Krebs on Security
MAY 14, 2024
Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two “zero-day” vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available for macOS and Adobe users, and for the Chrome Web browser, which just patched its own zero-day flaw.
Data Breach Today
MAY 14, 2024
Firms Back New Guidance for Victims From UK's National Cyber Security Centre A coalition of cyber insurance associations has pledged to back fresh government cybersecurity guidance designed to help victims avoid ever paying a ransom, as part of an ongoing push to reduce ransomware's profitability for criminals in part by improving organizations' resilience and recovery.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
MAY 10, 2024
China-Linked Criminals Processed Orders Worth $50M: Security Research Labs Hackers linked to Chinese fraudsters are targeting online shoppers to steal credit card information, likely making off with about $50 million from victims in the United States and Western Europe who order premium shoes at discount prices on fraudulent deal websites.
The Last Watchdog
MAY 13, 2024
Torrance, Calif., May 13, 2024, CyberNewsWire — Criminal IP, a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA, has recently signed a technology partnership to exchange threat intelligence data based on domains and potentially on the IP address to protect users by blocking threats to end users. Criminal IP underwent rigorous data evaluation to integrate with Quad9’s threat-blocking service, demonstrating high data uniqueness and accuracy.
Advertisement
Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?
WIRED Threat Level
MAY 8, 2024
An internal email from FBI deputy director Paul Abbate, obtained by WIRED, tells employees to search for “US persons” in a controversial spy program's database that investigators have repeatedly misused.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MAY 9, 2024
How Attacks Have Changed; New Insights Into How an Attack Affects the Business The fifth annual Sophos State of Ransomware Report combines year-on-year insights with brand-new areas of study. It includes a deep dive into ransom demands and ransom payments and shines new light on the role of law enforcement in ransomware remediation.
Security Affairs
MAY 13, 2024
A group of hackers that defines itself as “first-class Russian hackers” claims the defacement of hundreds of local and regional British newspaper websites. A group claiming to be “first-class Russian hackers” defaced numerous local and regional British newspaper websites owned by Newsquest Media Group. The group defaced the home pages of the targeted websites and posted the message “PERVOKLASSNIY RUSSIAN HACKERS ATTACK.” The following image shows an archived version of t
The Last Watchdog
MAY 8, 2024
Philadelphia, Pa., May 8, 2024, CyberNewsWire — Security Risk Advisors (SRA) announces the launch of their OT/XIoT Detection Selection Workshop, a complimentary offering designed to assist organizations in selecting the most suitable operational technology (OT) and Extended Internet of Things (XIoT) security tools for their unique environments.
WIRED Threat Level
MAY 13, 2024
Amid a rising tide of adversary drones and missile attacks, laser weapons are finally poised to enter the battlefield.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Jamf
MAY 8, 2024
Rocketman Tech helps organizations succeed with Jamf, offering consulting and tools to simplify the management process. In this blog, Chris Schasse — Founder, Owner and Lead Engineer at Rocketman Tech — recaps his in-depth comparison of Kandji and Jamf Pro.
Data Breach Today
MAY 8, 2024
Researchers Discover Major Vulnerabilities in Popular Central Management Platform Researchers identified major security vulnerabilities in F5's Next Central Manager that could allow hackers to gain a persistent, undetectable presence within any organization's network infrastructure connected to F5 assets, according to a Wednesday report.
Security Affairs
MAY 14, 2024
Google released emergency security updates to address an actively exploited Chrome zero-day vulnerability. Google has released emergency security updates to address a high-severity zero-day vulnerability vulnerability, tracked as CVE-2024-4761, in the Chrome browser. The vulnerability is an out-of-bounds write issue that resides in the V8 JavaScript engine of the Google web browser.
The Last Watchdog
MAY 13, 2024
London, United Kingdom, May 13, 2024, CyberNewsWire — Logicalis, the global technology service provider delivering next-generation digital managed services, has today announced the launch of Intelligent Security, a blueprint approach to its global security portfolio designed to deliver proactive advanced security for customers worldwide. Intelligent Security has been designed by Logicalis’ worldwide team of security specialists to give customers the most comprehensive observability a
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Schneier on Security
MAY 14, 2024
Google has patched another Chrome zero-day: On Thursday, Google said an anonymous source notified it of the vulnerability. The vulnerability carries a severity rating of 8.8 out of 10. In response, Google said, it would be releasing versions 124.0.6367.201/.202 for macOS and Windows and 124.0.6367.201 for Linux in subsequent days. “Google is aware that an exploit for CVE-2024-4671 exists in the wild,” the company said.
