Tag: jobs
-
FlexibleFerret malware targets the macOS via North Korea job campaign
First seen on scworld.com Jump to article: www.scworld.com/news/flexibleferret-malware-targets-the-macos-via-north-korea-job-campaign
-
MacOS Ferret operators add a deceptive bite to their malware family
The macOS Ferret family, variants of malware used by North Korean APTs for cyber espionage, has received a new member as samples of a detection-resistant variant, Flexible-Ferret, appear in the wild.The discovery of the samples was made by SentinelOne researchers who noted the variant’s capability to evade the recent XProtect signature update that Apple pushed…
-
Okta Lays Off 180 In Latest Round Of Cutbacks
Okta has disclosed a major round of layoffs for the third year in a row, with the announcement it will cut 3 percent of its staff. First seen on crn.com Jump to article: www.crn.com/news/security/2025/okta-lays-off-180-in-latest-round-of-cutbacks
-
It pays to know how your cybersecurity stacks up
Like all other business leaders, chief information security officers (CISOs) could find themselves on the unemployment line if something on their watch goes seriously sideways.But what if CISOs simply aren’t demonstrating enough business value?With companies cutting costs, proving cybersecurity programs are good for the business has become vital to protecting budgets and jobs. That’s why…
-
State-linked hackers deploy macOS malware in fake job interview campaign
Actors linked to North Korea bypassed Apple security using malware called FlexibleFerret. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/north-korean-hackers–fake-interview/739165/
-
Okta Carries Out Another Round of Layoffs, Axing 180 Workers
3rd Round of Layoffs in 3 Years Comes as Rival CyberArk Surpasses Okta’s Valuation. Okta will execute its third round of layoffs in three years, cutting 180 employees to reallocate resources toward priorities to drive growth. The San Francisco-based identity security giant on Tuesday shared plans to reduce its staff by 3% in what has…
-
North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS
The North Korean threat actors behind the Contagious Interview campaign have been observed delivering a collection of Apple macOS malware strains dubbed FERRET as part of a supposed job interview process.”Targets are typically asked to communicate with an interviewer through a link that throws an error message and a request to install or update some…
-
N. Korean ‘FlexibleFerret’ Malware Hits macOS with Fake Zoom, Job Scams
N. Korean ‘FlexibleFerret’ malware targets macOS with fake Zoom apps, job scams, and bug report comments, deceiving users… First seen on hackread.com Jump to article: hackread.com/north-korea-flexibleferret-malware-macos-fake-zoom-job-scams/
-
Cyber Insights 2025: The CISO Outlook
There has never been a single job description for the CISO the role depends upon each company, its maturity, its size and resources, and the risk tolerance of boards. The post Cyber Insights 2025: The CISO Outlook appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cyber-insights-2025-the-ciso-outlook/
-
Musk’s DOGE effort could spread malware, expose US systems to threat actors
Tags: access, ai, api, attack, authentication, ceo, cio, computer, computing, control, cyber, cybercrime, cybersecurity, data, defense, email, exploit, governance, government, hacking, infection, infosec, international, jobs, malicious, malware, network, office, privacy, ransomware, risk, service, technology, threat, toolOver the past 10 days, an astonishing series of actions by Elon Musk via his Department of Government Efficiency (DOGE) project has elevated the cybersecurity risk of some of the most sensitive computing systems in the US government. Musk and his team of young, inexperienced engineers, at least one of whom is not a US…
-
Meet Rule Architect: Your AI-Powered WAF Rule Expert – Impart Security
One of the most complex aspects of running a WAF is managing its security rules effectively. That’s where Rule Architect, our AI-powered WAF rule expert, comes in. With a distinct personality that combines deep security expertise with a dash of wit, Rule Architect takes the headache out of WAF rule management. Think of Rule Architect…
-
The cybersecurity outlook for 2025
Threat actors are exploiting known weak points and enterprises’ dependency across the tech stack. It’s;making;cybersecurity professionals’ jobs harder than ever before.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cyber-security-outlook/739015/
-
39% of IT leaders fear major incident due to excessive workloads
Enterprise security operations teams find themselves stretched thin and contending with an escalating cyber threat landscape today. Many are understaffed and underfunded, leaving CISOs on edge about the consequences for the enterprise, and their careers.A recent survey from Adaptavist about fallout from last summer’s CrowdStrike outage found that two out of five (39%) IT leaders…
-
Integrating onboarding and security awareness training for employees
Onboarding new employees into an organization is an exciting time, but it also presents security challenges. Ensuring that new hires understand cybersecurity risks from day one First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/integrating-onboarding-and-security-awareness-training-for-employees/
-
Cato Networks Hires Security Vet Karl Soderlund As New Channel Chief
Karl Soderlund, who formerly helmed the channel programs at Zscaler and Palo Alto Networks, has succeeded Frank Rauch as Cato Networks global channel chief. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cato-networks-hires-security-vet-karl-soderlund-as-new-channel-chief
-
CISOs are moving closer to the board, but budget hurdles remain
In recent years, CISOs have often felt that their board of directors did not take them seriously. This key issue for cybersecurity, however, is turning around, with 82% of CISOs now reporting directly to their CEOs, versus 47% in 2023, according to a survey by Splunk.Splunk’s report, which surveyed 500 CISOs, CSOs, and similar security officers,…
-
Want to be an effective cybersecurity leader? Learn to excel at change management
