admin

Alert: Apache Log4j vulnerability (CVE-2021-44228)

Executive Overview

On December 9^th, 2021, security researchers discovered a new critical Zero-Day vulnerability that impacts one of the most popular open-source Java logging libraries, Apache Log4j 2.  It is a critical vulnerability in the code of much utilised logging application.

 

The Common Vulnerabilities and Exposures (CVE) system has identified the Log4j vulnerability as CVE-2021-44228 and the NIST National Vulnerability Database (NVD) have assigned it a CVSS Score of 10.0 – Critical.

 

This vulnerability is such a critical risk due to the impact that it can have if leveraged by attackers. Details of the vulnerability can be found in the National Vulnerability Database (NVD) under the heading CVE-2021-44228. The confirmed affected versions of Log4j are 2.0-beta-9 through 2.14.1.

 

The exploit has been identified as a remote code execution (RCE) vulnerability in Apache Log4j 2 referred to as “Log4Shell”. The software, Log4j, is built on a popular coding language, Java, that has widespread use in other software and applications used worldwide. Log4j is estimated to be present in over 100 million instances globally.

 

The vulnerability is so critical as it enables unauthenticated Remote Code Execution (RCE) where an attacker can execute any code on a remote machine over LAN, WAN, or internet. The code is triggered when a string is provided by the attacker through a variety of different input vectors and is then processed by the Log4j 2 vulnerable element.

 

The NCSC is advising organisations to take steps to mitigate the Apache Log4j vulnerability.

An unauthenticated remote code execution vulnerability (CVE-2021-44228) affects Apache Log4j versions 2.0-beta9 to 2.14.1. The NCSC is aware that scanning and attempted exploitation is being detected globally, including the UK.

 

Proof-of-concept code has already been published for this vulnerability.

The NCSC has published further information explaining the Log4j vulnerability.

 

Details of the Vulnerability

Log4j is an open-source Java logging library developed by the Apache Foundation. It is widely used in many applications and is present in many services as a dependency. This includes enterprise applications, including custom applications developed within an organisation, as well as numerous cloud services.

 

An application is vulnerable if it consumes untrusted user input and passes this to a vulnerable version of the Log4j logging library.

 

 

Recommended priority actions

Install the latest updates immediately wherever Log4j is known to be used

This should be the first priority for all UK organisations using software that is known to include Log4j. All organizations should immediately patch all instances of Log4j to 2.16.0.

 

If one of your applications that you use is listed, please follow vendor advice on updating the software or applying mitigations. You should also keep refreshing the list in case a new product has been added.

If your specific product is not listed, you should try and determine if Log4j is present within your organisation.

 

There could be multiple copies of Log4j present and each copy will need to be updated or mitigated.

 

Deploy protective network monitoring/blocking

The following recommendations should be taken to improve network monitoring and blocking:

• Organisations using Web Application Firewalls (WAFs) should ensure rules are available to protect against this vulnerability.
• Organisations that understand normal outbound connections from their servers may wish to ensure they’re blocking unexpected outbound connections.

 

Actions Taken to Remediate

Feedzy

When it comes to securing networks in today’s business environment, the single biggest challenge firms must contend with is that of the insider threat.

While the term is typically associated with corporate espionage or perhaps disgruntled workers, this threat is mostly not caused by malicious actors.

The insider threat simply refers to the damage caused by individuals who are granted legitimate access to an organization’s digital infrastructure. Most commonly, the threat of insiders takes the form of unintentional data leaks by employees. Emails containing sensitive files, data transfers to the wrong department, the granting of access to unauthorized parties. All of these and many other slips can result in serious cases of data loss and exposure.

Indeed, it has long been recognized that the majority of data loss results from the actions of insiders. Notable cases of data exfiltration, often involving extremely sensitive information, has been attributed to negligent or inadvertent users.

These facts have serious implications for enterprise information security. The millions in assets and man-hours devoted to protecting the network from the outside could probably be put to better use improving employee interaction with their own data.

GTB’s Data Security That Workstm solutions takes a head-on approach to solving this most basic of data security challenges.

Better Awareness Equals Safer Data

With the belief that education is the most important aspect of security, the GTB platform is designed to build user awareness regarding the data they regularly interact with. The GTB Inspector is built to stop embarrassing or costly mistakes users make on a daily basis. With the GTB Inspector, an organization has the ability to notify/educate employees of a potential security breach or policy infraction with providing the ability to remediate. Powered by artificially intelligent algorithms, GTB technology uses a wide variety of methods to promote secure behavior and interaction with the network and company data. Business insight, contextual indicators, and behavioral analysis form the foundations of the protective protocols.

How it Works

When GTB’s platform identifies potentially compromising activity, it can take several automatic measures to prevent any data loss from taking place. Depending on the incident, IT can be immediately notified or the action being taken or transfer being attempted can be blocked.

GTB’s state-of-the-art technology takes on data security violations at their most common root. By raising awareness and educating the end user about cybersecurity and corporate policies, GTB solves the data loss challenge both affordably, and with the highest accuracy in the market today.

