Krebs on Security

SEPTEMBER 27, 2023

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams , Adobe Reader , Mozilla Thunderbird , and Discord.

Ransomware 246

Ransomware Phishing Access Passwords 246

Data Breach Today

SEPTEMBER 25, 2023

2,050 Organizations Affected After Data Stolen From Secure File-Sharing Software The count of organizations affected by the Clop ransomware group's most recent mass targeting of Progress Software's secure file transfer software doubled last week. National Student Clearinghouse warned that data tied to nearly 900 colleges and universities had been stolen from its MOVEit server.

Data breaches 313

Data breaches Ransomware Security IT 313

Krebs on Security

SEPTEMBER 22, 2023

The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are needed to ensure all customers are protected by their latest security improvements. But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass.

Passwords 304

Passwords Encryption Security Mining 304

The Last Watchdog

SEPTEMBER 21, 2023

Ransomware is a significant threat to businesses worldwide. There are many gangs that work together to orchestrate increasingly damaging attacks. However, some of these groups follow codes of conduct that prevent them from purposefully targeting hospitals. Related: How Putin has weaponized ransomware In mid-March 2020, representatives from the cybersecurity website BleepingComputer contacted numerous ransomware gangs to ask if they’d continue targeting hospitals during the unprecedented COVID-19

Ransomware 193

Ransomware Cybersecurity Risk IT 193

Speaker: Diane Magers, Founder and Chief Experience Officer at Experience Catalysts

In the world of business, connecting the dots from experience to financial impact is an essential skill. Transforming customer engagement, Voice of Customer (VoC) insights, and Journey Maps into tangible financial outcomes poses a significant challenge for most organizations. To gain buy-in from the C-Suite and key stakeholders, it’s crucial to illustrate how Experience Management translates into clear, measurable business results.

Customer Experience

Dark Reading

SEPTEMBER 26, 2023

A fast-growing cyber campaign solely takes aim at luxury hotel and resort chains, using security-disruptive tactics to spread info-stealing malware.

Security 134

Security 134

Data Breach Today

SEPTEMBER 25, 2023

Backdoor Is Associated With Stealth Falcon APT Group Security researchers discovered a novel backdoor targeting a governmental agency in the Middle East for espionage purposes. Deadglyph is unique because it's made up of different parts written in different programming languages: native x64 binary and a.NET assembly.

Government 289

Government Security IT 289

The Last Watchdog

SEPTEMBER 25, 2023

If you’re a small business looking for the secret sauce to cybersecurity, the secret is out: start with a cybersecurity policy and make the commitment to security a business-wide priority. Related: SMBs too often pay ransom Small businesses, including nonprofit organizations, are not immune to cyberattacks. The average cost of a cybersecurity breach was $4.45 million in 2023, according to IBM’s Cost of a Data Breach Report, and over 700,000 small businesses were targeted in cybersecurity attacks

Cybersecurity 166

Cybersecurity Data breaches Phishing Compliance 166

Dark Reading

SEPTEMBER 25, 2023

National Student Clearinghouse, a nonprofit serving thousands of universities with enrollment services, exposes more than 900 schools within its MOVEit environment.

Data breaches 128

Data breaches IT 128

Schneier on Security

SEPTEMBER 26, 2023

Totally expected, but still good to hear : Onstage at TechCrunch Disrupt 2023, Meredith Whittaker, the president of the Signal Foundation, which maintains the nonprofit Signal messaging app, reaffirmed that Signal would leave the U.K. if the country’s recently passed Online Safety Bill forced Signal to build “backdoors” into its end-to-end encryption. “We would leave the U.K. or any jurisdiction if it came down to the choice between backdooring our encryption and betrayin

Encryption 115

Encryption Privacy IT 115

Advertiser: ZoomInfo

Marketing technology is essential for B2B marketers to stay competitive in a rapidly changing digital landscape — and with 53% of marketers experiencing legacy technology issues and limitations, they’re researching innovations to expand and refine their technology stacks. To help practitioners keep up with the rapidly evolving martech landscape, this special report will discuss: How practitioners are integrating technologies and systems to encourage information-sharing between departments and pr

B2B

Data Breach Today

SEPTEMBER 25, 2023

No Word Yet on Hospital Chain's Cyber Insurance Claim, Multiple Lawsuits Pending Chicago-based CommonSpirit is still waiting to hear back on its insurance claim for an October 2022 ransomware attack, but the hospital chain said disruption of some facilities and "significantly" hampered billing and collection activities contributed to a $1.4 billion operating loss for the year.

