad actor can take a user’s known password and try to reuse it to break into other accounts in their name, Cybernews, a cybersecurity-focused news outlet, explained.

Cyber_Security_Channel

Читать полностью…

Elon Musk Attacks WhatsApp Over Lack of Privacy

Musk, the owner of X (formerly Twitter), has renewed his criticism of WhatsApp over its handling of personal data.

The Tesla and SpaceX CEO questioned the platform's security practices in response to a user query on Saturday.

A user on X had asked, "If WhatsApp messages are end-to-end encrypted, why do we see ads related to the things we discussed in our chats?"

Musk briefly replied by saying: "WhatsApp is not secure at all."

This recent comment is part of a broader dispute between Musk and WhatsApp, which is owned by Mark Zuckerberg's conglomerate Meta.

@Cyber_Security_Channel

Читать полностью…

⚡️RockYou2024: 10 Billion Passwords Leaked in the Largest Compilation of All Time

According to the team’s analysis of RockYou2024, attackers developed the dataset by scouring the internet for data leaks, adding another 1.5 billion passwords from 2021 through to 2024 and increasing the dataset by 15 percent.

Cyber_Security_Channel

Читать полностью…

Are Your Kids Safe Online? Exploring the Unseen Risks Beyond The Screen With Parental Control

You can achieve that by understanding what they are interested in online, engaging in open conversations with them, making learning enjoyable, and utilizing the appropriate tools.

It’s about providing them with the knowledge they require in today’s tech-savvy world.

Cyber_Security_Channel

Читать полностью…

Your Phone's 5G Connection Is Vulnerable to Bypass, DoS Attacks

It's a remarkably accessible form of attack, they say, involving commonly overlooked vulnerabilities and equipment you can buy online for a couple of hundred dollars.

Cyber_Security_Channel

Читать полностью…

Authenticator for X, TikTok Exposes Personal User Info for 18 Months

Though the researcher limited his snooping, some data fields appeared to indicate the nature and purpose of the stored data, such as a chart with values such as "Impersonation_XCorp" and "uber-carshare-passport."

Cyber_Security_Channel

Читать полностью…