For more information about securing your sensitive data including from Remote users, go to www.gttb.com

Feedzy

Weak threat insight, SecOps competing priorities, and fear of making things worse are key reasons

By Chris Goettl, Director of Security Product Management, Ivanti

It isn’t glamorous. It won’t guarantee a company staff promotion or kudos, but patching is a critical risk prevention function in any environment. Unfortunately, it’s task organizations tend to push aside – until they’re hit with a multi-million-dollar breakdown. Ponemon recently found that 60% of security breach victims say they became breached due to an unpatched known vulnerability. So why, with so much risk in the balance, do many systems remain unpatched? Like many underperforming environments, the answer has many facets: practical, emotional, and operational:

Practical: In the remote working, a threat-rich world that security and operations teams work in, patching often takes a back seat to other threat deterrence tasks like adding in new security access protocols or recovering offboarded assets. Operations also have many competing priorities, not the least of which is strategically mapping out new policies and procedures to better manage an expanded remote workforce and working with the C-suite on desired business outcomes going forward.

Emotional: The inherent fear is that patching updates might cause workflow disruption at a time when organizations are already dealing with the wholesale transition to a more remote/hybrid work environment. Security or operations personnel do not want to be the cause of a miscue – thus, in some instances fear paralysis takes over.

Operational: Knowing which vulnerabilities pose the most threat so patching can be correctly prioritized is a major factor in patching being successful. Many organizations struggle to manage the variety of applications in their environments, the inconsistent frequency of release from most vendors, and the sheer volume of change that can cause operational impacts to users.

Patch Smarter and Faster

Remote working has exacerbated concerns about patching as security and operations teams are facing the fact that remote desktops can be rife with vulnerabilities and reside outside secure network perimeters. SecOps visibility into remote workers’ devices previously was not as much a priority. The new world environment of more devices being used remotely, devices that may not meet on-prem security standards, has opened the door to an increased attack surface, one with considerable gaps in effective patching.

How do organizations move past these barriers to make patching a smoothly running part of SecOps and not another sticky subject during team meetings? Patching technologies have existed for years, yet companies still struggle with vulnerability remediation. It is not so much a technology challenge that companies face, but a challenge of process, politics, and operational impact. There are practices and systems that can be put into place to minimize SecOps concerns about workflow impact and most importantly, fine tune patching to target high-risk threats. Patching processes can also be improved so patching is no longer a time-consuming operational headache. Achieving this will go a long way to breaking down barriers. Strategy improvements include:

Patch Reliability. No administrator responsible for patching can ever completely test the effect of updates on their environment. Typically, teams try to validate impact through test systems and user pilot groups – delaying updates to the point of escalating a threat. Advancements in patch performance intelligence can cut through these delays and accelerate patching based on crowdsourced telemetry of patch performance along with social sentiment gathered from popular social media outlets. This richer repository of data enables SecOps to make quicker decisions on where to focus testing efforts to maximize efficiency and avoid operational impacts.

Risk-Based Prioritization. Many organizations prioritize remediation efforts based on vendor severity. This approach leaves many open to high-risk vulnerabilities that are actively being exploited – vulnerabilities the vendor may have only flagged as important. Expanding the knowledge base here is critical. Obtaining additional metrics of ‘known exploited’ vulnerabilities will give SecOps more data with which to prioritize patching based on real world risks to the organization.

Automated Vulnerability Remediation. Transferring greater knowledge and prioritization into action – and mindful of SecOps time management – means employing a higher degree of automation. The only way to effectively patch and secure remote devices working in the cloud with any degree of efficiency is to bring more automation into the process. Automation can take metrics gained through machine learning and proactively detect, diagnose, and auto-remediate configuration drift, performance, and security vulnerabilities before they reach the threat stage.

Patch Compliance. Service level agreements (SLAs) are important from an operational perspective, but in the world of vulnerability remediation they are absolutely critical. Organizations struggle to stay ahead of threat actors and need to track exposure of vulnerabilities more accurately to ensure they are reducing their window of risk. Getting a more accurate patch-level perspective which maps to the CVEs (common vulnerabilities and exposures) on how long the organization has been exposed, and what assets are outside of SLAs, is critical to reduce overall risk.

Cross-Functional Conversations. SecOps is a useful phrase but in reality, the teams do start with different mindsets when addressing data and risk issues. The common ground from which they can work together to minimize threats is better, objective information on risk of vulnerabilities. That is why machine learning collection of threat patterns – data that can be shared – is an important part of improved patching. Better data will lead to more informed decisions on patch prioritization, giving both teams more confidence that the highest-risk threats are being acted upon first.

Erasing the Barriers

Getting rid of the practical, emotional, and operational barriers to improved patching can be done. Employing automated vulnerability remediation eliminates the constant struggle of teams’ competing time and priorities. Through machine learning intelligence gathering of known exploits and crowdsourced telemetry, SecOps will no longer fear the results of patching. They are proceeding with greater reliability due to more extensive knowledge. This improved patch reliability data delivers actionable intelligence automatically, so teams can act on threats faster and reduce time to patch, lowering operational impact.

About the Author

Chris Goettl is the Director of Product Management for security products at Ivanti. Chris has over 15 years of experience working in IT, where he supports and implements security solutions for Ivanti customers and guides the security strategy and vision for Ivanti.