Ransomware 270

Ransomware Insurance IT 270

Security Affairs

SEPTEMBER 21, 2023

Apple released emergency security updates to address three new actively exploited zero-day vulnerabilities. Apple released emergency security updates to address three new zero-day vulnerabilities (CVE-2023-41993, CVE-2023-41991, CVE-2023-41992) that have been exploited in attacks in the wild. The three flaws were discovered by Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group.

Security 133

Security Information Security IT 133

The Last Watchdog

SEPTEMBER 27, 2023

There’s a tiny bit more to Cisco’s acquisition of Splunk than just a lumbering hardware giant striving to secure a firmer foothold in the software business. Related: Why ‘observability’ is rising to the fo re Cisco CEO Chuck Robbins has laid down a $28 billion bet that he’ll be able to overcome challenges Cisco is facing as its networking equipment business slows, beset by supply chain issues and reduced demand, post Covid 19.

Cybersecurity 134

Cybersecurity Security Analytics Compliance 134

Dark Reading

SEPTEMBER 26, 2023

Proactive Security holds the elusive promise of helping enterprises finally get ahead of threats, but CISOs must come to grips with the technological and philosophical change that it brings.

Security 116

Security IT 116

Advertisement

Embedding dashboards, reports and analytics in your application presents unique opportunities and poses unique challenges. We interviewed 16 experts across business intelligence, UI/UX, security and more to find out what it takes to build an application with analytics at its core. No matter where you are in your analytics journey, you will learn about emerging trends and gather best practices from product experts.

Analytics

Data Matters

SEPTEMBER 26, 2023

The European Commission issued the Financial Data Access Act (FIDA) proposal in June this year. FIDA will create a legislative framework that aims to "bring payments and the wider financial sector into the digital age" by facilitating the sharing of and access to customer financial data (whether of businesses or consumers). The post New EU FIDA Proposal: How Does This Affect GDPR?

GDPR 142

GDPR Privacy Access 142

Data Breach Today

SEPTEMBER 22, 2023

Cytrox's Predator Found on Device of Ahmed Eltantawy Apple released patches Thursday to close three actively exploited vulnerabilities that researchers say commercial spyware maker Cytrox used to infect the iPhone of Egyptian politician Ahmed Eltantawy with Predator malware. The Citizen Lab attributes the attacks to the Egyptian government.

Government 307

Government 307

Security Affairs

SEPTEMBER 24, 2023

Researchers discovered a previously undocumented sophisticated backdoor, named Deadglyph, used by the Stealth Falcon group for espionage in the Middle East ESET researchers discovered a very sophisticated and unknown backdoor, named Deadglyph, employed by the Stealth Falcon group for espionage in the Middle East. Stealth Falcon is a nation-state actor active since at least 2012, the group targeted political activists and journalists in the Middle East in past campaigns.

Encryption 119

Encryption Libraries Security Information Security 119

The Last Watchdog

SEPTEMBER 20, 2023

Creating ever smarter security software to defend embattled company networks pretty much sums up the cybersecurity industry. Related: The security role of semiconductors Cutting against the grain, Flexxon , a Singapore-based supplier of NAND memory drives and storage devices, arrived at Black Hat USA 2023 calling for a distinctive hardware approach to repelling cyber attacks.

Ransomware 170

Ransomware Cybersecurity Security Risk 170

Advertisement

How do 1st, 2nd, and 3rd party intent data compare? 1st, 2nd, and 3rd party data each have specific advantages and disadvantages. It comes down to four factors: accuracy, cost, control and quantity. This infographic explains the pros and cons of each and helps you understand which one is best for meeting your business objectives. Intent data can be a great way to fill your pipeline and close more deals.