KnowBe4
MAY 14, 2024
The Royal Canadian Mounted Police (RCMP) in Nova Scotia is warning of spear phishing attacks that impersonate company managers. The scammers text company employees requesting a payment to cover an urgent business need.
Data Breach Today
MAY 9, 2024
68 Tech Companies Join US Cyber Agency's Pledge to Build Security Into Products The U.S. Cybersecurity and Infrastructure Security Agency has announced a new voluntary pledge featuring 68 inaugural members that have committed to take specific actions to improve the security of their products, shifting responsibilities from end users to the providers themselves.
Security Affairs
MAY 13, 2024
Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. New Jersey’s Cybersecurity and Communications Integration Cell (NJCCIC) reported that since April, threat actors used the the Phorpiex botnet to send millions of phishing emails as part of a LockBit Black ransomware campaign.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
WIRED Threat Level
MAY 8, 2024
Despite Cyber Army of Russia’s claims of swaying US “minds and hearts,” experts say the cyber sabotage group appears to be hyping its hacking for a domestic audience.
IBM Big Data Hub
MAY 10, 2024
Underpinning most artificial intelligence (AI) deep learning is a subset of machine learning that uses multi-layered neural networks to simulate the complex decision-making power of the human brain. Beyond artificial intelligence (AI) , deep learning drives many applications that improve automation , including everyday products and services like digital assistants, voice-enabled consumer electronics, credit card fraud detection and more.
KnowBe4
MAY 14, 2024
Trend analysis of ransomware attacks in the first quarter of this year reveals a continual increase in the number of "unknown" initial attack vectors, and I think I might understand why.
Data Breach Today
MAY 9, 2024
Also: New Attack Threatens VPN User Privacy; Android Malware Targets Finland This week, LockBit claimed responsibility for an attack, British Columbia probed an attack, the "TunnelVision" flaw threatened VPN users' privacy, a CEO was sentenced for a scam, attackers exploited a WordPress plug-in flaw, Zscaler probed a breach and Finland warned about Android malware scams.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Security Affairs
MAY 12, 2024
Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. The FBI, CISA, HHS, and MS-ISAC have issued a joint Cybersecurity Advisory (CSA) regarding the Black Basta ransomware activity as part of the StopRansomware initiative. Black Basta has targeted at least 12 critical infrastructure sectors, including Healthcare and Public Health.
WIRED Threat Level
MAY 13, 2024
NYC mayor Eric Adams wants to test Evolv’s gun-detection tech in subway stations—despite the company saying it’s not designed for that environment. Emails obtained by WIRED show how the company still found an in.
Schneier on Security
MAY 13, 2024
Back in the 1960s, if you played a 2,600Hz tone into an AT&T pay phone, you could make calls without paying. A phone hacker named John Draper noticed that the plastic whistle that came free in a box of Captain Crunch cereal worked to make the right sound. That became his hacker name, and everyone who knew the trick made free pay-phone calls. There were all sorts of related hacks, such as faking the tones that signaled coins dropping into a pay phone and faking tones used by repair equipment.
KnowBe4
MAY 10, 2024
Like most observers, I celebrated Google’s recent announcement on April 9 th about new multi-party approvals for a handful or so of common actions accomplished by super admins in Google Workspace.
Advertisement
Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.
Security Affairs
MAY 13, 2024
Apple rolled out urgent security updates to address code execution vulnerabilities in iPhones, iPads, and macOS. Apple released urgent security updates to address multiple vulnerabilities in iPhones, iPads, macOS. The company also warns of a vulnerability patched in March that the company believes may have been exploited as a zero-day. The issue impacts older iPhone devices, it is tracked as CVE-2024-23296 and is a memory corruption flaw in the RTKit.
WIRED Threat Level
MAY 13, 2024
Tuesday’s verdict in the trial of Alexey Pertsev, a creator of crypto-privacy service Tornado Cash, is the first in a string of cases that could make it much harder to skirt financial surveillance.
Schneier on Security
MAY 14, 2024
This is a current list of where and when I am scheduled to speak: I’m giving a webinar via Zoom on Wednesday, May 22, at 11:00 AM ET. The topic is “ Should the USG Establish a Publicly Funded AI Option? “ The list is maintained on this page.
Expert insights. Personalized for you.
195 
Let's personalize your content