Authors/Presenters: Matt Thomassen, Sean McKeever
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.
The post DEF CON 32 – Warflying in a Cessna appeared first on Security Boulevard.
via the comic humor & dry wit of Randall Munroe, creator of XKCD
The post Randall Munroe’s XKCD ‘Sun Avoidance’ appeared first on Security Boulevard.
Cariad, VW Group’s software arm, made this classic error.
The post VW Cars Leak Private Data of 800,000 — ‘Volksdaten’ appeared first on Security Boulevard.
Authors/Presenters: Brandon Colley
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.
The post EF CON 32 – Winning the Game of Active Directory appeared first on Security Boulevard.
Palo Alto, Calif., USA, 30th December 2024, CyberNewsWire
The post SquareX Researchers Expose OAuth Attack on Chrome Extensions Days Before Major Breach appeared first on Security Boulevard.
Reading Time: 5 min Have you received a microsoft account security alert email? Learn how to identify legitimate alerts and avoid phishing scams targeting your Microsoft account.
The post Best of 2024: Microsoft Account Security Alert Email: Recognize the Scam appeared first on Security Boulevard.
In December 2023, as cyberattacks surged, the U.S. Securities and Exchange Commission (SEC)began enforcing new cybersecurity disclosure rules. This pushed C-level executives and boards to adopt measures for compliance and transparency. In this post, we look at the enforcement actions the SEC has taken and what public company CISOs should do to stay in compliance.
Cyberattacks surge, the SEC takes action and boards pay attentionIn recent years, cyberattacks have become more sophisticated, affecting public and private organizations alike. Recognizing the critical need for transparency and robust cybersecurity measures, the U.S. Securities and Exchange Commission adopted new cybersecurity disclosure rules in July 2023, which took effect in September 2023, with compliance required by December 2023.
These rules, which mandate that all public companies disclose material cybersecurity incidents within four business days and detail their risk management strategies, highlight that cybersecurity is a board-level risk management concern.
As part of their fiduciary duties, boards play a key role in the oversight of risks from cybersecurity threats. In partnership with senior executives, they need to pay close attention to the risks their companies face and the strategies those companies put in place to comply.
As the rules were authorized in late 2023, we shared what we see as the implications for infosec leaders. This post explores the impact of these regulations after one year. We also look at recent enforcement actions and measures that companies should consider adopting to promote compliance and bolster their cybersecurity posture.
An important note: In 2025, there will be changes in SEC leadership, which could affect these rules. But they’re just one example of the additional attention governments around the world are giving to cyber risk.
The EU recently issued the network and information systems (NIS)2 Directive, aimed at improving cybersecurity across member states. It requires the reporting of “significant” incidents within 24 hours, a more detailed report within 72 hours and a final report within a month. Other more focused rules, such as the General Data Protection Regulation (GDPR) in Europe, although it doesn’t have incident disclosure provisions, have driven significant change for companies that want to do business in that region.
It comes down to trust. Tenable CEO Amit Yoran had a clear point of view when he wrote about the rules as they took effect.
“The SEC’s rule will force what companies should have been implementing all along; informed cyber risk management practices,” he said. “Requiring companies to provide annual updates of their cybersecurity risk management strategy and governance and report material breaches within four business days will force leadership to pay attention and keep customers and investors better informed as to who they trust with their business.”
Key requirements of the SEC’s cybersecurity disclosure rulesWith that as a backdrop, CISOs looking to support stakeholders like legal, finance, investor relations and boards in these efforts should understand a few things about the SEC rules.
The SEC requires public companies to disclose material cybersecurity incidents within four business days of determining their materiality using an 8-K form. This requirement aims to give investors timely and relevant information about potential risks that could impact business operations and financial performance.
At a conference held by the American Institute of Certified Public Accountants (AICPA) and the Chartered Institute of Management Accountants (CIMA) in December, Sebastian Gomez Abero, Associate Director of the Division of Corporate Finance (DCF) Disclosure Review Program emphasized that materiality, rather than the discovery of a breach, is the trigger for disclosing a cybersecurity incident. According to an EY summary of his remarks provided by the conference organizations, Gomez Abero also reminded registrants that both quantitative and qualitative factors should be considered in their materiality assessment of a cybersecurity incident.
