Mon.Feb 26, 2024

article thumbnail

NIST Unveils Second Iteration of Cybersecurity Framework

Data Breach Today

New CSF Adds 'Governance' to Core Functions Cybersecurity guidance for the private sector published by the U.S. National Institute of Standards and Technology in 2014 has received its first major update. The revised Cybersecurity Framework focuses on governance and says cybersecurity threats are a major source of enterprise risk.

article thumbnail

IntelBroker claimed the hack of the Los Angeles International Airport

Security Affairs

The popular hacker IntelBroker announced that it had hacked the Los Angeles International Airport by exploiting a flaw in one of its CRM systems. The website Hackread first reported that the popular hacker IntelBroker had breached one of the CRM systems used by the Los Angeles International Airport. IntelBroker announced it had exploited a vulnerability in the target system, the attack took place this month. “IntelBroker informed Hackread.com that they successfully executed the data breach

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Groups Warn Health Sector of Change Healthcare Cyber Fallout

Data Breach Today

Some Researchers Confident ConnectWise ScreenConnect Flaw Was Exploited in Attack Healthcare industry groups are urging their members to take certain precautionary actions in the wake of the attack last week on Change Healthcare, a unit of Optum. The advisories come as some researchers say the incident appears to involve exploitation of flaws in ConnectWise's ScreenConnect tool.

267
267
article thumbnail

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Security Affairs

Recently the leak of a collection of files apparently stolen from the Chinese government hacking contractor, I-Soon, exposed Chinese hacking capabilities. Recently someone has leaked on GitHub [ 1 , 2 ] a collection of files apparently stolen from the Chinese hacking firm, I-Soon. An analyst based in Taiwan, known as Azaka, discovered the data leak and shared their findings on social media. i-SOON is a prominent contractor for various agencies of the Chinese government, including Ministry of Pub

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

North Korean Group Seen Snooping on Russian Foreign Ministry

Data Breach Today

Espionage Groups Deploy Info Stealer to Monitor Russia's Diplomatic Moves North Korean espionage group TA406, aka the Konni Group, deployed information-stealing malware on a Russian government-owned software to spy on the country's foreign ministry officials. This is the latest attack in a North Korean campaign that targets Russian diplomatic activities.

More Trending

article thumbnail

SSH Exec Rami Raulas Named Interim CEO in Finnish Shakeup

Data Breach Today

Teemu Tunkelo Left SSH Abruptly After License Sales Slump and Stock Price Nosedive SSH Communications Security CEO Teemu Tunkelo left the Finnish cybersecurity vendor abruptly Monday after low license sales in late 2023 slowed the company's growth. No reason was given for Tunkelo's departure, which stems from an agreement between the CEO and SSH and will take effect immediately.

Sales 242
article thumbnail

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

eSecurity Planet

Critical vulnerabilities have been discovered across multiple systems, including Microsoft Exchange Servers, the Bricks Builder Theme for WordPress, VMware, ScreenConnect, Joomla, and Apple Shortcuts. Urgent patching and prompt updates can protect systems from unauthorized access, data breaches, and potential exploitation by threat actors. Organizations must prioritize implementing effective security measures and conducting frequent audits.

Risk 113
article thumbnail

Privacy Watchdog Cracks Down on Biometric Employee Tracking

Data Breach Today

Leisure Center Operators Ordered to Stop Using Facial and Fingerprint Recognition Britain's privacy watchdog ordered Serco Leisure, which operates nearly 40 leisure facilities, to cease using facial recognition and fingerprint scanning for clocking employees in and out, saying the company failed to demonstrate such technology was "necessary or proportionate.

Privacy 235
article thumbnail

Swiss Government Identified 10,000 Phishing Websites Impersonating 260 Brands

KnowBe4

Attacks targeting Swiss residents increased 10% last year, according to newly-released data that shows a growth in not just phishing attacks , but brand impersonation at purely a national level.

Phishing 104
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Ransomware Operation LockBit Relaunches Dark Web Leak Site

Data Breach Today

After Operation Cronos, LockBit Leader LockBitSupp's Vows to Continue Hacking Russian-speaking ransomware operation LockBit reestablished a dark web leak site Saturday afternoon, posting a lengthy screed apparently authored by its leader, who vowed not to retreat from the criminal underground world. The FBI had no comment.

article thumbnail

What Is Cross-Site Scripting (XSS)? Types, Risks & Prevention

eSecurity Planet

Cross-site scripting attacks are web application and web server exploits that occur because of a vulnerability in the server or application code. They’re particularly dangerous because it’s difficult for security or development teams to see an XSS vulnerability, and it’s also hard to see the effects of an attack until the ensuing breach is well underway.

Risk 102
article thumbnail

Russian Threat Actor APT29 Pivots to the Cloud for Espionage

Data Breach Today

Five Eyes Cyber Agencies Say Kremlin Hackers Are Following Victims to the Cloud The Russian intelligence hacking group known as APT29 or Cozy Bear is responding to the corporate migration to the cloud with matching hacking techniques, says an alert from international cyber agencies. Threat intelligence firms warn that APT29 has amplified its global cyberespionage operations.