Feedzy

The Best Cybersecurity Book of all Time: Analogue Network Security by Winn Schwartau

For many centuries, books have been one of the central forms of entertainment for humankind. Readers around the world invest countless hours escaping into new and unique worlds, losing themselves in the words and pages of books from various genres. While all books affect readers in different ways, history has shown that some books have a way of reaching and impacting large groups of people so that they are forever changed. These books can share knowledge, inspiration, and discoveries in various fields. They teach, influence, and alter the way we think. Sometimes these books are so important and enlightening that they help the world and its people evolve. The following books have done just that. By educating and informing readers in the areas of technology, creating new standards in the cyber world, these are top 100 out there.

1. Permanent Record by Edward Snowden
2. Countdown to Zero Day Stuxnet and the Launch of the World’s First Digital Weapon by Kim Zett
3. Dark Territory The Secret History of Cyber War by Fred Kaplan.
4. Comptia Security+ Get Certified Get Ahead Sy0-501 Study Guide by Darril Gibson
5. The Art of Invisibility. The World’s Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data by Kevin Mitnick.
6. Ghost in the Wires. My Adventures as the World’s Most Wanted Hacker by Kevin Mitnick, Steve Wozniak, William L. Simon.
7. The Cuckoo’s Egg by Clifford Stoll.
8. Snow Crash by Neal Stephenson.
9. Sandworm. A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers by Andy Greenberg
10. Hacking The Art of Exploitation by Jon Erickson
11. Kingpin. How One Hacker Took Over the Billion-Dollar Cybercrime Underground by Kevin Poulsen
12. Future Crimes Everything Is Connected, Everyone Is Vulnerable, and What We Can Do About It by Marc Goodman
13. The Code Book. The Science of Secrecy from Ancient Egypt to Quantum Cryptography by Simon Singh
14. Spam Nation. The Inside Story of Organized Cybercrime-From Global Epidemic to Your Front Door by Brian Krebs.
15. Cyberwar. The Next Threat to National Security & What to Do About It by Richard A. Clarke, Robert Knake.
16. Practical Malware Analysis. The Hands-On Guide to Dissecting Malicious Software by Michael Sikorski
17. The Perfect Weapon. War, Sabotage, and Fear in the Cyber Age by David E. Sanger.
18. Cybersecurity and Cyberwar. What Everyone Needs to Know by P.W. Singer and Allan Friedman.
19. Data and Goliath. The Hidden Battles to Collect Your Data and Control Your World by Bruce Schneier.
20. The Art of Deception. Controlling the Human Element of Security by Kevin D. Mitnick.
21. American Kingpin. The Epic Hunt for the Criminal Mastermind Behind the Silk Road by Nick Bilton.
22. Cryptonomicon by Neal Stephenson.
23. Red Team Field Manual (RTFM) by Ben Clark.
24. The Web Application Hacker’s Handbook Finding and Exploiting Security Flaws by Dafydd Stuttard.
25. Social Engineering. The Science of Human Hacking by Hadnagy
26. The Art of Intrusion. The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers by Kevin D. Mitnick, William L. Simon.
27. Tribe of Hackers. Cybersecurity Advice from the Best Hackers in the World by Marcus J Carey, Jennifer Jin.
28. 28. The Hacker Playbook 2. Practical Guide To Penetration Testing by Peter Kim.
29. The Phoenix Project. A Novel About IT, DevOps, and Helping Your Business Win by Gene Kim, Kevin Behr, George Spafford.
30. No Place to Hide. Edward Snowden, the NSA, and the U.S. Surveillance State by Glenn Greenwald
31. The Innovators. How a Group of Hackers, Geniuses and Geeks Created the Digital Revolution by Walter Isaacson.
32. We Are Anonymous. Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency by Parmy Olson.
33. Security Engineering. A Guide to Building Dependable Distributed Systems 2ed by Ross J. Anderson.
34. The Hacker Playbook 3. Practical Guide to Penetration Testing by Peter Kim.
35. Secrets and Lies. Digital Security in a Networked World by Bruce Schneier.
36. 36. Black Hat Python. Python Programming for Hackers and Pentesters by Justin Seitz.
37. Click Here to Kill Everybody. Security and Survival in a Hyper-connected World by Bruce Schneier.
38. Applied Cryptography. Protocols, Algorithms, and Source Code in C by Bruce Schneier.
39. Mindf*ck. Cambridge Analytica and the Plot to Break America by Christopher Wylie.
40. The Age of Surveillance Capitalism. The Fight for a Human Future at the New Frontier of Power by Shoshana Zuboff
41. Open Source Intelligence Techniques. Resources for Searching and Analyzing Online Information by Michael Bazzell.
42. Penetration Testing. A Hands-On Introduction to Hacking by Georgia Weidman.
43. The First Digital World War by Mark Bowden.
44. Cracking the Coding Interview. 189 Programming Questions and Solutions by Gayle Laakmann McDowell.
45. Lights Out: A Cyberattack: A Nation Unprepared. Surviving the Aftermath by Ted Koppel.
46. Hackers. Heroes of the Computer Revolution by Steven Levy.
47. Blue Team Field Manual (BTFM) by Alan J White
48. Nmap Network Scanning. The Official Nmap Project Guide to Network Discovery and Security Scanning by Gordon Fyodor Lyon.
