Fri.Aug 30, 2024

article thumbnail

Verkada Agrees to $2.95M Civil Penalty After Hacks

Data Breach Today

Cloud-Based Security Camera Firm Pledges Better Security Ion US FTC Settlement A California security camera company agreed to pay a $2.95 million civil penalty and implement a security program after hackers in 2021 accessed video from 150,000 internet-connected security cameras, including from devices placed inside psychiatric hospitals and women's health clinics.

Cloud 183
article thumbnail

Threat actors exploit Atlassian Confluence bug in cryptomining campaigns

Security Affairs

Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. The critical vulnerability CVE-2023-22527 (CVSS score 10.0) in the Atlassian Confluence Data Center and Confluence Server is being actively exploited for cryptojacking campaigns. The vulnerability is a template injection vulnerability that can allow remote attackers to execute arbitrary code on vulnerable Confluence installs.

Mining 114
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Why Dell Is Once Again Eyeing the Sale of MSSP Secureworks

Data Breach Today

Growth, Profitability and Stock Price Woes Have Dell Primed to Cash Out Its Chips Majority owner Dell is exploring a possible sale of Atlanta-based cybersecurity services vendor Secureworks, tapping investment bankers at Morgan Stanley and Piper Sandler to gauge takeover interest from potential acquirers, which include private equity firms, Reuters reported Thursday.

Sales 169
article thumbnail

Fortra fixed two severe issues in FileCatalyst Workflow, including a critical flaw

Security Affairs

Cybersecurity and automation company Fortra addressed two vulnerabilities in FileCatalyst Workflow software, including a critical-severity flaw. Cybersecurity and automation company Fortra released patches for two vulnerabilities in FileCatalyst Workflow. Once of the vulnerabilities is a critical issue, tracked as CVE-2024-6633 (CVSS score of 9.8) described as Insecure Default in FileCatalyst Workflow Setup.

Access 105
article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

article thumbnail

CISA and HHS Would Team Up in Health Sector Under House Bill

Data Breach Today

Bill Is Similar to Senate Proposals, But Will Congress Take Action Before Election? A bipartisan House bill aims to bolster cybersecurity in the healthcare sector by requiring stronger collaboration between CISA and the Department of Health and Human Services. The bill is a companion to nearly identical bipartisan legislation introduced in the Senate in July.

More Trending

article thumbnail

US Body to Assess OpenAI and Anthropic Models Before Release

Data Breach Today

The AI Safety Institute Will Evaluate Safety and Suggest Improvements AI companies OpenAI and Anthropic made a deal with a U.S. federal body to provide early access to major models for safety evaluations. The agreements are "are an important milestone as we work to help responsibly steward the future of AI," said U.S. AI Safety Institute Director Elizabeth Kelly.

Access 169
article thumbnail

Scammers Use Fake Funeral LiveStream Social Media Posts to Extort Victims

KnowBe4

In a new low for cybercriminals, a new scam attempts to take advantage of those grieving the loss of a loved one, and charges their credit card exorbitant fees.

article thumbnail

RansomHub Hits Powered by Ex-Affiliates of LockBit, BlackCat

Data Breach Today

Feds Count Over 200 Known US Victims of Ransomware Group That Launched in February Beware a surge in attacks tied to a ransomware group called RansomHub that's recruited affiliates from down-or-out operations LockBit and BlackCat and successfully crypto-locked systems at more than 200 organizations nationwide, including critical infrastructure, the U.S. government warned.

article thumbnail

Your KnowBe4 Fresh Content Updates from August 2024

KnowBe4

Check out the 29 new pieces of training content added in August, alongside the always fresh content update highlights, events and new features.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Indictment of Telegram CEO Threatens End-to-End Encryption

Data Breach Today

Telegram Messages Hard to Encrypt But CEO Faces Charges for Noncompliant Cryptology The arrest and indictment of Telegram CEO Pavel Durov is sparking concerns about the viability of encrypted communications in France. The Paris Prosecutor's Office indicted Durov, the 39-year-old Russian-born owner of Telegram on Wednesday, after arresting him Saturday night.

article thumbnail

Nearly Half of Mid-Market and Enterprise Organizations Have Experienced Four or More Ransomware Attacks in the Last Year

KnowBe4

New data exposes the reality of ransomware attacks today, including their frequency, impact, ransom payment – and the involvement of human error.

article thumbnail

ISMG Editors: CrowdStrike Competitors Analyze Outage, Impact

Data Breach Today

Also: UN Convention Against Cybercrime Efforts; Serving SMBs' Cybersecurity Needs In the latest weekly update, Information Security Media Group editors discussed how CrowdStrike's competitors are responding to its outage, why security vendors want to serve the unique needs of SMB organizations and the status of U.N. efforts to develop a treaty designed to combat cybercrime.

article thumbnail

These 3 rumored iPhone 16 features should have you excited to upgrade

Collaboration 2.0

Apple's iPhone 16 is sizing up to be a huge launch thanks to a design change, better performance, and the long-awaited Siri upgrade.

