Fri.May 26, 2023

article thumbnail

Phishing Domains Tanked After Meta Sued Freenom

Krebs on Security

The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta , which alleged the free domain name provider has a long history of ignoring abuse complaints about phishing websites while monetizing traffic to those abusive domains. The volume of phishing websites registered through Freenom dropped considerably since the registrar was sued by Meta.

Phishing 261
article thumbnail

Pegasus Spyware Spotted in Nagorno-Karabakh War

Data Breach Today

Access Now Calls Infections 1st Documented Evidence of Pegasus in Context of War Digital rights organizations detected Pegasus spyware on the devices of members of Armenian civil society during the outbreak of armed conflict over a disputed region in the South Caucasus region. Access Now called the infections the first known instance of Pegasus spyware use during war.

Access 204
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Tesla Whistleblower Leaks 100GB of Data, Revealing Safety Complaints

Dark Reading

Informants have released data that includes thousands of safety complaints the company has received about its self-driving capability, as well as sensitive information regarding current and past employees.

IT 123
article thumbnail

Latitude Financial Attack Costs Company Up to AU$105 Million

Data Breach Today

Hackers Obtained Access Through a Compromised Credential Australian consumer lender Latitude Financial Services anticipates its spring cybersecurity incident will cost it up to AU$105 million, which includes a five-week period during which debt collection systems were severely affected by the attack.

article thumbnail

Provide Real Value in Your Applications with Data and Analytics

The complexity of financial data, the need for real-time insight, and the demand for user-friendly visualizations can seem daunting when it comes to analytics - but there is an easier way. With Logi Symphony, we aim to turn these challenges into opportunities. Our platform empowers you to seamlessly integrate advanced data analytics, generative AI, data visualization, and pixel-perfect reporting into your applications, transforming raw data into actionable insights.

article thumbnail

What is Confidential Computing? Definition, Benefits, & Uses

eSecurity Planet

Confidential computing is a technology and technique that encrypts and stores an organization’s most sensitive data in a secure portion of a computer’s processor — known as the Trusted Execution Environment (TEE) — while it’s processed and in use. It’s a fast-growing cloud computing technique that has gotten buy-in and support from a variety of hardware, software, and cloud vendors.

More Trending

article thumbnail

Top security challenges and how to overcome them: Prepare for & address external threats

Jamf

Cyber threats come from all sides. As bad actors continue to evolve their toolsets to more succinctly attack targets, organizations are faced with the challenges of preparing for threats while implementing mitigations to address them as quickly and efficiently as possible. One of the most critical are external threats originating from outside the organization – proving to be amongst the most common threat types and the most difficult to protect against – but not impossible to address

article thumbnail

Capita Hack Fallout: Regulator Sees Breach Reports Surge

Data Breach Today

ICO Receives 'Large Number of Reports' From Organizations Affected by Data Exposure Britain's privacy watchdog has seen a surge in data breach reports from outsourcing giant Capita's customers tied to two incidents: a March hack attack by a ransomware group against Capita and one of the company's Amazon Web Service buckets being left unsecured for six years.

article thumbnail

Expeditionary Cyberspace Operations

Schneier on Security

Cyberspace operations now officially has a physical dimension, meaning that the United States has official military doctrine about cyberattacks that also involve an actual human gaining physical access to a piece of computing infrastructure. A revised version of Joint Publication 3-12 Cyberspace Operations—published in December 2022 and while unclassified, is only available to those with DoD common access cards, according to a Joint Staff spokesperson—officially provides a definition

article thumbnail

ISMG Editors: How Ukraine's Cyber Defenders Prepped for War

Data Breach Today

Also: Meta Fined 1.2 Billion Euros for Privacy Issues; GDPR's 5-Year Anniversary In the latest weekly update, ISMG editors discuss top takeaways from Ukraine's cyber defense success, how a European regulator suspended Facebook data transfers to the United States, and the state of the EU General Data Protection Regulation on its five-year anniversary.

GDPR 130
article thumbnail

Entity Resolution: Your Guide to Deciding Whether to Build It or Buy It

Adding high-quality entity resolution capabilities to enterprise applications, services, data fabrics or data pipelines can be daunting and expensive. Organizations often invest millions of dollars and years of effort to achieve subpar results. This guide will walk you through the requirements and challenges of implementing entity resolution. By the end, you'll understand what to look for, the most common mistakes and pitfalls to avoid, and your options.

article thumbnail

[Mastering Minds]  China's Cognitive Warfare Ambitions Are Social Engineering At Scale

KnowBe4

As the world continues to evolve, so does the nature of warfare. China's People's Liberation Army (PLA) is increasingly focused on "Cognitive Warfare," a term referring to artificial intelligence (AI)-enabled military systems and operational concepts. The PLA's exploration into this new domain of warfare could potentially change the dynamics of global conflict.

article thumbnail

OpenAI CEO Altman 'Blackmails' EU Over AI Regulation

Data Breach Today

'No Plans to Leave,' Altman Hastily Tweets ChatGPT will continue to operate inside the European Union despite warnings from OpenAI CEO Sam Altman that he's prepared to pull out from the bloc if he doesn't like regulations being prepared in Brussels. European lawmakers earlier this month proposed new obligations for AI models such as GPT.