49. The Hacker Playbook. Practical Guide To Penetration Testing by Peter Ki.
50. @War. The Rise of the Military-Internet Complex by Shane Harris.
51. Malware Analyst’s Cookbook and DVD. Tools and Techniques for Fighting Malicious Code by Michael Ligh, Steven Adair, Blake Hartstein, and Matthew Richard
52. Metasploit. The Penetration Tester’s Guide by David Kennedy, Jim O’Gorman, Devon Kearns, Mati Aharoni
53. Threat Modeling Designing for Security by Adam Shostac
54. Crypto. How the Code Rebels Beat the Government-Saving Privacy in the Digital Age by Steven Levy.
55. Automate the Boring Stuff with Python. Practical Programming for Total Beginners by Al Sweigart.
56. Gray Hat Hacking. The Ethical Hacker’s Handbook by Allen Harper, Daniel Regalado, et al.
57. Python Crash Course, 2nd Edition. A Hands-On, Project-Based Introduction to Programming by Eric Matthes.
58. Hacker, Hoaxer, Whistleblower, Spy. The Many Faces of Anonymous by Gabriella Coleman.
59. The Ultimate Unofficial Encyclopedia for Minecrafters. An A – Z Book of Tips and Tricks the Official Guides Don’t Teach You by Megan Miller.
60. The Industries of the Future by Alec Ross.
61. The Basics of Hacking and Penetration Testing. Ethical Hacking and Penetration Testing Made Easy by Patrick Engebretson.
62. Cybersecurity: The Beginner’s Guide. A comprehensive guide to getting started in cybersecurity by Dr. Erdal Ozkaya.
63. Cryptography Engineering. Design Principles and Practical Applications by Niels Ferguson, Bruce Schneier, et al.
64. Windows Internals, Part 1 User Mode by Pavel Yosifovich, Mark E. Russinovich, et al.
65. Comptia Network+ Certification All-In-One Exam Guide, Seventh Edition (Exam N10-007) by Mike Meyers.
66. The Practice of Network Security Monitoring. Understanding Incident Detection and Response by Richard Bejtlich.
67. Wtf Is My Password. Password Book, Password Log Book and Internet Password Organizer, Alphabetical Password Book, Logbook to Protect Usernames and Passwords, Password Notebook, Password Book Small 6 X 9 by Booki Nova.
68. Minecraft. Guide to Creation by Mojang Ab.
69. The Hacked World Order. How Nations Fight, Trade, Maneuver, and Manipulate in the Digital Age by Adam Segal.
70. This Machine Kills Secrets. How WikiLeakers, Cypherpunks, and Hacktivists Aim to Free the World’s Information by Andy Greenberg.
71. The Art of Memory Forensics. Detecting Malware and Threats in Windows, Linux, and Mac Memory by Michael Hale Ligh, Andrew Case, Jamie Levy, AAron Walters.
72. The IDA Pro Book. The Unofficial Guide to the World’s Most Popular Disassembler by Chris Eagle 74.
73. The Fifth Domain. Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats by Richard A. Clarke, Robert K. Knake.
74. Blue Team Handbook: Incident Response Edition. A condensed field guide for the Cyber Security Incident Responder. By Don Murdoch GSE.
75. The Cybersecurity Dilemma. Network Intrusions, Trust, and Fear in the International System by Ben Buchanan.
76. The Hardware Hacker. Adventures in Making and Breaking Hardware by Andrew Bunnie Huang.
77. The Dark Net. Inside the Digital Underworld by Jamie Bartlett.
78. Violent Python. A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers by TJ O’Connor.
79. Cybersecurity Essentials by Charles J. Brooks, Christopher Grow, et al.
80. Dark Mirror. Edward Snowden and the American Surveillance State by Barton Gellman
81. CISSP All-in-One Exam Guide by Shon Harris
82. Minecraft: Guide Collection. Exploration; Creative; Redstone; The Nether & the End by Mojang Ab
83. How to Measure Anything in Cybersecurity Risk by Douglas W. Hubbard, Richard Seiersen, Daniel E. Geer Jr., Stuart McClure.
84. Password book: A Premium Journal and Logbook to Protect Usernames and Passwords Modern Password Keeper, Vault, Notebook and Online Organizer with … Calligraphy and Hand Lettering Design) by Lettering Design Co.
85. Hacked Again by Scott N. Schober
86. The Shellcoder’s Handbook. Discovering and Exploiting Security Holes by Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte
87. Cybersecurity for Beginners by Raef Meeuwisse
88. Cryptography Apocalypse. Preparing for the Day When Quantum Computing Breaks Today’s Crypto by Roger A. Grimes
89. Extreme Privacy. What It Takes to Disappear in America by Michael Bazzell
90. Gray Day. My Undercover Mission to Expose America’s First Cyber Spy by Eric O’Neill
91. Minecraft. Guide to the Nether & the End by Mojang Ab
92. Minecraft. Guide to Redstone by Mojang Ab
93. McMafia. A Journey Through the Global Criminal Underworld by Misha Glenny
94. CCNA 200-301 Official Cert Guide, Volume 1 by Wendell Odom
95. (isc)2 Cissp Certified Information Systems Security Professional Official Study Guide, 8e & Cissp Official (Isc)2 Practice Tests, 2e by Mike Chapple
96. Secrets of Reverse Engineering by Eldad Eilam
97. Linux Basics for Hackers. Getting Started with Networking, Scripting, and Security in Kali by OccupyTheWeb
98. Confront and Conceal. Obama’s Secret Wars and Surprising Use of American Power by David E. Sange
99. (isc)2 Cissp Certified Information Systems Security Professional Official Study Guide by Mike Chapple.
100. Cryptoconomy by Gary Miliefsky.