In addition, companies must include descriptions of their cybersecurity risk management and governance practices annually in their 10-K or 20-F reports. The rules essentially validate cybersecurity as an important component of risk management, within a robust corporate governance program. Recent 10-Ks from a number of companies incorporated these new requirements.
According to the EY conference summary, Gomez Abero reminded registrants to provide sufficient detail in their annual cybersecurity disclosures for a reasonable investor to understand the organization’s processes to assess, identify and manage material risks from cybersecurity threats, rather than just stating that a process exists. In addition, registrants that have a management group to assess material cybersecurity risk need to disclose each member’s individual expertise.
Big fines and penalties from enforcement actionsSince the introduction of the cybersecurity rules, the SEC has taken significant enforcement actions to ensure compliance, including issuing fines and negotiating settlements with various companies.
For example, in October 2024, the SEC fined Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd. and Mimecast Limited a combined total of almost $7 million for allegedly misleading disclosures related to their exposure to the SolarWinds cyberattack.
In the same order, the SEC alleged that these firms downplayed their involvement, which led to misleading investors about potential impacts. Each company settled without admitting or denying the allegations.
In another notable enforcement action by the SEC, R.R. Donnelley & Sons Company (RRD) agreed in June 2024 to pay more than $2.1 million for inadequate disclosure and poor management of significant cybersecurity incidents from 2021. The SEC found that RRD’s internal processes failed to properly elevate and disclose these incidents to senior management in a timely manner, underscoring the importance of having robust incident management frameworks in place.
Lessons learnedThere are three key lessons to keep in mind as you work to help your organization meet the SEC cybersecurity requirements:
So what can a CISO do about this? It starts with a comprehensive cybersecurity program, including exposure management, which gives CISOs the information they need to communicate with legal, finance, investor relations, boards and other internal stakeholders about vulnerabilities and cyber incidents so that those can be appropriately captured in the company’s cyber risk management and public reporting.
Exposure management equips an organization with the tools needed to meet the SEC’s cybersecurity disclosure requirements by aligning cybersecurity efforts with business risk management.
Exposure management provides comprehensive visibility into the organization’s attack surface, prioritizes vulnerabilities based on their potential business impact and delivers actionable insights that inform the preparation of risk management filings. Moreover, exposure management is part of a cyber program that can identify cyber risks and incidents that may need to be reported in filings. With easily understood, dynamically updated dashboards that a CISO can use to gain visibility into companywide exposures, exposure management is critical for ensuring compliance and demonstrating a strong security posture.
Plus, an exposure management strategy that integrates asset visibility, risk prioritization and incident response — along with strong partnerships between the CISO, legal, IR and finance — ensures that organizations can accurately report their practices and responses at any point in time because of the continuous monitoring built into exposure management.
By focusing on vulnerabilities that pose the greatest threat to business operations, companies can allocate resources effectively and build a cybersecurity program that supports regulatory compliance.
What the C-suite should considerFor CISOs, adopting an exposure management program ensures they can provide legal, finance, investor relations, boards and other executives with clear, actionable insights into the organization’s cybersecurity risks.
Exposure management helps inform decision-making and supports the development of comprehensive risk management frameworks, enabling companies to address threats proactively and build confidence among investors and stakeholders.
The entire C-suite should approach the SEC’s new rules with an eye toward integrated and forward-looking cybersecurity strategies. As part of that effort, it’s crucial to develop and maintain comprehensive incident response plans that can be deployed swiftly to meet the four-day disclosure mandate.
Preventative measures for complianceTo meet the SEC’s cybersecurity disclosure rules and reduce the risk of breaches that could lead to significant regulatory and financial consequences, organizations must adopt proactive strategies that strengthen their defenses. The following preventative measures outline key steps companies should take to enhance their cybersecurity posture and ensure compliance.
The SEC’s cybersecurity disclosure rules underscore the critical importance of transparency and proactive risk management in today’s digital landscape.
Although compliance requires effort and resources, it also presents an opportunity for companies to build trust with investors and stakeholders.