Cloud 222
article thumbnail

I regularly shared photos of my son on social media – until alarm bells started ringing | Hannah Nwoko

The Guardian Data Protection

Like millions of doting parents, I wanted to keep others abreast of my child’s milestones. But the ‘likes’ weren’t worth the risks Social media is a strange place. On the one hand it can be a relentlessly toxic, dark cluster of ill intent; on the other, it can act as the glue that binds us to new communities, friends of the past and family we’ve almost forgotten.

Risk 100
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

How IBM is helping accelerate AI adoption and application centric connectivity

IBM Big Data Hub

This week, as thousands of network operators, technology vendors, and mobile device providers from all over the world converge on Barcelona for Mobile World Congress , it’s the perfect time to discuss how IBM® is shaping the future of network operations and telecommunications. Outside the glitz of new phones, connected cars and 5G with everything, there are some real challenges the industry must address.

Cloud 92
article thumbnail

Your KnowBe4 Compliance Plus Fresh Content Updates from February 2024

KnowBe4

Check out the February updates in Compliance Plus so you can stay on top of featured compliance training content.

article thumbnail

6 benefits of data lineage for financial services

IBM Big Data Hub

The financial services industry has been in the process of modernizing its data governance for more than a decade. But as we inch closer to global economic downturn, the need for top-notch governance has become increasingly urgent. How can banks, credit unions, and financial advisors keep up with demanding regulations while battling restricted budgets and higher employee turnover?

article thumbnail

Identity first: Best Practices of B2B IAM

Thales Cloud Protection & Licensing

Identity first: Best Practices of B2B IAM madhav Tue, 02/27/2024 - 05:18 In today’s evolving landscape of distributed workforces, the once well-defined boundaries of the corporate network have blurred into obscurity. The rise of remote work has shattered the traditional notion of a fortified perimeter, leaving organizations grappling with the challenge of securing identities rather than relying on sentinels at the gate to keep undesirable elements out.

B2B 83
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

How to improve network resilience with NS1 Connect Filter Chains

IBM Big Data Hub

Network service outages happen. It’s not a matter of if but when. Cloud platforms and content delivery networks (CDNs) with 100% uptime SLAs aren’t immune. They experience outages just like everything else. The question is: what do you do when one of your network services goes down? Will the lack of redundant services knock you offline? Or will you failover to another provider, maintaining a seamless user experience?

Cloud 78
article thumbnail

New York Strengthens Data Retention & Disposal Requirements via Corporate Compliance Insights

IG Guru

Check out the article here. The post New York Strengthens Data Retention & Disposal Requirements via Corporate Compliance Insights first appeared on IG GURU.

article thumbnail

Ethical considerations of AI in newsroom workflows

CGI

From research to verification of information, production, and distribution, and from accounting to workflow scheduling, AI and intelligent automation currently support routine tasks along the journalistic value chain.

52
article thumbnail

Upcoming RMS Coffee Chat: Records Managment and Institutional Change

The Schedule

Join us Monday, March 11th, 2024, at 3 pm EST, for “Records Management and Institutional Change”. Sophia McGuire, Records Management Analyst, City of Gahanna, Jennifer Motszko, Head of Archives at the University of Wisconsin-Whitewater, and Autumn Oakey, Library Assistant at the University of Wisconsin-Whitewater will share their experiences navigating institutional change.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Russia-linked APT29 switched to targeting cloud services

Security Affairs

Russia-linked APT29 threat actors have switched to targeting cloud services, according to a joint alert issued by the Five Eyes cybersecurity agencies. A joint advisory issued by cybersecurity agencies of Five Eyes (US, UK, Australia, Canada and New Zealand) warns that Russia-linked APT29 threat actors (aka SVR group , Cozy Bear , Nobelium , BlueBravo , Midnight Blizzard , and The Dukes ) have switched to targeting cloud services.

Cloud 133
article thumbnail

How Meta’s Llama 3 will impact the future of AI

IBM Big Data Hub

In January of 2024, Meta CEO Mark Zuckerberg announced in an Instagram video that Meta AI had recently begun training Llama 3. This latest generation of the LLaMa family of large language models (LLMs) follows the Llama 1 models (originally stylized as “LLaMA”) released in February 2023 and Llama 2 models released in July. Though specific details (like model sizes or multimodal capabilities) have not yet been announced, Zuckerberg indicated Meta’s intent to continue to open sou

article thumbnail

A cyber attack hit Thyssenkrupp Automotive Body Solutions business unit

Security Affairs

ThyssenKrupp disclosed a security breach that impacted its automotive division last week, in response to the attack the company shut down IT systems. Steel giant ThyssenKrupp disclosed a security breach that impacted its Automotive division last week. The company shut down IT systems in response to the attack. The news of the attack was reported by the Saarbrücker Zeitung.

article thumbnail

How a Right-Wing Controversy Could Sabotage US Election Security

WIRED Threat Level

Republicans who run elections are split over whether to keep working with the Cybersecurity and Infrastructure Security Agency to fight hackers, online falsehoods, and polling-place threats.

Security 126
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.