Feedzy

With millions of websites and downloadable files available on the internet, potential risks of security breach are high, especially with the fast development in technology. In this article, we will list top 100 cybersecurity news sites so you can stay updated and on the lookout.

1. Infosecurity-magazine

Website: https://www.infosecurity-magazine.com/

InfoSecurity Magazine tackles all that relates to big data, encryption, cybercrime and so much more. They also hold weekly podcasts in which they several other topics.

2. Cyber Defense Magazine

Website: https://www.cyberdefensemagazine.com/

The website is home to the most prominent writers in the field of Cybersecurity and IT. Their aim is to share knowledge with the world and keep people safe from malwares, data breaches and so much more.

3. Security Week

Website: https://www.securityweek.com/

First on our top 100 cybersecurity news sites is SecurityWeek.com. It is a website moderated by a team of IT security experts. They constantly provide their readers with the latest news about Cybersecurity.

4. The Hacker News

Website: https://thehackernews.com/

The hacker new is one of the post popular and most trusted cybersecurity news website on the internet. It has received national recognition and several awards.

5. Cyber Security Magazine

Website: https://www.cybersecuritymagazine.com

The website focuses on news regarding cybersecurity news for consumers with a series of informative articles.

6. E-Hacking News.

Website: https://www.ehackingnews.com/

E-Hacking news’ top topics are Malware, Mobile Security and Data Breach. If you want to keep yourself safe, we highly recommend that you pay the website a visit whenever you can.

7. We Live Security

Website: https://www.welivesecurity.com/

If you are looking for the latest news about privacy, cybersecurity and keep yourself away from scams, WeLiveSecurity will keep you safe and updated.

8. Comodo News.

Website: https://blog.comodo.com/

If you are just beginning to enter the wide field of security, Comodo News simplifies matters as much as possible for its readers and at the same time provide all the information you will need.

9. Help Net Security

Website: https://www.helpnetsecurity.com/

This website is focused on cybersecurity business news and the security of your enterprise.

10. CSO

Website: https://www.csoonline.com/news/

Available in 5 regions including USA, UK and India, CSO offers its readers news about data protection and the continuity of business. The articles posted here contain enough tips to keep your information safe.

11. Dark Reading.

Website: https://www.darkreading.com/

There is no doubt that the Dark Reading is one of the most popular cyber security websites. A trusted source with thousands of readers every day led by security specialists, researchers and chief information security officers.

12. The Security Ledger

Website: https://securityledger.com/

Although they post less frequently, The security ledger is amongst the top 100 cybersecurity news websites that is worth visiting.

13. SCmagazine

Website: https://www.scmagazine.com/

With 30 years of experience, SC Magazine share everything related to cybersecurity industry through a team of experts and specialists.

14. Information Security Buzz

Website: https://informationsecuritybuzz.com/

ISBuzz News’ team will offer you guidance and opinions about everything related to cyber security alongside with the latest news

15. GBHackers On Security

Website: https://gbhackers.com/

Everyday there is a news story on GBHackers that covers cybersecurity in all its aspects.

in all its aspects.

16. Techworm

Website: https://www.techworm.net/

Your privacy is their goal. Techworm specialists are obsessed with cybersecurity. They will bring you news from all over the world to reach on your comfortable couch.

17. Bank Info Security

Website: https://www.bankinfosecurity.com/news

If you are on the hunt for cybersecurity Business news websites, you will not find better than BIS. They specialize in covering risk management and information security.

18. HackRead

Website: https://www.hackread.com/

For cybersecurity consumer news websites, you will find that Hack Read answers all your questions through a wide array of informative articles.

19. The CyberWire

Website: https://thecyberwire.com/

Cyber Wire is an independent website that managed to become one of the top cybersecurity news providers on the internet. They deliver information in the simplest way possible for you to fully understand.

20. Cybers Guards

Website: https://cybersguards.com/

If you are interested in Cybersecurity, chances are you have already heard of Cyber Guard. If not, then there is no better time to read more about cyber attacks and how to keep your data safe.

21. IT Security Guru

Website: https://www.itsecurityguru.org/

This website will keep you posted regarding the latest cybersecurity and IT news.

22. Infosecurity

Website: https://www.infosecurity-magazine.com/

With ten years of experience, this website have award winning cybersecurity and IT specialists who write articles of the latest news in their field of work.

23. CyberNoticeBoard

Website: https://www.cybernoticeboard.com/

Through reading the news on Cyber Notice Board, you will be able to keep your cyberspace secure from any malicious attacks and stay updated on what is new.

