Sat.Sep 28, 2024 - Fri.Oct 04, 2024

article thumbnail

Insights from Information Leaders: Balancing Value, Compliance, and Innovation

AIIM

At a recent industry panel, Bill Murphy, Chief Executive Officer of RedZone Technologies, moderated a discussion featuring three distinguished information management experts: Reggie Henry, CAE, Chief Information & Performance Excellence Officer, American Society of Association Executives (ASAE) Candace McCabe, CIP, Sr. Solution Architect - Governance, Risk, and Compliance, Walmart Mark Patrick, CIP, Records Officer, US Department of Defense The panel was part of the AIIM Information and Data

article thumbnail

Meta Hit Again With Targeted Advertising Limits In Europe

Data Breach Today

European Court of Justice Says Meta May Not Indefinitely Retain User Data Targeted advertising may face additional restrictions following a ruling by the top European Union court that social media giant Meta cannot indefinitely retain user data. Nor can it use data for advertising "without distinction as to type of data," the European Court of Justice said Friday.

IT 305
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, the government alleges. KrebsOnSecurity has learned that many of the man’s alleged targets were members of UGNazi , a hacker group behind multiple high-profile breaches and cyberattacks back in 2012.

article thumbnail

News alert: SquareX shows how Google’s MV3 standard falls short, putting millions at risk

The Last Watchdog

Singapore, Oct. 3, 2024, CyberNewswire — At DEF CON 32, the SquareX research team delivered a hard-hitting presentation titled Sneaky Extensions: The MV3 Escape Artists where they shared their findings on how malicious browser extensions are bypassing Google’s latest standard for building chrome extensions: Manifest V3 (MV3)’s security features, putting millions of users and businesses at risk.

Risk 243
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Israel army hacked the communication network of the Beirut Airport control tower

Security Affairs

Israel allegedly hacked Beirut airport ‘s control tower, warning an Iranian plane not to land, forcing it to return to Tehran. The Israeli cyber army on Saturday hacked into the control tower of Beirut Airport, the Rafic Hariri International Airport. The IDF breached the communication network of the control tower and threatened an Iranian civilian plane attempting to land, reported the MiddleEastMonitor website.

More Trending

article thumbnail

How Large Language Models Are Reshaping the Cybersecurity Landscape

Elie

This talk examine current real-world examples of AI-driven attacks and explore which defensive AI capabilities are available today.

article thumbnail

News alert: Doppler fortifies ‘secrets management’ with Change Requests auditable approval feature

The Last Watchdog

San Francisco, Calif., Oct. 3, 2024, CyberNewswire — Doppler , the leading platform in secrets management, today announces the launch of Change Requests , a new feature providing engineering teams with a secure, auditable approval process for managing and controlling secret changes across environments. Designed to enhance security, compliance, and team collaboration, Change Requests gives organizations the tools to mitigate the potential risks from misconfigurations or unauthorized changes

article thumbnail

Telegram revealed it shared U.S. user data with law enforcement

Security Affairs

Telegram fulfilled over a dozen U.S. law enforcement data requests this year, potentially revealing the IP addresses or phone numbers of 100+ users. Independent website 404 Media first revealed that in 2024 Telegram has fulfilled more than a dozen law enforcement data requests from the U.S. authorities. The social media platform “potentially revealed” that it has shared the IP addresses or phone numbers of over 100 users with law enforcement.

IT 137
article thumbnail

Cloud Assumptions and Misconfigurations Threaten Healthcare Security

Data Breach Today

Common Cloud Assumptions and Takeaways for Healthcare Organizations As healthcare providers migrate their infrastructure and services to the cloud, they gain benefits such as increased flexibility, scalability and optimized patient data access and sharing. But misconceptions about cloud security are jeopardizing the security of electronic patient health information.

Cloud 296
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

A Window into Your Photos: Revealing How Sideloaded Apps Can Secretly Monitor Your Images

Jamf

In the ever-evolving realm of cybersecurity, staying ahead of malicious threats is essential. At Jamf, we are committed to proactively identifying and mitigating risks to iOS devices. Learn how in our latest post.

article thumbnail

News alert: Upcoming webinar highlights threat mitigation, fortifying ‘ASM’ with Criminal IP

The Last Watchdog

Torrance, Calif., Oct. 3, 2024, CyberNewswire — An exclusive live webinar will take place on October 4th at noon Eastern Time (ET), demonstrating how Criminal IP’s Attack Surface Management (ASM) can help organizations proactively detect and mitigate cyber threats. The webinar will feature a Criminal IP ASM Live Demo, providing a comprehensive view of attack surface visibility.

article thumbnail

Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

Security Affairs

Over 4,000 unpatched Adobe Commerce and Magento stores have been compromised by exploiting critical vulnerability CVE-2024-34102. Sansec researchers reported that multiple threat actors have exploited a critical Adobe Commerce vulnerability, tracked as CVE-2024-34102 (aka CosmicSting, CVSS score of 9.8), to compromise more than 4,000 e-stores over the past three months.

CMS 136
article thumbnail

US, Microsoft Seize Domains Used in Russian Spear-Phishing

Data Breach Today

FSB Hackers Stripped of 107 Domains Used to Steal Credentials The U.S. Department of Justice and Microsoft seized more than 100 websites allegedly used by a Russian intelligence cyberespionage operation with a fondness for spear phishing. Targets include the national security apparatus and journalists, think tanks, and non-governmental organizations.

Phishing 293
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

The Pig Butchering Invasion Has Begun

WIRED Threat Level

Scamming operations that once originated in Southeast Asia are now proliferating around the world, likely raking in billions of dollars in the process.

