Tue.Mar 21, 2023

article thumbnail

Google Suspends Chinese App Following Malware Discovery

Data Breach Today

Google Discovered Malware In Pinduoduo’s Non-Play Store Versions Google suspended popular budget e-commerce application Pinduoduo from the Play Store after detecting malware on versions of the Chinese app downloadable from other online stores. Chinese security researchers say they found code inside Pinduoduo versions designed to monitor users.

Security 280
article thumbnail

GUEST ESSAY: Here’s why a big cybersecurity budget won’t necessarily keep your company safe

The Last Watchdog

The cybersecurity landscape is constantly changing. While it might seem like throwing more money into the IT fund or paying to hire cybersecurity professionals are good ideas, they might not pay off in the long run. Related : Security no longer just a ‘cost center’ Do large cybersecurity budgets always guarantee a company is safe from ongoing cybersecurity threats?

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

US Charges Bulgarian Woman in $4B OneCoin Fraud Case

Data Breach Today

Irina Dilkinska Allegedly Laundered $400M as Firm's Legal, Compliance Head A Bulgarian woman extradited to the United States for her role in a $4 billion crypto pyramid scheme adds to a growing list of law enforcement actions against perpetrators of the OneCoin Ponzi scheme. OneCoin generated $4 billion in fraudulent revenue and earned profits of close to $3 billion.

article thumbnail

Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend

Data Protection Report

Cyberattacks have become more frequent, problematic and complex over the years – so much so that they now represent a real threat to economic activities. The French Information and Digital Security Experts Club ( CESIN ) has estimated that 54% of French companies were subject to cyberattacks in 2021, [1] while France Assureurs has put cyberattack risks on top of all other risks for the sixth year in a row. [2] In this context, the Directorate General of the French Treasury has put forward a plan

Insurance 104
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Ransomware Will Target Transport Sector OT, Says ENISA

Data Breach Today

European Cybersecurity Agency Warns That Digital Extortion Is Coming for OT Europe's cybersecurity agency predicts hackers will take advantage of the growing overlap between information and operational technologies in the transport sector and disrupt OT processes in a targeted attack. Ransomware will become a tool wielded for political and financial motivations, says ENISA.

More Trending

article thumbnail

BreachForums Closes Amid Worries Over Law Enforcement Access

Data Breach Today

New Admin Shuts It Down After Spotting a Suspicious Server Logon Sunday Days after federal agents arrested the alleged administrator of criminal underground forum BreachForums, the new admin who took over announced that he is shutting down the site. User "Baphomet" said he spotted a suspicious server logon early Sunday afternoon.

Access 146
article thumbnail

Custom 'Naplistener' Malware a Nightmare for Network-Based Detection

Dark Reading

Threat actors are using legitimate network assets and open source code to fly under the radar in data-stealing attacks using a set of custom malware bent on evasion.

101
101
article thumbnail

NYC Special Needs Student's Records Found Exposed on Web

Data Breach Today

Researcher Says Database Containing Nearly 50,000 Documents Appears Secure Now Nearly 50,000 documents containing personal information of special education students who live in New York City and attend public school there were recently found exposed on the internet in an unsecured database. Some of those records date back to 2018.

Education 130
article thumbnail

Improving Data Breach Detection

Record Nations

A data breach occurs when an unauthorized party gains access to private information. Targeted data includes personally identifiable information (PII) including names, birthdates, financial data, and identification numbers. The impact of a breach can vary, but often carries serious consequences for both the individual and the organization responsible for handling the data.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Ferrari confirms data breach after receiving a ransom demand from an unnamed extortion group

Security Affairs

Ferrari disclosed a data breach after receiving a ransom demand from an unnamed extortion group that gained access to some of its IT systems. Ferrari disclosed a data breach after it received a ransom demand from an unnamed extortion group that breached its IT systems. The threat actor claims to have stolen certain client details. The company immediately launched an investigation into the incident with the support of a third-party cybersecurity firm and informed relevant authorities. “Ferr

article thumbnail

Cybersecurity Skills Shortage, Recession Fears Drive 'Upskilling' Training Trend

Dark Reading

For companies, training an existing worker is cheaper than hiring, while for employees, training brings job security and more interesting work.

article thumbnail

New Bad Magic APT used CommonMagic framework in the area of Russo-Ukrainian conflict

Security Affairs

Threat actors are targeting organizations located in Donetsk, Lugansk, and Crimea with a previously undetected framework dubbed CommonMagic. In October 2022, Kaspersky researchers uncovered a malware campaign aimed at infecting government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions with a previously undetected framework dubbed CommonMagic.

article thumbnail

Renowned Researcher Kelly Lum Passes Away

Dark Reading

The application security expert, who went by "@aloria," is being remembered for her brilliance and generosity, as tributes start to pour in honoring her life.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