24. Internet Storm Center

Website: https://isc.sans.edu/

ISC started fighting cyber-attacks since 2001 with the help of international forces of the same interest. They post new articles as well as podcasts on daily basis.

25. Virtualattacks

Website: https://virtualattacks.com/

Get yourself acquainted with future cybersecurity trend before they even occur. Virtual Attacks give in-depth cybersecurity news and what should be done to prevent such attacks.

26. K12

Website: https://k12cybersecure.com/

The K-12 Cybersecurity Resource Center if focused on cybersecurity research as well as daily news. It is the most information packed website on our top 100 cybersecurity news websites

27. Binary Blogger

Website: https://binaryblogger.com/

This website offers news in the form of articles, podcasts and through social media. Cybersecurity is their strongest field and through using their materials, you will keep your data safe.

28. Binary Defense

Website: https://www.binarydefense.com/

The news section of Binary Defense is packed with useful information to keep yourself safe from Cyber-attacks.

29. Gov Info Security

Website: https://www.govinfosecurity.com/

GIS is amongst the best cybersecurity Government news and one that is worth checking on daily basis. Cybercrime amongst others, is a strong subject in which they specialize.

30. Hacker News Bulletin

Website: http://www.hackersnewsbulletin.com/

The specialists in this website will give you all the news and tip you need to keep yourself updated and secure from malicious cyber-attacks.

31. Cyber Safe

Website: https://www.cybersafe.news/

Cyber Safe is amongst the most well informed website in cybersecurity news. They bring hot topics to the table before they are posted anywhere else.

32. Search Security.

Website: https://searchsecurity.techtarget.com/

Search Security is an award winning website that covers everything related to cyber security and safety. They post more than 3 times a day and provide tips on how to keep your data secure.

33. Naked Security

Website: https://nakedsecurity.sophos.com/

If it is advice, opinion or tips regarding cyber security, Naked Security will provide you with that and much more.

34. Security Gladiators

Website: https://securitygladiators.com/internet-security-news/

With internet security as their field of expertise, Security Gladiators is leading provider of cybersecurity consumer news about technology, streaming and gaming.

35. Daniel Miessler

Website: https://danielmiessler.com/

It may sound too much for a one man, but Daniel Miessler is a professional and can be considered a force when it comes to Cybersecurity. He writes news and guide that you will find very useful.

36. Adam Shostack & Friends

Website: https://adam.shostack.org/

At first glance, it may not look like a perfectly designed website, but it contains huge loads of information and news about cybersecurity.

37. Tripwire’s State of Security.

Website: https://www.tripwire.com/state-of-security/

The website welcomes posts and news from the most prominent professionals in cybersecurity field. It won several awards for the work they provide.

38. The Last Watchdog

Website: https://www.lastwatchdog.com/

The website is founded by the Pulitzer winning writer Byron V. Acohido. An expert in cyber security and privacy.

39. Threat Post

Website: https://threatpost.com/

The website dives deeper into every aspect of cybersecurity and thus providing the readers with both articles and podcasts.

40. Tao Security.

Website: https://taosecurity.blogspot.com/

Although it is a simple blog, Richard Bejtlich makes sure to keep his reader updated regarding the latest cybersecurity news.

41. The Akamai Blog

Website: https://blogs.akamai.com/

You can consider Akamai as an open forum to discuss cybersecurity news and at the same time a website from which you will be able to get the most recent news.

42. Bleeping Computer

Website: https://www.bleepingcomputer.com/news/security/

The news section of bleeping computer has all that you need to keep yourself educated about cybersecurity.

43. Schneier

Website: https://www.schneier.com/

This is one of the most celebrated cybersecurity managed by the world-renowned cybersecurity technologist Bruce Schneier.

44. Graham Culely.

Website: https://grahamcluley.com/about-this-site/

Since 2009, Graham has been an avid cybersecurity professional and have now put all his experience in his blog in which he shares news and tips constantly

45. Krebs On Security

Website: https://krebsonsecurity.com/

Kerbs a cybersecurity writer and reported, he brings to light news and information about the industry.

46. Cyware

Website: https://cyware.com/cyber-security-news-articles

The security section of Cyware is constantly updated with the latest news on cybersecurity.

47. Dan Kaminsky

Website: https://dankaminsky.com/

Dan’s blog covers everything related to security. He is a leading expert in cybersecurity who shares his experience on the web.

48. Hacking Articles

Website: https://www.hackingarticles.in/

Hacking articles contain all information you need about cybersecurity. Each day, more content is added.

49. Security Bloggers Network

Website: https://www.infosecinstitute.com/

This is a collection of more than 250 websites and blog about cybersecurity.

50. Liquid Matrix.

Website: https://www.liquidmatrix.org/blog/

A blog full of long articles about cybersecurity with in-depth details.

51. Troy Hunt.

Website: https://www.troyhunt.com/

You have probably heard of the name, but if have not; Troy is security expert who dedicated his time to share his experience with readers.

52. Marco Ramilli

Website: https://marcoramilli.com/

Marco Ramilli’s Blog is an outstanding source of information and news about cybersecurity in all aspects.

