Fortinet and IBM have joined forces to provide a new training program that aims to bridge the skills gap in the cybersecurity industry. In an announcement made earlier today, Fortinet said that it would be integrating its Network Security Expert training and certification curriculum with IBM’s SkillsBuild, a digital platform for users to develop technology and professional skills, including

by Paul Ducklin US hard liquor giant Brown-Forman is the latest high-profile victim of ransomware criminals. Even if the company’s name doesn’t ring a bell, some of its products are well-known to spirits drinkers world-wide: Brown-Forman is a multi-billion dollar business that owns Jack Daniel’s whiskey, Finlandia vodka and other global brands. It’s a multi-billion

A New Jersey man has been charged with trying to hire a hitman on the dark net to kill a child with whom he exchanged sexually explicit images.  John Michael Musbach was arrested on Thursday for allegedly paying $20,000 in Bitcoin to have his then 14-year-old victim murdered. The 31-year-old Haddonfield resident was charged with one count

by Naked Security writer Read the latest articles: Tor and anonymous browsing – just how safe is it? Facial recognition – another setback for law enforcement Porn blast disrupts bail hearing of alleged Twitter hacker GandCrab ransomware hacker arrested in Belarus Watch the latest Naked Security Live videos: (Watch directly on YouTube if the video

Supermarket shoppers in the UK have been targeted by a phishing scam run via the social networking sites Facebook and Twitter.  Unscrupulous scammers ran sponsored adverts on the sites offering women who were born in October a free £1000 gift card to spend at Asda.  Victims who clicked on the advert’s link were led to a

The personal health information (PHI) of over 72,000 Walgreens customers has been exposed after looters broke into nearly 200 stores and stole prescriptions.  America’s second-largest pharmaceutical chain contacted impacted customers in July to disclose the data breach. Walgreens spokesperson Jim Cohn told the Philadelphia Inquirer that 180 Walgreens stores had been looted but declined to state which

The US government has made its largest ever seizure of cryptocurrency associated with terrorism after three alleged cyber-enabled terrorist financing campaigns were dismantled.  The global disruption of campaigns involving Hamas’s military wing, the Izz ad-Din al-Qassam Brigades, al-Qaeda and Islamic State of Iraq and the Levant (ISIS) was announced yesterday by the Department of Justice.  Each group was

Security researcher Kristin Paget, known in the cybersecurity industry as Hacker Princess, has won the (ISC)² Diversity Award. US resident Paget was among the 2020 Global Achievement Awards honorees named today by the world’s largest nonprofit association of certified cybersecurity professionals. The annual awards recognize and celebrate the most outstanding annual and lifetime achievements in the field of cybersecurity.  

by Paul Ducklin An article published on the open-to-allcomers blogging site Medium earlier this week has made for some scary headlines. Written as an independent research piece by an author going only by nusenu, the story is headlined: How Malicious Tor Relays are Exploiting Users in 2020 (Part I) [More than] 23% of the Tor

Virtually all security professionals believe that human error could put the security of cloud data at risk, according to new research published today. A survey commissioned by Tripwire and carried out last month by Dimensional Research found that 93% of security professionals were concerned that human error could result in the accidental exposure of their cloud data.  Despite their concern over

An Australian woman has been jailed for her part in the theft of XRP cryptocurrency worth nearly $400,000.  Kathryn Nguyen was arrested in October 2018 for pulling off a crypto-heist with an associate. The 25-year-old was one of the first people in Australia to be charged with the theft of cryptocurrency. The theft of 100,000

by Paul Ducklin So far this year, the use of facial recognition by law enforcement has been successfully challenged by courts and legislatures on both sides of the Atlantic. In the US, for example, Washington State Senate Bill 6280 appeared in January 2020, and proposed curbing the use of facial recognition in the state, though

A Portuguese computer whiz accused of leaking a series of confidential documents belonging to various soccer clubs has been released from custody. Rui Pinto has been moved to a safe house in Portugal after spending 18 months behind lock and key while he awaits his trial before a Portuguese court.  The 32-year-old was arrested in Hungary in March

by Naked Security writer Read the latest articles: Business Email Compromise – fighting back with machine learning Porn blast disrupts bail hearing of alleged Twitter hacker GandCrab ransomware hacker arrested in Belarus Servers at risk from “BootHole” bug – what you need to know Watch the latest Naked Security Live video: (Watch directly on YouTube

Illegal TV subscription services in the United States have grown into a billion-dollar industry, according to new research jointly released yesterday by Digital Citizens Alliance and NAGRA. The investigative report Money for Nothing reveals the existence of a sophisticated piracy ecosystem made up of thousands of retailers and wholesalers. This nefarious network steals from creators and circumvents legitimate TV operators