2022 Zero-Day exploitation continues at a worrisome pace

Security Affairs

Experts warn that 55 zero-day vulnerabilities were exploited in attacks carried out by ransomware and cyberespionage groups in 2022. Cybersecurity firm Mandiant reported that ransomware and cyberespionage groups exploited 55 zero-day flaws in attacks in the wild. Most of the zero-day vulnerabilities were in software from Microsoft, Google, and Apple.

article thumbnail

US Citizen Hacked by Spyware

Schneier on Security

The New York Times is reporting that a US citizen’s phone was hacked by the Predator spyware. A U.S. and Greek national who worked on Meta’s security and trust team while based in Greece was placed under a yearlong wiretap by the Greek national intelligence service and hacked with a powerful cyberespionage tool, according to documents obtained by The New York Times and officials with knowledge of the case.

article thumbnail

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Security Affairs

Cryptocurrency ATM maker General Bytes suffered a security breach over the weekend, the hackers stole $1.5M worth of cryptocurrency. Cryptocurrency ATM manufacturers General Bytes suffered a security incident that resulted in the theft of $1.5M worth of cryptocurrency. GENERAL BYTES is the world’s largest Bitcoin, Blockchain, and Cryptocurrency ATM manufacturer.

article thumbnail

How You Can Tell the AI Images of Trump’s Arrest Are Deepfakes

WIRED Threat Level

Doctored images of the former US president went viral on Twitter. These are the telltale signs that they aren’t what they seem.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

ACEDS: Join us for an upcoming Webinar

IG Guru

Collecting Custodian Data to Prepare for Review Thursday, March 30 | 1 PM EDT REGISTER Building Your Brand and Raising Your Visibility in the E-Discovery Market Friday, March 31 | 2 PM EDT REGISTER Eye on ESI Wednesday, April 12 | 12:30 PM EDT REGISTER Eye on ESI Thursday, May 11 | 12:30 PM EDT […]

article thumbnail

Cyberpion Rebrands As IONIX

Dark Reading

IONIX illuminates exploitable risks across the real attack surface and its digital supply chain providing security teams with critical focus to accelerate risk reduction.

Risk 76
article thumbnail

An Overview of Silicon Valley Bank Themed Social Engineering

KnowBe4

Researchers at ReliaQuest warn that organizations should continue to be on the lookout for social engineering attacks related to Silicon Valley Bank (SVB).

80
article thumbnail

5 Innovations Jaguar TCS Racing is Driving to Reduce Its Carbon Footprint

Micro Focus

, Achmad Chadran, a Content Strategist at Micro Focus, now OpenText, and Managing Editor of the online journal TechBeacon, looks at the sustainability practices that Formula E observes both on and off the track. Micro Focus is the technical partner of Jaguar TCS Racing. The post 5 Innovations Jaguar TCS Racing is Driving to Reduce Its Carbon Footprint first appeared on Micro Focus Blog.

IT 72
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Google Releases Bard, Kind Of

John Battelle's Searchblog

Google continues to be extremely cautious in its approach to generative AI, but it seems to have realized it has to at least mention the subject once in a while – and today’s release of Bard , albeit in limited fashion – is one of those moments. The company is obsessively calling Bard “an experiment” – but it’s managed to orchestrate a slew of press outlets to simultaneously cover Bard’s launch today.

IT 68
article thumbnail

Zero-Day Bug Allows Crypto Hackers to Drain $1.6M From Bitcoin ATMs

Dark Reading

After its second cyberattack in under a year, General Bytes urges customers to up the security on their personal accounts to prevent losses from hackers.

article thumbnail

OpenText Named a Leader in the Infosource Global Capture & IDP Vendor Matrix

OpenText Information Management

Organizations improve operational efficiency and employee experiences by accelerating business processes at scale with intelligent document processing (IDP). To execute a truly effective operational efficiency strategy, innovating with information capture and IDP is key. Inefficiencies come in many forms, especially when employees and customers can’t find the information where and when they need it, which … The post OpenText Named a Leader in the Infosource Global Capture & IDP Vendor

article thumbnail

Name That Toon: It's E-Live!

Dark Reading

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

IT 83
article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

FTC proposed consent order prohibits perpetual retention of personal information

Data Protection Report

We had previously written about an FTC proposed consent order that would prohibit a company from perpetual retention of personal health information. On March 2, 2023, the FTC announced a complaint and proposed consent with BetterHelp, Inc. that would prohibit the company from perpetual retention of personal information—a broader category. Also unlike the previous matter, the FTC did not cite to the health breach notification requirements, but instead included claims only under Section 5 of t

Privacy 57
article thumbnail

Controlling Third-Party Data Risk Should Be a Top Cybersecurity Priority

Dark Reading

Third-party breaches have a wide effect that legacy security practices can no longer detect.

Risk 81
article thumbnail

Accounting Client Portals Mean Big Business Benefits

OneHub

Private client portals for accountants have become core to the way the business works. Industries of all kinds—law, finance, insurance, healthcare, marketing, the list goes on—have eagerly embraced private client portals to improve how their people and clients work and collaborate on a daily basis. The accounting industry is no different, and for good reasons.