97
article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

Threat Actors Abuse Microsoft Sway to Launch QR Code Phishing Attacks

KnowBe4

Researchers at Netskope last month observed a 2000-fold increase in traffic to phishing pages delivered through Microsoft Sway.

article thumbnail

CILIP writes to Libraries Minister

CILIP

CILIP writes to Libraries Minister CILIP has written to Sir Chris Bryant, detailing how CILIP can support the new government’s key missions. Chief Executive Louis Coiffait-Gunn reached out to the MP after he was announced as heading up responsibility for public libraries. Sir Chris holds a dual role in Government, as Minister of State at the Department for Science, Innovation and Technology and the Department for Culture, Media and Sport.

article thumbnail

U.S. Experiences 52% Increase in the Number of Ransomware Attacks in One Year

KnowBe4

New analysis of current ransomware attacks shows a massive focus on U.S. organizations, with growth spread across nearly every industry.

article thumbnail

Wyze is testing a new AI feature that lets you search your video footage by keyword

Collaboration 2.0

Wyze's AI Video Search can help you scour hours of recordings much faster. Here's how to try it out.

IT 97
article thumbnail

Launching LLM-Based Products: From Concept to Cash in 90 Days

Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage

Christophe Louvion, Chief Product & Technology Officer of NRC Health, is here to take us through how he guided his company's recent experience of getting from concept to launch and sales of products within 90 days. In this exclusive webinar, Christophe will cover key aspects of his journey, including: LLM Development & Quick Wins 🤖 Understand how LLMs differ from traditional software, identifying opportunities for rapid development and deployment.

article thumbnail

Navigating the AI/ML Talent Shortage

Adapture

As a leading IT solutions provider, Adapture understands the critical role that artificial intelligence (AI) and machine learning (ML) play in driving innovation and efficiency across industries of all types. However, the rapid growth in AI/ML applications has led to a significant talent shortage, posing challenges for businesses looking to leverage these technologies.

article thumbnail

LG's new Mini LED TV beat out my G2 OLED in 3 major ways – and it's $300 off for Labor Day

Collaboration 2.0

Exceptional brightness and color accuracy, supported by a snappy new AI processor, make LG's latest Mini LED model a formidable TV in 2024. And right now it's on sale for $1,599.

Sales 75
article thumbnail

Data Archiving Best Practices

Record Nations

Data archiving is the method of shifting important, but inactive data to a low-cost storage location. The practice reduces storage costs while safely retaining old data for reference, analysis, or regulatory compliance. Archiving is designed for long-term data preservation. Archival features may vary based on your needs and provider. Storage solutions may incorporate data compression, Data Archiving Best Practices The post Data Archiving Best Practices appeared first on Record Nations.

article thumbnail

Still have a Windows 10 PC? You have 5 options before support ends next year

Collaboration 2.0

Microsoft will officially end support for its most popular operating system in a little over a year. Here's what you should do with your Windows 10 PCs before that day arrives.

IT 98
article thumbnail

How Top Tech CFOs Solve Annual Planning’s Biggest Challenges

Gearing up for 2025 annual planning? Our latest eBook from the Operators Guild is your ultimate guide. Discover real-world solutions and best practices shared by top CFOs, drawn directly from discussions within OG’s vibrant online community. Learn from senior executives at high-growth tech startups as they outline financial planning strategies, align CEO and board goals, and coordinate budgets across departments.

article thumbnail

Bypassing the Gate: A closer look into Gatekeeper flaws on macOS

Jamf

Jamf Threat Labs discovered a Gatekeeper vulnerability in macOS that may lead to the execution of an unsigned and unnotarized application without displaying appropriate security prompts to the user. Read on to learn more about our findings.

article thumbnail

Which programming languages are most popular now (and what does that even mean)?

Collaboration 2.0

To produce the ZDNET Index of Programming Language Popularity, we aggregated data from nine different rankings. Here's which languages came out on top and what to make of this information.

98
article thumbnail

Ensuring SIEM data sovereignty: the case for on-prem OpenText ArcSight SIEM

OpenText Information Management

Given the critical nature of cybersecurity for industry sectors such as defense, healthcare, finance, and government, ensuring SIEM data sovereignty has never been more crucial. These organizations must balance the advantages of cloud-based SIEMs with the need for strict internal security controls. The urgency intensifies when existing on-prem SIEM solutions approach end-of-life due to vendor acquisition, threatening the continuity of their customized, heavily invested cybersecurity infrastructu

article thumbnail

Governments need to beef up cyberdefense for the AI era - which means going back to the basics

Collaboration 2.0

Organizations in both private and public sectors are moving to adopt artificial intelligence, but doing so for the latter heightens the importance of security fundamentals.

article thumbnail

An Architect’s Guide for Selecting Scalable, Data-Layer Technologies

There’s no getting around it: selecting the right foundational data-layer components is crucial for long-term application success. That’s why we developed this white paper to give you insights into four key open-source technologies – Apache Cassandra®, Apache Kafka®, Apache Spark™, and OpenSearch® – and how to leverage them for lasting success. Discover everything you’ll want to know about scalable, data-layer technologies: Learn when to choose these technologies and when to avoid them Explore h

article thumbnail

Friday Squid Blogging: Economic Fallout from Falklands Halting Squid Fishing

Schneier on Security

Details. Blog moderation policy.

100
100
article thumbnail

4 reasons I'm not upgrading to an iPhone 16 Pro from my iPhone 14

Collaboration 2.0

The iPhone 16 promises AI and a shiny new display, among other features, but is it worth the upgrade? Here's what could convince me to upgrade from my iPhone 14 Pro Max.

IT 75
article thumbnail

US-China relationship remains 'competitive', as steps towards diplomacy strengthen

Collaboration 2.0

The US says efforts to improve bilateral relations with China are ongoing, alongside "necessary action" to prevent US tech from being used to undermine its national security.