Usage subject to Terms and Conditions

Category Cybersecurity Alerts, News, and Tips

Cybersecurity Month: Consider a Cyber Career

Read the original article at https://blog.pcisecuritystandards.org/cybersecurity-month-consider-a-cyber-career

As an  Official Champion of National Cyber Security Awareness Month (NCSAM), the Council will be sharing educational resources on payment security best practices on the PCI Perspectives blog, and through our Twitter (@PCISSC) and LinkedIn pages. The Council will align these resources with the four weekly themes outlined by the National Cyber Security Alliance:

Read the original article at https://blog.pcisecuritystandards.org/cybersecurity-month-consider-a-cyber-career

Google Releases Security Updates for Chrome

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2021/10/20/google-releases-security-updates-chrome

Original release date: October 20, 2021

Google has released Chrome version 95.0.4638.54  for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update as soon as possible.

This product is provided subject to this Notification and this Privacy & Use policy.

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2021/10/20/google-releases-security-updates-chrome

Managed Security Services Provider (MSSP) News: 20 October 2021

Read the original article at https://www.msspalert.com/cybersecurity-news/updates-20-october-2021/

Today’s MSSP news involves Accenture, Cyolo, Invicti Security, Panorays, Picus, Securonix SIEM, Snowflake, Splunk, Summit Partners & more.

The post Managed Security Services Provider (MSSP) News: 20 October 2021 appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-news/updates-20-october-2021/

New Impersonation Attack Demonstrates That Threat Actors Don’t Need to Get the Logo Correct

Read the original article at https://blog.knowbe4.com/new-impersonation-attack-demonstrates-that-threat-actors-dont-need-to-get-the-logo-correct

A new trend in social engineering and impersonation emerges as cybercriminals take advantage of a user’s inability to properly identify fake corporate logos in phishing attacks.

Read the original article at https://blog.knowbe4.com/new-impersonation-attack-demonstrates-that-threat-actors-dont-need-to-get-the-logo-correct

Cybercriminal Group SnapMC Takes a Page from Ransomware Gangs in Data Breach-Turned-Extortion Attacks

Read the original article at https://blog.knowbe4.com/cybercriminal-group-snapmc-takes-a-page-from-ransomware-gangs-in-data-breach-turned-extortion-attacks

New analysis of attacks shows threat actors that traditionally focus on stealing data are now utilizing extortion as their monetization strategy, converging tactics with ransomware attacks.

Read the original article at https://blog.knowbe4.com/cybercriminal-group-snapmc-takes-a-page-from-ransomware-gangs-in-data-breach-turned-extortion-attacks

Deepfake Technology is Cloning a Voice from the C-Suite

Read the original article at https://blog.knowbe4.com/deepfake-technology-is-cloning-a-voice-from-the-c-suite

Criminals used deepfake technology to steal $35 million from a company in the United Arab Emirates, Forbes reports. The attackers used “deep voice” technology to spoof the voice of a company’s director in order to trick a bank manager into transferring the money to the criminals’ bank accounts.

Read the original article at https://blog.knowbe4.com/deepfake-technology-is-cloning-a-voice-from-the-c-suite

U.S. Government Says To Avoid Phishing-Resistant MFA

Read the original article at https://blog.knowbe4.com/u.s.-government-says-to-avoid-phishing-resistant-mfa

The U.S. government has been pushing people to avoid SMS- and voice call-based multi-factor authentication (MFA) for years, but their most recent warning is to avoid any MFA that is overly susceptible to phishing. That is only common sense (since most data breaches involve social engineering), but what MFA types do they mean and what does that mean for you? Read on.

Read the original article at https://blog.knowbe4.com/u.s.-government-says-to-avoid-phishing-resistant-mfa

Google Cloud Invests In Cybereason XDR Security Software: Report

Read the original article at https://www.msspalert.com/investments/google-cloud-invests-in-cybereason-xdr-security-software-company-report/

Report: Google Cloud invests $50 million in Cybereason, an XDR (eXtended Detection and Response) security company that engages MSSP partners.

The post Google Cloud Invests In Cybereason XDR Security Software: Report appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/investments/google-cloud-invests-in-cybereason-xdr-security-software-company-report/

Ransomware Victims Paid $600 Million to Hackers in 1H of 2021

Read the original article at https://www.msspalert.com/cybersecurity-research/victims-paid-600-millon-1h-2021/

Ransomware groups remain “increasing threat” to the U.S. financial, business and public sectors, according to U.S. Treasury Department report.

The post Ransomware Victims Paid $600 Million to Hackers in 1H of 2021 appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-research/victims-paid-600-millon-1h-2021/

Security Startup SOC Prime Raises $11 Million to Simplify Threat Detection

Read the original article at https://www.msspalert.com/investments/soc-prime-threat-detection-funding/

Continuous security intelligence provider SOC Prime seeks to scale its Threat Detection Marketplace for MSSPs, cybersecurity professionals.

The post Security Startup SOC Prime Raises $11 Million to Simplify Threat Detection appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/investments/soc-prime-threat-detection-funding/