Thu.Aug 08, 2024

article thumbnail

McLaren Health Hit With Ransomware for Second Time in a Year

Data Breach Today

Clinicians Say Current Hack More Disruptive Than 2023 Attack Michigan-based McLaren Health Care is dealing with its second cyberattack in less than a year, disrupting IT systems and patient services at its 13 hospitals and other medical facilities. Ransomware gang INC Ransom allegedly claims to have carried out this latest attack.

article thumbnail

USPS Text Scammers Duped His Wife, So He Hacked Their Operation

WIRED Threat Level

The Smishing Triad network sends up to 100,000 scam texts per day globally. One of those messages went to Grant Smith, who infiltrated their systems and exposed them to US authorities.

Security 143
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

US Water Cybersecurity Improvement Efforts at Loggerheads

Data Breach Today

Legal and Voluntary Methods Fall Short Cyber threats against the U.S. water sector are growing but the main federal regulatory agency that oversees it may be stymied by a lack of cooperation from sector operators, concludes a Government Accountability Office report. Attacks against the water sector have mounted steadily.

article thumbnail

Watch How a Hacker’s Infrared Laser Can Spy on Your Laptop’s Keystrokes

WIRED Threat Level

Hacker Samy Kamkar is debuting his own open source version of a laser microphone—a spy tool that can invisibly pick up the sounds inside your home through a window, and even the text you’re typing.

Privacy 124
article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

article thumbnail

Breach Roundup: Royal Ransomware Group On An Extortion Tear

Data Breach Today

Also: French Museum Ransomware Attack, Cisco Smart Install and SharpRhino Malware This week, Royal ransomware, a French museum ransomware attack and a putative class action over a background check data breach. Singapore removed an app monitoring internet use on student devices, a warning over Cisco Smart Install, the upstart SharpRhino gang and an exposed Illinois voter database.

More Trending

article thumbnail

US Feds Arrest Man for North Korean Remote IT Worker Scam

Data Breach Today

Matthew Isaac Knoot Allegedly Hosted Laptop Farm in his Nashville Home U.S. federal prosecutors charged a Tennessee man with abetting North Korea in an ongoing effort to obtain remote IT work for its nationals as a way of generating hard currency. "North Korean IT workers are widespread in Fortune 500 companies," said a threat analyst.

IT 141
article thumbnail

Microsoft’s AI Can Be Turned Into an Automated Phishing Machine

WIRED Threat Level

Attacks on Microsoft’s Copilot AI allow for answers to be manipulated, data extracted, and security protections bypassed, new research shows.

Phishing 125
article thumbnail

Feds Drop Probe Into Progress Software Over MOVEit Zero-Day

Data Breach Today

Clop Ransomware Group Exploited Flaw to Steal Data Pertaining to 95M Individuals Progress Software said the U.S. Securities and Exchange Commission has dropped its probe into the business, launched after attackers exploited a zero-day flaw in its MOVEit secure file transfer software to steal data pertaining to over 2,770 organizations and 95 million individuals.

article thumbnail

New Phishing Campaign Targets Israeli Organizations To Deliver Malware

KnowBe4

A new phishing campaign is targeting Israeli organizations to deliver the RHADAMANTHYS information-stealing malware, Cyber Security News reports.

Phishing 110
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Cryptohack Roundup: White Hats Hack Ronin Bridge

Data Breach Today

Also: Cryptonator, Crypto.com, Do Kwon Case Updates Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, a $12M white hat hack on Ronin Bridge, Cryptonator indictment, potential prison sentence in Crypto.com case, a $212K Convergence hack, Do Kwon's extradition, and the FBI published a scam warning.

article thumbnail

CrowdStrike Class Action Lawsuit for Massive Software Outage

eSecurity Planet

CrowdStrike, a cybersecurity behemoth renowned for its cloud-based endpoint protection platform, was in the eye of a storm on July 19, 2024. A catastrophic software update unleashed a domino effect of disruptions, paralyzing millions of computers across the globe. The impact was far-reaching and unprecedented, from bustling airports to critical healthcare facilities.

article thumbnail

Fighting Scammers with Flexible Instant Payment Choices

Data Breach Today

Fraud Experts Eva Velasquez and Ken Palla on the Value of Adding Some Friction Giving customers more flexibility in instant payment systems could give users more control over their transactions and help fight scammers. An option to delay payments could introduce the needed friction to stop fraudulent payments, said fraud experts Eva Velasquez and Ken Palla.

130
130
article thumbnail

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

Security Affairs

FBI and CISA published a joint advisory on the BlackSuit Ransomware group, the document provides TTPs and IOCs as recently as July 2024. CISA, in collaboration with the FBI, has published a joint advisory on the BlackSuit Ransomware group. The advisory includes recent and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) related to BlackSuit operation, which rebrands legacy Royal ransomware , identified by FBI investigations as recent as July 20

article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

Cyber Supply Chain Security and Third-Party Risk Management

Data Breach Today

Sujit Christy on Why Their Intersection Requires a Paradigm Shift The intersection of cyber supply chain security and third/fourth-party risk management presents significant challenges for CISOs. Here's how to take a proactive, comprehensive approach to cyber supply chain risk management to protect critical assets and enhance resilience against evolving threats.