53. Zero Day.

Website: https://www.zdnet.com/blog/security/

Zero Day is known for being fast with delivering the most recent cybersecurity news to the readers.

54. Notice Bored

Website: https://blog.noticebored.com/

Gary Hinson posts the most recent news and topics about cybersecurity every day

55. SecurityTrails

Website: https://securitytrails.com/

ST provide weekly posts and news, you can consider it as a summary of what happens every week in cybersecurity.

56. PerezBox

Website: https://perezbox.com/

With more than 16 years of experience, Tony know the industry very well and helps his readers stay updated through sharing articles and blogs.

57. Cytelligence

Website: https://cytelligence.com/

Daniel Tobok have managed to help several companies secure their data and information and now he is sharing his experience with readers and bringing them news.

58. Talos

Website: https://blog.talosintelligence.com/

The team at Talos care most about making people’s data safe from malicious attacks, they share cybersecurity news as well as podcasts.

59. Security Affairs

Website: https://securityaffairs.co/

Considered as Europe’s best personal security blog, news and information related to cybersecurity is shared daily.

60. FSecure.

Website: https://blog.f-secure.com/

This blog contain a huge amount of information and news about cybersecurity and mobile security in particular.

61. Hacker Combat.

Website: https://hackercombat.com/

Hacker Combat has one of the most educated community about cybersecurity; they share news and information around the clock.

62. FireEye

Website: https://www.fireeye.com/

On this blog, you will find both cybersecurity business news and consumer news as well as tips to keep your data safe.

63. Andrew Hay

Website: https://www.andrewhay.ca/

Having worked at OpenDNS, DataGravity, and CloudPassage, Andrew is quite the expert in cybersecurity and he shares news about the industry.

64. Flying Penguin

Website: https://www.flyingpenguin.com/

A team of the most remarkable cybersecurity experts post news on the website every day.

65. Security Weekly.

Website: https://securityweekly.com/

On Security Weekly, you can read news articles, listen to radio and watch podcasts related to cybersecurity.

66. Arstechnica

Website: https://arstechnica.com/

The security section of Arstechnica reports the most recent news related to cybersecurity in all its aspects.

67. Veracode

Website: https://www.veracode.com/blog

Focused on mobile security and hacking, the experts at Veracode know exactly what to report to their readers.

68. CIO Security.

Website: https://www.cio.com/

The security section on CIO security posts the most recent news and research in the cybersecurity industry.

69. SANS.

Website: https://www.sans.org/security-awareness-training

If you are looking for more than cybersecurity news, SANS will also provide you with training. Their news are reliable and trusted.

70. The Guardian ISH

Website: https://www.theguardian.com/media-network/information-security

The information section hub of the guardian is packed with news and content is added everyday.

71. Ycombinator

Website: https://news.ycombinator.com/

It may not be a flashy website, but ycombinator’s news section perfectly reports fresh cybersecurity news.

72. Homeland Security News Wire

Website: http://www.homelandsecuritynewswire.com/topics/cybersecurity

The cybersecurity section on HSNW is one of the best sources of news related to that particular industry.

73. Inside Cybersecurity

Website: https://insidecybersecurity.com/

This is oriented for business people as it brings them cybersecurity business news and keep the professionals up to date.

74. Secure List

Website: https://securelist.com/

There is no one to provide news than an expert and Secure List is directly funded by Kaspersky Lab, making it one of the most reliable sources of cybersecurity news.

75. BSSI2

Website: https://www.bssi2.com/blog/

The writers at BSSI2 are expert IT professionals who post informative articles and news.

76. Microsoft Malware Protection

Website: https://www.microsoft.com/security/blog/product/windows/

If you would like to receive news and alerts related to cybersecurity, MMP is a very good way to do that.

77. Cyber Ark.

Website: https://www.cyberark.com/blog/

Like many websites in this top 100 cybersecurity news websites, Cyber Ark’s goal is to help you keep your self safe form malicious attacks.

78. Vipre

Website: https://www.vipre.com/blog/

If you are looking forward to be informed about advanced cyber threats, Vipre is the one website you should follow.

79. CNET

Website: https://www.cnet.com/topics/security/

The security section of CNET offers the readers all they need to know about cybersecurity by providing news and articles.

80. CERIAS

Website: https://www.cerias.purdue.edu/site/news

Alongside with cybersecurity news, CERIAS provides its visitors with tools and learning resources to battle against cybersecurity.

81. Electronic Frontier Foundation

Website: https://www.eff.org/deeplinks

EFF is all about cybersecurity consumer news. They specialize in securing civil liberties online. They will keep you updated with the recent developments.

82. Knowb4

Website: https://blog.knowbe4.com/

You will be kept updated about the most recent cybercrime methods and techniques and how to prevent them from happening to you.

83. TechNews.

Website: https://www.technewsworld.com/

From hacking to privacy, you will find news about anything related to cybersecurity.

84. Architect Security.

Website: https://architectsecurity.org/

April C. Wright both publishes news and teaches people to stay safe again cybercrime. She writes about personal privacy, hackers, risk management and more.