IT

Dark Reading

SEPTEMBER 22, 2023

Tens of millions in losses later, the MGM and Caesars systems are back online following dual cyberattacks by the same threat actor — here's what experts say about their incident responses.

131

131

Hunton Privacy

SEPTEMBER 26, 2023

On September 14, 2023, the Federal Trade Commission issued a press release announcing the publication of a staff paper about blurred advertising. In the staff paper, the FTC describes blurred advertising as the blending of ads with digital media content ( e.g., displaying ads within online games and virtual reality worlds). The FTC warns that these ads are not readily identifiable as marketing by consumers and pose a significant threat to young children who do not have the skills or cognitive de

Paper 108

Paper Marketing Privacy 108

Data Breach Today

SEPTEMBER 25, 2023

Forrester's Allie Mellen on Issues Posed by Cisco's M&A Track Record, Splunk's Cost Security practitioners are skeptical of Cisco's proposed $28 billion Splunk purchase given the networking giant's track record around funding and investing in previous acquisition targets. Forrester's Allie Mellen expects some customers to try out other SIEM tools given Cisco's heritage in hardware.

Security 277

Security 277

Security Affairs

SEPTEMBER 26, 2023

A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. In February 2022, researchers from ThreatFabric first spotted the Xenomorph malware, which was distributed via the official Google Play Store reaching over 50,000 installations.

Phishing 110

Phishing File names Security Manufacturing 110

Advertisement

PostgreSQL is a highly versatile and robust technology, capable of addressing a wide range of challenges in diverse environments. Its expanding range of use cases is witnessing exponential growth, allowing PostgreSQL to effectively target an ever-increasing number of applications while minimizing limitations. This whitepaper presents ten indispensable rules that will empower you to optimize your PostgreSQL installation and stay ahead of the evolving landscape.

IT

Jamf

SEPTEMBER 25, 2023

Congratulations to the winners of the 2023 Jammies Awards, the customer appreciation awards celebrating those who exemplify Jamf values and innovative usage of Jamf solutions.

111

111

Dark Reading

SEPTEMBER 20, 2023

A supposed exploit for a notable RCE vulnerability in the popular Windows file-archiving utility delivers a big sting for unwitting researchers and cybercriminals.

Archiving 135

Archiving 135

KnowBe4

SEPTEMBER 25, 2023

Security researchers at Check Point have discovered yet another attack that leverages legitimate web applications to host attacks in order to bypass security scanners.

Security 110

Security Security awareness Phishing 110

Data Breach Today

SEPTEMBER 25, 2023

One Identity, Wallix, Arcon Exit Leaders Space as Privileged Access Market Matures CyberArk, BeyondTrust and Delinea maintained their spots atop Gartner's privileged access management Magic Quadrant, while One Identity, Wallix and Arcon fell from the leader ranks. Over the past half-decade, PAM has gone from being required for large companies to being an insurance prerequisite.

Insurance 263

Insurance Access Marketing 263

Speaker: Shawn Phillips, CCXP, Head of Growth and Innovation

A one-size-fits-all approach is a great approach – if it’s 2010. With the growth of AI, customers expect – and often demand – a customer journey based on their unique needs and history with your brand. Advanced platforms enable you to move beyond simple personalization or mass customization to create truly unique customer journeys that optimize outcomes for both your customers and your brand.

Security Affairs

SEPTEMBER 20, 2023

Pro-Russia hacker group NoName is suspected to have launched a cyberattack that caused border checkpoint outages at several Canadian airports. A massive DDoS cyber attack, likely carried out by Pro-Russia hacker group NoName , severely impacted operations at several Canadian airports last week, reported Recorded Future News. Canada Border Services Agency (CBSA) was able to mitigate the attack after a few hours.

Data breaches 127

Data breaches Security Government Information Security 127

WIRED Threat Level

SEPTEMBER 26, 2023

Egged on by a far-reaching conservative media ecosystem, right-wing hardliners are forcing Washington to bend to their reality as the federal government careens toward a possible shutdown.

Government 103

Government Risk Security 103

Dark Reading

SEPTEMBER 21, 2023

Attackers use convincing fake website interfaces and sophisticated geo-fencing to target users exclusively in Mexico and Brazil with a new variant of the malware.

132

132