Thu.Sep 14, 2023

article thumbnail

China Denies Banning Government Use of Apple iPhones

Data Breach Today

China Cites Apple Security Flaws in Warning to Foreign Mobile Device Manufacturers China hasn't ordered any restrictions on the use of Apple iPhones by government agencies, according to a Chinese government spokesperson, but the official cited recent security flaws in the iPhone and warned that foreign mobile device manufacturers must abide by domestic information security laws.

article thumbnail

GUEST ESSAY: The timing is ripe to instill trust in the open Internet — and why this must get done

The Last Watchdog

In today’s digital age, trust has become a cornerstone of building a better Internet. Preserving privacy for a greater good The Internet was designed as a platform for peer research, not for the vast scale and diverse uses we see today. Over the decades, it’s grown in a way that has left it with many inherent vulnerabilities. These vulnerabilities, not borne out of malice, were the result of choices made with limited information available at the time.

Mining 290
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Caesars Entertainment Reportedly Pays Ransom to Attackers

Data Breach Today

Half of $30 Million Demand Paid to Same Group That Hit MGM Resorts, Reports Say Hotel and casino giant Caesars Entertainment paid approximately half of an initial $30 million ransom demand to attackers who infected its systems with ransomware, according to news reports. The attackers appear to be with the same group that hit MGM Resorts.

article thumbnail

'Scattered Spider' Behind MGM Cyberattack, Targets Casinos

Dark Reading

The ransomware group is a collection of young adults who also recently breached Caesars Entertainment and made a ransom score in the tens of millions.

article thumbnail

10 Rules for Managing Apache Cassandra

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

article thumbnail

Greater Manchester Police Caught Up in Ransomware Hack

Data Breach Today

Employee Information Among Compromised Data Hackers stole the personal details of thousands of police officers and staff in a ransomware attack that swept up one of the United Kingdom's largest law enforcement agencies. The Greater Manchester Police on Thursday described the attack as targeting a third-party supplier of various organizations.

More Trending

article thumbnail

LokiBot Information Stealer Packs Fresh Infection Strategies

Data Breach Today

Info Stealer Continues to Succeed via Phishing, Exploiting Ancient Flaw in Office In Norse mythology, Loki is a cowardly trickster god who can change age, shape and sex. The malware incarnation is more prosaic, tending to focus on stealing Microsoft users' data, at times by using an ancient vulnerability in Microsoft Office that continues to be widespread.

Phishing 284
article thumbnail

How to Tell if Active Directory is Compromised

eSecurity Planet

Active Directory is one of the most critically important IT assets and a frequent target of hackers, so securing it is a top priority for IT and security teams. And part of that job is checking to make sure that Active Directory hasn’t been compromised. Between Active Directory for Windows and Azure, Microsoft dominates the market for identity and access management (IAM) tools with a greater than 50% market share, including about 95% of the Fortune 1000, so there are few targets for hacker

article thumbnail

U.S. Senator Seeks Input on Ways to Protect Patient Privacy

Data Breach Today

Inquiry is Latest Move by a Lawmaker Hinting of New Data Protection Legislation The drumbeat for potential federal legislation to better protect sensitive health information – or at least new regulations - appears to be growing louder in Congress. One of the Senate's four lawmaker doctors is quizzing the healthcare industry on ways to safeguard health data.

Privacy 278
article thumbnail

Free Download Manager backdoored to serve Linux malware for more than 3 years

Security Affairs

Researchers discovered a free download manager site that has been compromised to serve Linux malware to users for more than three years. Researchers from Kaspersky discovered a free download manager site that has been compromised to serve Linux malware. While investigating a set of suspicious domains, the experts identified that the domain in question has a deb.fdmpkg[.]org subdomain.

Cloud 116
article thumbnail

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage

Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, VP of Engineering at Betterworks, will explore a practical framework to transform Generative AI pr

article thumbnail

Breach Roundup: Pegasus on Exiled Russian Journalist's Phone

Data Breach Today

Also: 9-Year Prison Sentence for Insider Trading Fueled by Password Theft This week, exiled Russian journalist Galina Timchenko's iPhone was found to contain NSO Group's Pegasus spyware, a Russian businessman was sentenced for insider trading, more than 300,000 people were affected by an attack on See Tickets and period-tracking apps raised privacy concerns in the U.K.