By prioritizing robust cybersecurity practices that focus on prevention, enterprises can better align with regulatory expectations and be prepared for critical reporting requirements. They can close exposures and become resilient, responsible leaders in an increasingly risky world.
Learn moreThe post Navigating the SEC’s Cybersecurity Disclosure Rules: One Year On appeared first on Security Boulevard.
Cybersecurity Resolutions for 2025: Prepare Your Business for What’s Ahead Cybersecurity Resolutions for 2025: Prepare Your Business for What’s Ahead As we approach the new year, it’s time to reflect on the cybersecurity challenges of 2024 and prepare for what lies ahead. The digital landscape continues to evolve, with cyber threats becoming more sophisticated and […]
The post Cybersecurity Resolutions for 2025: Prepare Your Business for What’s Ahead appeared first on Cyber security services provider, data privacy consultant | Secureflo.
The post Cybersecurity Resolutions for 2025: Prepare Your Business for What’s Ahead appeared first on Security Boulevard.
SANTA CLARA, Calif., December 30, 2024 – We are thrilled to announce that NSFOCUS was selected as the notable vendor of Forrester The Security Analytics Platform Landscape, Q4 by its ISOP (Intelligent Security Operations Platform) with built-in NSFGPT AI assistant and AI-empowered security operation scenarios. “The security analytics platform is the core of the security […]
The post NSFOCUS ISOP Listed in The Security Analytics Platform Landscape Report by Forrester appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..
The post NSFOCUS ISOP Listed in The Security Analytics Platform Landscape Report by Forrester appeared first on Security Boulevard.
Dear blog readers,
I've decided to continue my elaboration and provide further actionable intelligence on a well known member of the Darkode cybercrime-friendly forum community Nassef.
Nassef is using [email protected] as his personal email address account and is known to have registered the following domains using it - hxxp://tonymontana.cards - hxxp://tonymontana.cash - hxxp://tonymontana.biz.
He's also using the following email address account [email protected] and is known to have registered the following domains using it:
hxxp://c2bit-power.com
hxxp://procarder.com
hxxp://novlops.cc
hxxp://freshcvv2.com
hxxp://sharkcc.com
hxxp://edumps.cc
hxxp://cvvlist.com
hxxp://cardinghispano.com
hxxp://dumps4you.com
hxxp://zanoled.com
hxxp://vic-socks.com
hxxp://dump-service.com
hxxp://thugcarders.com
hxxp://hotdumps.com
hxxp://dumpsvendor.com
hxxp://getbette.com
hxxp://crimemarket.com
hxxp://cardingmaestro.com
hxxp://ug-storecards.com
hxxp://cvvsite.com
hxxp://tonymontana.cc
hxxp://dumpsclinique.com
hxxp://source4dumps.cc
hxxp://skycvv.com
hxxp://carderprofit.cc
hxxp://styxmarket.com
hxxp://wt1shop.com
hxxp://scene-tools.com
hxxp://fraudsmarket.com
hxxp://cardersvilla.com
hxxp://bigcarder.com
hxxp://cardertools.com
hxxp://cvvsh0p.com
hxxp://fe-dumpstore.com
hxxp://profitbins.com
hxxp://carding-shop.com
hxxp://zonecvv.com
hxxp://torcrds.com
hxxp://shopvl.net
hxxp://prvtzone.com
hxxp://rdpwallmart.com
hxxp://xdedic.com
hxxp://smartstripes.biz
hxxp://cc-base.com
Related posts:
He's also known to be using [email protected] as his personal email where he is known to have registered the following domains:
hxxp://fe-dumpstore.com
hxxp://profitbins.com
hxxp://dump-service.com
hxxp://thugcarders.com
hxxp://torcrds.com
hxxp://shopvl.net
hxxp://cardertools.com
hxxp://cvvsh0p.com
hxxp://xdedic.com
hxxp://smartstripes.biz
hxxp://carding-shop.com
hxxp://zonecvv.com
hxxp://cc-base.com
hxxp://prvtzone.com
hxxp://rdpwallmart.com
hxxp://novlops.cc
hxxp://scene-tools.com
hxxp://fraudsmarket.com
hxxp://cardersvilla.com
hxxp://edumps.cc
hxxp://cvvlist.com
hxxp://c2bit-power.com
hxxp://procarder.com
hxxp://zanoled.com
hxxp://vic-socks.com
hxxp://freshcvv2.com
hxxp://sharkcc.com
hxxp://hotdumps.com
hxxp://dumpsvendor.com
hxxp://cardinghispano.com
hxxp://dumps4you.com
hxxp://ug-storecards.com
hxxp://source4dumps.cc
hxxp://getbette.com
hxxp://crimemarket.com
hxxp://cardingmaestro.com
hxxp://wt1shop.com
hxxp://cvvsite.com
hxxp://tonymontana.cc
hxxp://dumpsclinique.com
hxxp://bigcarder.com
hxxp://skycvv.com
hxxp://carderprofit.cc
hxxp://styxmarket.com
The post What is Nassef from Darkode Up To? – Part Two appeared first on Security Boulevard.