Tags: authentication, awareness, business, cio, ciso, cloud, compliance, corporate, cybersecurity, finance, fraud, group, guide, Hardware, identity, jobs, password, privacy, risk, risk-management, service, skills, software, strategy, technology, threat, vulnerability, zero-trustIf there’s one thing that’s inevitable in cybersecurity, it’s change. Ever-evolving technology requires new protections, threats seem to multiply and morph on a daily basis, and even the humblest pieces of software and hardware demand constant updating to stay secure.That work has been increasing as the importance, visibility, and impact of security initiatives have ramped…
-
5 ways boards can improve their cybersecurity governance
Tags: attack, breach, business, ciso, cloud, cyber, cybersecurity, data, election, endpoint, finance, gartner, governance, government, group, identity, incident, india, infrastructure, jobs, middle-east, network, ransomware, regulation, risk, skills, technology, threat, trainingAs chairman of the board for Cinturion Group, Richard Marshall is intimately involved in ensuring the security of the fiber optic network his company is constructing from India through the Middle East and on to Europe.The monumental Trans Europe Asia System (TEAS) will be difficult enough to build given it will be buried beneath thousands…
-
US takes aim at healthcare cybersecurity with proposed HIPAA changes
Tags: access, authentication, best-practice, breach, compliance, control, csf, cyber, cyberattack, cybersecurity, data, defense, detection, dora, encryption, finance, framework, government, group, healthcare, HIPAA, incident response, infrastructure, insurance, intelligence, jobs, law, malware, mfa, network, nist, penetration-testing, phishing, privacy, ransom, ransomware, regulation, resilience, risk, security-incident, service, skills, technology, threat, tool, update, usa, vulnerability, vulnerability-managementThe US Department of Health and Human Services (HHS) has launched a consultation on stricter rules for the safeguarding of electronic health records.The proposed revamp of security rules covered by the Health Insurance Portability and Accountability Act (HIPAA) is designed to address the increased risk from cyberattacks such as ransomware against healthcare environments.The revamped rules…
-
The cybersecurity skills gap reality: We need to face the challenge of emerging tech
The cybersecurity skills shortage remains a controversial topic. Research from ISC2 states that the current global workforce of cybersecurity professionals stands at 5.5 million, but the workforce currently needs 10.2 million, a gap of 4.8 million people.Skeptics (and there are lots of them) say hogwash! They claim that these numbers are purely self-serving for ISC2,…
-
U.S. Shuts Down Another N. Korean IT Worker Scam, Indicting 5
The DOJ, which has move aggressively over the past year to find and shut down North Korea’s numerous IT worker scams, indicts two U.S. citizens and three others for running a six-year operation the stole more than $866,000 from 10 U.S. companies that thought they were hiring legitimate IT pros. First seen on securityboulevard.com Jump…
-
Democrat members of US surveillance watchdog defy White House resignation request
Democratic members of an independent intelligence watchdog are still on the job as of Monday, despite an edict from the Trump administration to resign.]]> First seen on therecord.media Jump to article: therecord.media/democrat-pclob-members-defy-white-house-call-for-resignation
-
Cyber incident that closed British Museum was inside job
An IT incident that disrupted visitor access to the British Museum last week was the work of a disgruntled contractor who had been let go First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366618460/Cyber-incident-that-closed-British-Museum-was-inside-job
-
DOJ indicts 5 individuals in North Korea IT worker scam
An unsealed indictment revealed threat actors working for North Korea tricked at least 64 U.S. businesses into hiring fake IT workers for financial and propriety data gains. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366618500/DOJ-indicts-5-individuals-in-North-Korea-IT-worker-scam
-
CISOs’ top 12 cybersecurity priorities for 2025
Tags: access, ai, api, attack, authentication, automation, awareness, business, cio, ciso, cloud, compliance, control, corporate, cybersecurity, data, detection, framework, governance, identity, incident response, infrastructure, intelligence, jobs, mitigation, monitoring, mssp, oracle, penetration-testing, privacy, risk, risk-management, service, strategy, technology, threat, training, usa, zero-trustSecurity chief Andrew Obadiaru’s to-do list for the upcoming year will be familiar to CISOs everywhere: advance a zero-trust architecture in the organization; strengthen identity and access controls as part of that drive; increase monitoring of third-party risks; and expand the use of artificial intelligence in security operations.”Nothing is particularly new, maybe AI is newer,…
-
Cybersecurity needs women, and it needs to treat them better
Tags: cio, ciso, computer, cyber, cyberattack, cybersecurity, data-breach, group, healthcare, jobs, service, skills, technology, trainingThe participation of women in cybersecurity is vital, a non-negotiable proposition. Forget any current handwringing over diversity and equity; it’s fundamental that the contribution of women to the profession has made cybersecurity better.The proverbial door was kicked open long ago for women, who have made major contributions to the development of information security. But it’s…
-
Tool touted as ‘first AI software engineer’ is bad at its job, testers claim
Nailed just 15% of assigned tasks First seen on theregister.com Jump to article: www.theregister.com/2025/01/23/ai_developer_devin_poor_reviews/
-
FBI: North Korean IT workers steal source code to extort employers
The FBI warned today that North Korean IT workers are abusing their access to steal source code and extort U.S. companies that have been tricked into hiring them. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-north-korean-it-workers-steal-source-code-to-extort-employers/