85. AFCEA

Website: https://www.afcea.org/

AFCEA provide its visitors with news in the global security and intelligence sectors.

86. PCmag.

Website: https://me.pcmag.com/en/

PC mag’s security section provides the most valuable information and the most recent news to its readers.

87. Computer World

Website: https://www.computerworld.com

It is one of the leading websites in the IT and Computer business, they do not however, neglect cybersecurity news.

88. The Register.

Website: https://www.theregister.com/

If you are a professional, this is your go to website for cybersecurity and IT news.

89. Digital Guardian

Website: https://digitalguardian.com/blog

There are many articles on cybersecurity available on the website already, and each day, they add more news for their readers.

90. Peerlyst.

Website: https://www.peerlyst.com/

Peerlyst is trusted by professionals, businesspersons and individuals who have interest in cybersecurity.

91. Global Sign

Website: https://www.globalsign.com/en/blog

The blog section in on Global Sign is home to several articles about cybersecurity. News are added on daily basis.

92. Security Boulevard

Website: https://securityboulevard.com/

With over 320 member blogs, security boulevard has become home to cybersecurity experts and people interested in the subject.

93. IT Pro Portal

Website: https://www.itproportal.com/

This website has more to offer than news of cybersecurity. It also provides the readers with reviews and several features about the subject.

94. Stay Safe Online.

Website: https://staysafeonline.org/

Stay Safe Online is directly powered by the NCSA and is therefore known for providing the most accurate and fresh news about everything related to cybersecurity.

95. Mashable Cybersecurity.

Website: https://me.mashable.com/cybersecurity

You have probably heard of Mashable, but id you know they have a cybersecurity section? Now you do, and in it, you will find the most recent news.

96. Hot For Security.

Website: https://hotforsecurity.bitdefender.com/

Powered by Bitdefener, Hot for security is quickly claiming its spot in the top cybersecurity news websites.

97. TechCrunch Security.

Website: https://techcrunch.com/tag/security/

Tech Crunch needs no introduction. Although they do not post frequently, their security section is one of the most reliable on this list

98. Malware Bytes

Website: https://blog.malwarebytes.com/

Being the leader is safety and cybersecurity, Malware Bytes Lab provides its readers with unlimited amount of information and news.

99. Symantec Blog

Website: https://symantec-enterprise-blogs.security.com/blogs/

Symantec Company is specialized in providing assisting cybersecurity services for individuals, companies and even governments. Their blog s news-packed.

100. McAfee Security

Website: https://www.mcafee.com/blogs/

There is no doubt you have heard of the name, but have you checked the blog? You will find the latest news and a variety of informative articles.

Feedzy

Google revealed that Gmail users from the United States are the most targeted by email-based phishing and malware.

A joint five-month study conducted by Google with Stanford University researchers analyzed over 1.2 billion email-based phishing and malware attacks against Gmail users to determine what are factors influence the risk of attack.

Experts discovered that malicious campaigns are typically short-lived and indiscriminately target users worldwide.

“However, by modeling the distribution of targeted users, we find that a person’s demographics, location, email usage patterns, and security posture all significantly influence the likelihood of attack.” reads the study published by Google. “During our measurement window, we find that attackers targeted, on average, 17.0 million users every week with hundreds of thousands of campaigns that last a median of just one day. These attacks follow a skewed distribution: 10% of phishing campaigns accounted for 76% of phishing attacks, and 10% of malware campaigns accounted for 61% of malicious attachments. Attackers broadly targeted users around the globe as part of their campaigns, with the majority of targets residing in North America and Europe. While 90% of attacks occurred in English, we show evidence that some attackers localize their efforts.”

According to the study, 42% of all targets were from the US, followed by the UK (10% of all attacks) and Japan (5% of attacks).

Both phishing and malware attacks are bursty, experts observed the volume of attacks increasing by 500% at times from week to week. At its peak, the researchers observed 117 million phishing emails targeting 41 million distinct users during the week of May 11, 2020.

“Over the course of our measurement period, we observed a total of
406,002 distinct phishing campaigns and 1,724,160 malware campaigns. Both classes of attacks exhibit a highly skewed distribution.
The top 10% of phishing campaigns account for 76% of phishing
emails, while the top 10% of malware campaigns account for 61% of
emails with malicious attachments.” continues the report.

According to the experts, 89% of malware campaigns last just one day, while the median phishing campaign lasts three days or less. The short duration
a choice of the attackers to evade detection.

Other factors of high risk of being targeted by phishing attacks reported by the experts are:

• The availability of email or other personal details online froom a third-party data breach.
• The country where a user accesses Gmail, the highest risk countries are in Europe and Africa.
• The age, 55- to 64-year-olds are more exposed to attacks compared to 18- to 24-year-olds.
• Type of devices. Compared to users owning multiple types of devices, users who own only a personal computer face slightly lower odds of targeting (0.90) and mobile-only users face even lower risks of attack (0.80).
• Email activity. The odds of being targeted increase with the level of engagement with Gmail. Of course, active users face higher likelihoods of being targeted, with those most frequently interacting with Gmail being, on average, 5.18 times more likely to be targeted than an inactive user.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Pierluigi Paganini

International Editor-in-Chief

Cyber Defense Magazine