In the final episode of the Shared Security Podcast for 2024, join us as we recap our predictions for the year, discuss what we got right and wrong, and highlight our top episodes on YouTube. We also extend a heartfelt thank you to our Patreon supporters and special guests. Plus, stay tuned for our predictions […]
The post 2024 Year in Review: What We Got Right and Looking to 2025 appeared first on Shared Security Podcast.
The post 2024 Year in Review: What We Got Right and Looking to 2025 appeared first on Security Boulevard.
Are Secrets Rotation Processes a Keystone in Your Cybersecurity Strategy? The digital business landscape has evolved with technologies enabling organizations to seamlessly maneuver their operations in the cloud. As a cybersecurity professional, have you considered that as we accelerate towards a future driven by automation, the effective management of Non-Human Identities (NHIs) and secrets rotation […]
The post Achieve Satisfaction with Streamlined Secrets Rotation Processes appeared first on Entro.
The post Achieve Satisfaction with Streamlined Secrets Rotation Processes appeared first on Security Boulevard.
Why is Mastering Least Privilege Essential? The least privilege principle remains a cornerstone for securing machine identities and their secrets. However, many organizations still grapple with the practicalities of implementing and maintaining this vital strategy. The consequences of failing to master least privilege can be dire, leading to unauthorized access, data breaches, and cybersecurity incidents. […]
The post Empowering Security: Mastering Least Privilege appeared first on Entro.
The post Empowering Security: Mastering Least Privilege appeared first on Security Boulevard.
Authors/Presenters: Anthony Hendricks
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.
The post DEF CON 32 – How State Laws Meant to Protect Children Raise Other Risks appeared first on Security Boulevard.
A long promising approach comes of age
I won’t revisit the arguments for anomaly detection as a crucial piece of cybersecurity. We’ve seen waves of anomaly detection over the years — and CISA, DARPA, Gartner, and others have explained the value of anomaly detection. As rules-based detections show their age and attackers adopt AI to accelerate their innovation, anomaly detection is more needed than ever.
However — traditional anomaly detection has been caught in a Sisyphean cycle: build multiple bespoke models for each account, tune endlessly, and still face diminishing returns as threats and the operating environment evolve.
In a recent paper, “Expectations Versus Reality: Evaluating Intrusion Detection Systems in Practice” (arXiv:2403.17458), the authors compare traditional machine learning based anomaly detection approaches to a deep neural network (DNN)-based system across several benchmarks: CICIDS2017, UNSW-NB15, and others. The DNN outperformed across all datasets except for one, delivering both higher F1 scores and more consistent performance across different evaluation datasets.
You can see from the paper that the deep neural network (DNN) outperformed all prior generation ML both in terms of accuracy, as measured by F1 score, and adaptability, as shown in having the most consistent performance. The Stratosphere use case where the DNN performed least well is a very specific IoT dataset. It appears that the DNN had not been exposed to this sort of data in its training.
The conclusion is clear: better models are both more accurate AND generalize better.
The Monolithic Past: Fragile, Overfit, and Labor-IntensiveTraditional anomaly detection relies on one or more bespoke models for every environment.
