Human-centered cybersecurity (also known as ‘usable security’) involves the social, organizational, and technological influences on people’s understanding of and interactions with cybersecurity. By taking a human-centered cybersecurity (HCC) approach, we can both improve people’s cybersecurity experiences and achieve better cybersecurity outcomes, which is so important in today’s digitally interconnected world. At NIST, we understand the […]
Category Archives: Uncategorized
Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite significant investments in traditional security measures, many organizations continue to struggle with preventing these attacks. A new report, “Why Account Takeover Attacks Still Succeed, and Why the Browser is Your Secret Weapon in Stopping Them” […]
Go to Source Author: Jennifer Lawinski, Contributing Writer
The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection Regulation (GDPR) in the European Union (E.U.) by building an “illegal database with billions of photos of faces,” including those of Dutch citizens. “Facial recognition is a […]
A new malware campaign is spoofing Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign. The malvertising activity, observed in June 2024, is a departure from previously observed tactics wherein the malware has been propagated via traditional phishing emails, […]
DPRK’s innovative tack chains together previously unknown browser issues, then adds a rootkit to the mix to gain deep system access. Go to Source Author: Nate Nelson, Contributing Writer
The city filed for a restraining order, claiming the researcher was working in tandem with the ransomware attackers. Go to Source Author: Dark Reading Staff
The malware, first discovered two years ago, has returned in campaigns using SEO poisoning. Go to Source Author: Dark Reading Staff
The energy Kahuna said that operations were disrupted after an attack on its supporting business applications. Go to Source Author: Tara Seals, Managing Editor, News, Dark Reading
Attackers have added aggressive social engineering to their arsenal, along with a novel Windows-manipulating persistence mechanism that demands developer vigilance. Go to Source Author: Elizabeth Montalbano, Contributing Writer