Risk 100
article thumbnail

2024 Phishing Insights: What 11.9 Million User Behaviors Reveal About Your Risk

KnowBe4

Your secret weapon to combat cyber threats might be just under your nose! Cybercriminals continue to exploit vulnerabilities while upping their game with new and more sinister attack methods. The human firewall is your cybersecurity ace in the hole.

article thumbnail

CISA adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Android Kernel Remote Code Execution flaw ( CVE-2024-36971 ) and an Apache OFBiz Path Traversal issue ( CVE-2024-32113 ) to its Known Exploited Vulnerabilities (KEV) catalog.

IT 91
article thumbnail

Computer Crash Reports Are an Untapped Hacker Gold Mine

WIRED Threat Level

One hacker solved the CrowdStrike outage mystery with simple crash reports, illustrating the wealth of detail about potential bugs and vulnerabilities those key documents hold.

Mining 89
article thumbnail

Launching LLM-Based Products: From Concept to Cash in 90 Days

Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage

Christophe Louvion, Chief Product & Technology Officer of NRC Health, is here to take us through how he guided his company's recent experience of getting from concept to launch and sales of products within 90 days. In this exclusive webinar, Christophe will cover key aspects of his journey, including: LLM Development & Quick Wins 🤖 Understand how LLMs differ from traditional software, identifying opportunities for rapid development and deployment.

article thumbnail

One year later: The Flipper Zero is still cool. Here are 7 useful things you can do

Collaboration 2.0

This weird little device blew up on TikTok, but there are quite a few impressive things you can do with it. Here are some of the most useful.

IT 98
article thumbnail

0.0.0.0 Day flaw allows malicious websites to bypass security in major browsers

Security Affairs

An 18-year-old bug, dubbed “0.0.0.0 Day,” allows malicious websites to bypass security in Chrome, Firefox, and Safari to breach local networks. Oligo Security’s research team warns of an 18-year-old bug, dubbed “0.0.0.0 Day,” that allows malicious websites to bypass security in Chrome, Firefox, and Safari to breach local networks.

article thumbnail

New Mac Mini: M4 powered yet small as an Apple TV?

Collaboration 2.0

The new version of the Mac Mini is said to be the smallest computer Apple's ever made, but one of the most powerful with the new M4 chip.

98
article thumbnail

What is Privilege Escalation?

Jamf

Privilege Escalation enables unauthorized access to sensitive systems, placing confidential data at risk. Learn why organizations must mitigate this critical vulnerability and what strategies are effective in keeping endpoints protected.

Risk 81
article thumbnail

How Top Tech CFOs Solve Annual Planning’s Biggest Challenges

Gearing up for 2025 annual planning? Our latest eBook from the Operators Guild is your ultimate guide. Discover real-world solutions and best practices shared by top CFOs, drawn directly from discussions within OG’s vibrant online community. Learn from senior executives at high-growth tech startups as they outline financial planning strategies, align CEO and board goals, and coordinate budgets across departments.

article thumbnail

This affordable Android tablet has a big screen and lasted me days

Collaboration 2.0

This Blackview Tab 18, with an octa-core processor, 12GB of RAM, and a huge battery, is just the thing for me.

98
article thumbnail

Tricky Web Timing Attacks Are Getting Easier to Use—and Abuse

WIRED Threat Level

New research shows how known techniques for finding weaknesses in websites are actually practical in uncovering vulnerabilities, for better or worse.

article thumbnail

The best USB-C chargers of 2024: Expert recommended

Collaboration 2.0

We've tested and researched the top USB-C chargers that can power up your smartphone or tablet, and sometimes even your laptop. Here are our favorites from Anker, Ugreen, and more.

75
article thumbnail

How many gold medals would your company win at the integration Olympics?

OpenText Information Management

The Paris 2024 Olympics saw over 10,500 athletes competing in over 329 medal events. This event is where sporting legends are created. Every four years these GOAT (Greatest of All Time) athletes gather in one place to compete for the gold. The varied sporting disciplines of the games got me thinking. How would companies fare if they competed in the Integration Olympics, an event designed to assess how well companies are using B2B integration technologies to address specific business and supply c

B2B 69
article thumbnail

An Architect’s Guide for Selecting Scalable, Data-Layer Technologies

There’s no getting around it: selecting the right foundational data-layer components is crucial for long-term application success. That’s why we developed this white paper to give you insights into four key open-source technologies – Apache Cassandra®, Apache Kafka®, Apache Spark™, and OpenSearch® – and how to leverage them for lasting success. Discover everything you’ll want to know about scalable, data-layer technologies: Learn when to choose these technologies and when to avoid them Explore h

article thumbnail

The Windows 10 clock is ticking: 5 ways to save your old PC in 2025 (most are free)

Collaboration 2.0

As many as 240 million Windows 10 PCs can't be upgraded to Windows 11. But instead of trashing your device when Windows 10 support runs out, here are five viable alternatives to save you money and trouble.

98
article thumbnail

How to Perform a Cloud Security Assessment: Checklist & Guide

eSecurity Planet

A cloud security assessment is a process of analyzing an organization’s cloud infrastructure to identify and mitigate security issues. It also includes detecting vulnerabilities, assessing network exploitation, developing preventative strategies, and establishing proper security levels and governance. To conduct a thorough security assessment, you must first understand your cloud environment, prepare properly, and adhere to key best practices.

Cloud 67
article thumbnail

Garmin adds watch faces and more apps - including Disney, GoPro - to app store

Collaboration 2.0

With the Connect IQ store supported on watches, bike computers, and outdoor handhelds, developers gain access to a huge market. Now Garmin needs to expand its payment options.