Britain’s National Trust has warned volunteers of a data breach linked to a cyber-attack on US cloud computing and software provider Blackbaud in May. The charity and membership organization for heritage conservation in England, Wales, and Northern Ireland has been contacting volunteers by email to notify them of the breach. National Trust data exposed as a result of the ransomware attack

The world’s largest online cybersecurity career development platform has released a second installment of free educational courses.  Cybrary made a clutch of courses free in July in a bid to support people who are considering a career in cybersecurity and those impacted professionally by the ongoing COVID-19 pandemic.  A Cybrary spokesperson said: “These free courses aim to

by Paul Ducklin If you’re interested in artificial intelligence (AI) and how it can be used in cybersecurity… …here’s a DEF CON presentation you’ll like, coming up this weekend! DEF CON is perhaps the ultimate “come one/come all” hackers’ convention, now in its 28th year, and it famously takes place in Las Vegas each year

Two California cybersecurity companies have joined forces to help protect healthcare networks from cyber-threats.  CynergisTek and Awake Security announced yesterday that they are pooling resources to develop an online threat assessment program that healthcare organizations can use to identify attacker activity.  Ben Denkers, CynergisTek SVP of security and privacy services, said the partnership was conceived after the outbreak of

by Paul Ducklin One of the alleged Twitter hackers faced a bail hearing in a Florida court yesterday. ICYMI, the Twitter hack we’re referring to involved the takeover of 45 prominent Twitter accounts, including those of Joe Biden, Elon Musk, Apple Computer, Barack Obama, Kim Kardashian and a laundry list of others with huge numbers

Ransomware can be better dealt with, if security teams have a better and clear view of suspect behavior on the network. Speaking to Infosecurity, Sophos chief product officer Dan Schiappa and principal research scientist Chester Wisniewski said a lot of issues can be dealt with if they detect how tools are being used in an unpredictable

Internet users have named Facebook as the online platform that poses the biggest security risk to their personal data.   A survey conducted by Australia’s Edith Cowan University found that 68% of respondents believed their data to be insecure on Facebook. Instagram and Twitter were viewed as risky by 65% and 57% of respondents, respectively. Social media was

The Federal Bureau of Investigation has issued a warning to online shoppers after a rise in the number of Americans not receiving items purchased on the internet.  In a statement published yesterday, the FBI said that an increasing number of victims are being directed to fraudulent websites via social media platforms and popular online search engines.  Complainants

Michigan’s largest healthcare provider has warned around 6,000 patients that their data may have been exposed following a cyber-attack. The cybersecurity incident is the second phishing-related data breach to befall Beaumont Health in recent months.  In April, the organization started notifying 112,211 individuals that some of their personal health information (PHI) had been exposed. The warning came after a data

Over four in 10 (42%) organizations take disciplinary action against employees who make cybersecurity errors, which puts them at greater risk of attack, according to a new study by CybSafe. In a survey of UK businesses, it was found that mistakes such as falling for simulated phishing scams are regularly punished. This includes naming and

Cloud breaches are likely to increase in “velocity and scale” due to a prevalence of poor cybersecurity practices in cloud configurations that are creating exposures. This is according to the most recent The State of DevSecOps report by Accurics, which assesses cloud configuration practices that lead to breaches. The study found that 93% of cloud deployments

Digital asset infrastructure company Copper Technologies has announced the appointment Jake Rogers as its new chief information security officer. Rogers has joined the London-based firm with immediate effect from Amnesty International, where he held the position of head of information security, responsible for the confidentiality and security of 70 offices and 3500 members of staff

Tanium has partnered with Google Cloud to integrate threat response and Chronicle’s security analytics platform. The partnership will unite the Tanium unified endpoint management and security platform with Google Cloud’s security analytics and zero-trust initiatives, which the companies claimed would better detect, investigate,and scope advanced persistent threats. Also, an integration between Tanium and Google Cloud’s BeyondCorp

The British Dental Association (BDA) has suffered a data breach causing fears that the bank account numbers of a number of UK dentists have been stolen. The BBC has reported that the professional association emailed its membership to warn them of the breach, telling them it is currently unsure what information has been accessed. The

Just under half of businesses have experienced at least one “business impacting cyber-attack” related to COVID-19 as of April 2020. According to research of 416 security and 425 business executives by Forrester Consulting and Tenable, 41% of respondents reported the statistic related to COVID-19, whilst 94% of executives say their firms have experienced a business-impacting