Every model deployed requires:
Also, these systems suffer from overfitting, locking into patterns specific to the training data but brittle in the face of novel threats. Worse, they’re resource hogs, demanding constant attention from detection engineers. While anomaly detection usage is increasing, it is easy to see why many detection engineers find them only slightly less frustrating than the thicket of rules-based detections many are expected to maintain and rely upon.
Enter Foundation Models + Classifiers
Foundation models like our deep neural network based LogLM Tempo flip this paradigm. Trained on vast, diverse datasets, they deliver a generalizable core capable of identifying patterns across environments. Fine-tuned classifiers adapt the model for specific accounts or threat profiles with minimal overhead.
This approach isn’t just scalable — it’s transformative. By decoupling the core model from account-specific adjustments, detection engineers free their time up from endless firefighting.
For the first time, we can have Collective Defense — via ever-improving foundation models — plus rapid customization and adaptation.
Precision, Adaptability, and the FutureThe cited paper’s results reveal a crucial advantage of foundation models: they’re not just more accurate but more adaptable. Higher F1 scores across datasets imply better generalization — an essential trait in an industry where yesterday’s threat model is obsolete tomorrow.
Our LogLM Tempo builds on these principles, delivering:
Classifiers allow for the efficient applicability of a foundation model to particular use cases. As an example, we use a classifier on top of our Tempo foundation model to essentially learn a threshold for anomalies. Users of our free-to-try Tempo on Snowflake can also fine-tune for their environment — and this fine-tuning adapts an anomaly-discerning classifier, which is much more efficient than retraining an entire model.
Take a look at the Snowflake listing here:
ConclusionAnomaly detection — a long-promised and yet often frustrating approach to cybersecurity incident identification — is coming of age. Recent studies have shown that neural network based approaches are both more accurate and more adaptable; our Tempo LogLM takes this to the next level, adding easy-to-use classifiers onto a foundation transformer-based deep learning model for further adaptability and accuracy.
In these blogs we are trying to explain how the state of the art in incident detection is changing. We believe that increased accuracy and adaptability open up the opportunity for collective defense and new business models.
Please let us know below if you have suggestions or questions you would like us to dig into.
Anomaly Detection for Cybersecurity was originally published in DeepTempo on Medium, where people are continuing the conversation by highlighting and responding to this story.
The post Anomaly Detection for Cybersecurity appeared first on Security Boulevard.
Why is Efficient Secret Governance Essential? Have you ever pondered the importance of strategic secret governance and what it means to your cybersecurity strategy? In the evolving landscape of threats and vulnerabilities, it’s essential to consider new facets of security, such as managing Non-Human Identities (NHIs) and secrets. NHIs are machine identities used in cybersecurity, […]
The post Gain Relief with Strategic Secret Governance appeared first on Entro.
The post Gain Relief with Strategic Secret Governance appeared first on Security Boulevard.
So, What’s the Deal with Recent API Security Innovations? As companies across the spectrum of industries including finance, healthcare, travel, and more intensify their adoption of digital technologies, there’s an undeniable need for robust security measures to protect their assets in the cloud. More than ever, Non-Human Identities (NHIs) and Secrets Security Management are emerging […]
The post Innovation in API Security: What’s New appeared first on Entro.
The post Innovation in API Security: What’s New appeared first on Security Boulevard.
Discover how robots.txt has evolved from basic crawler control to a sophisticated security instrument. Learn practical strategies for using this simple file to enhance your website's security posture and protect your brand in the age of AI.
The post Robots.txt: From Basic Crawler Control to AI-Powered Security Shield appeared first on Security Boulevard.
Authors/Presenters: Dylan Fox
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.
The post DEF CON 32 – XR for All: Accessibility and Privacy for Disabled Users appeared first on Security Boulevard.
Are You Adopting Cost-Effective Security Protocols? As a cybersecurity specialist, you might have often questioned how you could manage your security measures effectively without breaking your budget. When handling Non-Human Identities (NHIs) and Secrets Security Management, cost-effectiveness is a key aspect that cannot be overlooked. However, did you know that you can achieve budget-friendly security […]
The post Budget-Friendly Security Solutions That Work appeared first on Entro.
The post Budget-Friendly Security Solutions That Work appeared first on Security Boulevard.