Security 128
article thumbnail

News alert: Aembit appoints former Snowflake security director Mario Duarte as its new CISO

The Last Watchdog

Silver Spring, MD, Oct. 2, 2024, CyberNewswire — Aembit , the non-human IAM company, today announced the appointment of Mario Duarte as chief information security officer (CISO). Duarte, formerly head of security at Snowflake, joins Aembit with a deep commitment to address pressing gaps in non-human identity security. Duarte’s journey in cybersecurity began with a passion for penetration testing, sparked by the 1980s cult classic film WarGames.

Security 130
article thumbnail

New Perfctl Malware targets Linux servers in cryptomining campaign

Security Affairs

perfctl malware targets misconfigured Linux servers to deploy cryptocurrency miners and proxyjacking software in an ongoing campaign. Aqua Nautilus researchers shed light on a Linux malware, dubbed perfctl malware, that over the past 3-4 years targeted misconfigured Linux servers. The malicious code was used to drop cryptocurrency miners and proxyjacking software.

article thumbnail

Security Needs to Be Simple and Secure By Default: Google

Data Breach Today

Google Pushes for Gen AI and Platformization to Counter Sophisticated Threats Google asserts that platformization and consolidation can help contain today's sophisticated threats. Embedding generative AI into security is also required as the industry moves from assisted AI to semi-autonomous and, eventually, to autonomous security, with the goal of security by default.

Security 290
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Cybercriminal Gang Targeting SMBs Using Business Email Compromise

KnowBe4

Researchers at Todyl have published a report on a major cybercriminal group that’s conducting business email compromise (BEC) attacks against small and medium-sized businesses. Todyl describes three separate BEC attacks launched by this threat actor.

121
121
article thumbnail

This Video Game Controller Has Become the US Military’s Weapon of Choice

WIRED Threat Level

After decades of relying on buttons, switches, and toggles, the Pentagon has embraced simple, ergonomic video-game-style controllers already familiar to millions of potential recruits.

Security 114
article thumbnail

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

Security Affairs

North Korea-linked APT Kimsuky has been linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems. North Korea-linked APT group Kimsuky has been linked to a cyberattack on Diehl Defence, a defense firm specializing in the production of advanced military systems. Diehl Defence GmbH & Co. KG is a German weapon manufacturer headquartered in Überlingen.

Military 132
article thumbnail

Cybercrime is Still Evil Incorporated, But Disruptions Help

Data Breach Today

Naming and Sanctioning Cybercrime Syndicate Members Has Repercussions, Police Say Western law enforcement may not be able to bust every last Russian cybercrime suspect, but newly revealed efforts against Evil Corp and LockBit reveal suspects arrested while on vacation, as well as the psychological fallout criminal syndicates face when members get named, indicted and sanctioned.

290
290
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Dick’s Sporting Goods Cyber Attack Underscores Importance of Email Security and Internal Controls

KnowBe4

The recent cyber attack on Dick's Sporting Goods makes it clear that email played a critical role and emphasizes the need for better security controls.

Security 119
article thumbnail

News alert: Introducing Mayhem Security — ForAllSecure unveils name change, fresh focus

The Last Watchdog

Pittsburgh, PA, Oct. 1, 2024 — ForAllSecure , the world’s most advanced application security testing company, today announced it is changing its corporate name to Mayhem Security (“Mayhem”), signaling a new era of growth and opportunity aligned with its award-winning Mayhem Application Security platform. Founded by a team of researchers from Carnegie Mellon, the company’s focus has evolved from research, development, and education to a product company centered arou

Security 113
article thumbnail

News agency AFP hit by cyberattack, client services impacted

Security Affairs

AFP suffered a cyberattack affecting its IT systems and content delivery for partners, the incident impacted some client services. Agence France-Presse (AFP) reported a cyberattack on Friday that impacted its IT systems and content delivery for partners. The media agency confirmed that the global news coverage remains unaffected, however some client services were impacted.

Passwords 130
article thumbnail

California Gov. Newsom Vetoes Hotly-Debated AI Safety Bill

Data Breach Today

Newsom Says Bill Not 'Flexible' Solution to Curb Catastrophic Risks California Gov. Gavin Newsom on Sunday vetoed a hotly-debated AI safety bill that would have pushed developers to implement measures to prevent "critical harms." The bill "falls short of providing a flexible, comprehensive solution to curbing the potential catastrophic risks," Newsom said.

Risk 291
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

New VPN Credential Attack Goes to Great Lengths to Obtain Access

KnowBe4

A new “so-phish-ticated” attack uses phone calls, social engineering, lookalike domains, and impersonated company VPN sites to gain initial access to a victim network.

Access 113
article thumbnail

Security Risks of Outsourcing to the Cloud: Who’s Responsible?

IT Governance

Cloud computing is a key tool for organisations, offering a wealth of opportunity to extend IT capabilities and take advantage of innovations. As more organisations move to remote or hybrid working, Cloud services are more valuable than ever. However, innovation comes with risk. In this blog Security challenges of the Cloud Legal and contractual requirements Who’s responsible for what?

Cloud 103
article thumbnail

Community Clinic of Maui discloses a data breach following May Lockbit ransomware attack

Security Affairs

Community Clinic of Maui experienced a data breach impacting over 120,000 people following a LockBit ransomware attack. In May, the Community Clinic of Maui experienced a major IT outage that impacted thousands of patients following a cyber attack. In June, the Lockbit ransomware gang took credit for the attack. LockBit breached the Community Healthcare Clinic of Maui as they are still rebuilding from the devastating fire last year.