130
130
article thumbnail

New PowerExchange Backdoor linked to an Iranian APT group

Security Affairs

An alleged Iran-linked APT group targeted an organization linked to the United Arab Emirates (U.A.E.) with the new PowerExchange backdoor. Researchers from the Fortinet FortiGuard Labs observed an attack targeting a government entity in the United Arab Emirates with a new PowerShell-based backdoor dubbed PowerExchange. The experts speculate that the backdoor is likely linked to an Iran-linked APT group.

article thumbnail

Medical Specialty Practice Says Recent Hack Affects 224,500

Data Breach Today

Ransomware Operation Claims It Downloaded 2 Terabytes of Entity's Data An upstate New York medical specialty practice has reported to regulators that the information of nearly 224,500 employees and patients was compromised in a hacking incident discovered in March. Ransomware group RansomHouse claims to have downloaded 2 terabytes of the entity's data.

article thumbnail

Deliver Mission Critical Insights in Real Time with Data & Analytics

In the fast-moving manufacturing sector, delivering mission-critical data insights to empower your end users or customers can be a challenge. Traditional BI tools can be cumbersome and difficult to integrate - but it doesn't have to be this way. Logi Symphony offers a powerful and user-friendly solution, allowing you to seamlessly embed self-service analytics, generative AI, data visualization, and pixel-perfect reporting directly into your applications.

article thumbnail

Travel-Themed Phishing, BEC Campaigns Get Smarter as Summer Season Arrives

Dark Reading

Phishing campaigns targeting travelers have evolved from simple, easy-to-spot fraud attempts to highly sophisticated operations.

article thumbnail

CIAM in insurance: A unified, secure user experience with a single login

Thales Cloud Protection & Licensing

CIAM in insurance: A unified, secure user experience with a single login madhav Fri, 05/26/2023 - 07:33 In recent years, the insurance industry has transformed from a singularly focused entity to a multi-brand or multi-service type of business. Most insurance companies nowadays offer multiple types of insurance products, or they sell policies on behalf of their partners.

article thumbnail

How Safe Is Your Wearable Device?

Dark Reading

To mitigate risk, both developers and users must include security principles and technologies as core foundations in new devices.

Risk 90
article thumbnail

Strengthening cybersecurity in life sciences with IBM and AWS

IBM Big Data Hub

Cloud is transforming the way life sciences organizations are doing business. Cloud computing offers the potential to redefine and personalize customer relationships, transform and optimize operations, improve governance and transparency, and expand business agility and capability. Leading life science companies are leveraging cloud for innovation around operational, revenue and business models.

article thumbnail

10 Rules for Managing Apache Cassandra

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

article thumbnail

Your KnowBe4 Fresh Content Updates from May 2023

KnowBe4

Check out the 20 new pieces of training content added in May, alongside the always fresh content update highlights, events and new features.

article thumbnail

Making smart grids, smart fields, and smart facilities smarter with OpenText

OpenText Information Management

The world is in a race for energy. Energy companies today are striving to create intelligent, connected, secure, responsible and scalable enterprises. Smart grids, smart oilfields, smart refineries and other ‘smart’ assets are concepts that have been around for more than 25 years, but these concepts have largely relied on information from operational technology such as … The post Making smart grids, smart fields, and smart facilities smarter with OpenText appeared first on OpenText Blogs.

article thumbnail

2 Lenses for Examining the Safety of Open Source Software

Dark Reading

Improving the security of open source repositories and keeping malicious components out requires a combination of technology and people.

article thumbnail

Meta fined record $1.3 billion and ordered to stop sending European user data to US via AP News

IG Guru

Check out the story here.

article thumbnail

Using Data & Analytics for Improving Healthcare Innovation and Outcomes

In the rapidly evolving healthcare industry, delivering data insights to end users or customers can be a significant challenge for product managers, product owners, and application team developers. The complexity of healthcare data, the need for real-time analytics, and the demand for user-friendly interfaces can often seem overwhelming. But with Logi Symphony, these challenges become opportunities.

article thumbnail

130K+ Patients' Social Security Numbers Leaked in UHS of Delaware Data Breach

Dark Reading

article thumbnail

Dark Frost Botnet targets the gaming sector with powerful DDoS

Security Affairs

Researchers spotted a new botnet dubbed Dark Frost that is used to launch distributed denial-of-service (DDoS) attacks against the gaming industry. Researchers from Akamai discovered a new botnet called Dark Frost that was employed in distributed denial-of-service (DDoS) attacks. The botnet borrows code from several popular bot families, including Mirai , Gafgyt , and Qbot.

article thumbnail

How Red Hat OpenShift on AWS (ROSA) accelerates enterprise modernization initiatives on cloud, delivering business application innovation

IBM Big Data Hub

When it comes to driving large technology transformation on Cloud, leveraging existing investments, and optimizing open innovation within the larger ecosystem with a hybrid cloud platform, IBM Consulting™ offers several learnings to help organizations address the architecture and technology challenge. Consider large financial services organization going through core banking modernization.

Cloud 72
article thumbnail

New CosmicEnergy ICS malware threatens energy grid assets

Security Affairs

Experts detailed a new piece of malware, named CosmicEnergy, that is linked to Russia and targets industrial control systems (ICS). Researchers from Mandiant discovered a new malware, named CosmicEnergy, designed to target operational technology (OT) / industrial control system (ICS) systems. The malicious code was first uploaded to a public malware scanning service in December 2021 by a user in Russia.

Access 82
article thumbnail

10 Rules for Managing Apache Kafka

Without proper guidance, it’s easy to miss out on Kafka’s full capabilities. While not the easiest technology to optimize, Kafka rewards those willing to explore its depths. Under the hood, it is an elegant system for stream processing, event sourcing, and data integration. Download this white paper to learn the 10 critical rules that will help you optimize your Kafka system and unlock its full potential.

article thumbnail

Friday Squid Blogging: Online Cephalopod Course

Schneier on Security

Atlas Obscura has a five-part online course on cephalopods, taught by squid biologist Dr. Sarah McAnulty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.