Passwords 274
article thumbnail

No Dice for MGM Las Vegas as It Battles Fallout from Ransomware Attack After a 10-minute Vishing Scam

KnowBe4

Four days later, $52 million in lost revenues and counting, a cyber attack on MGM Resorts International, a $14 billion Las Vegas gaming empire with Hollywood-famous hotel spreads like the Bellagio, Cosmopolitan, E xcalibur, Luxor, and the MGM Grand itself, had the house brought down by a perfect example of vishing …a 10-minute phone call.

article thumbnail

How the U.S. Government Views the Bright, Dark Sides of AI

Data Breach Today

White House, DOD, DHS Leaders Reveal How their Agencies Use Artificial Intelligence AI allows U.S. agencies to address hard problems like quickly writing secure code but comes with risks around nation-states generating attacks more efficiently. "The cybersecurity element is a great example of the bright and the dark side of AI technology," said White House Director Arati Prabhakar.

article thumbnail

Kubernetes flaws could lead to remote code execution on Windows endpoints

Security Affairs

Researchers discovered three security flaws in Kubernetes that can lead to remote code execution on Windows endpoints. Akamai researchers recently discovered a high-severity vulnerability in Kubernetes tracked as CVE-2023-3676 (CVSS 8.8). This identification of this issue led to the discovery of two more vulnerabilities tracked as CVE-2023-3893, and CVE-2023-3955 (CVSS 8.8).

Access 114
article thumbnail

10 Rules for Managing Apache Kafka

Without proper guidance, it’s easy to miss out on Kafka’s full capabilities. While not the easiest technology to optimize, Kafka rewards those willing to explore its depths. Under the hood, it is an elegant system for stream processing, event sourcing, and data integration. Download this white paper to learn the 10 critical rules that will help you optimize your Kafka system and unlock its full potential.

article thumbnail

Cryptohack Roundup: Vitalik Buterin's Social Media Hacked

Data Breach Today

Also: CoinEx Hack, OneCoin Founder's Sentencing, Another FTX Guilty Plea This week, Vitalik Buterin was the victim of a SIM swapping attack, North Korea likely orchestrated the $55 million CoinEx hack, OneCoin co-founder Karl Sebastian Greenwood was sentenced to 20 years in prison and former FTX executive Ryan Salame will reportedly plead guilty to criminal charges.

256
256
article thumbnail

UK Greater Manchester Police disclosed a data breach

Security Affairs

UK Greater Manchester Police (GMP) disclosed a data breach, threat actors had access to some of its employees’ personal information. UK Greater Manchester Police (GMP) announced that threat actors had access to the personal information of some of its employees after an unnamed third-party supplier was hit with a ransomware attack. The GMP reported that the impacted company provides its services to various UK organizations, including Greater Manchester Police.

article thumbnail

Microsoft Teams Hacks Are Back, As Storm-0324 Embraces TeamsPhisher

Dark Reading

Collaboration apps are a boost to business productivity, but also a uniquely attractive target for cyberattackers.

134
134
article thumbnail

Lockbit ransomware gang hit the Carthage Area Hospital and the Clayton-Hepburn Medical Center in New York

Security Affairs

LockBit ransomware group breached two hospitals, the Carthage Area Hospital and the Clayton-Hepburn Medical Center in New York. The Lockbit ransomware group claims to have hacked two major hospitals, the Carthage Area Hospital and Claxton-Hepburn Medical Center. The two hospitals serve hundreds of thousands of people in upstate New York. The cyberattack took place at the end of August and had a severe impact on the two hospitals in the last couple of weeks.

article thumbnail

Navigating the Future: Generative AI, Application Analytics, and Data

Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?

article thumbnail

Evolution of the in-house legal department: Today’s greater challenges

OpenText Information Management

I’ve been working within the legal industry in one role or another since the early 1990s. When I first started, legal departments collected only paper for legal discovery purposes. While there obviously were underlying electronic files and email represented in all that paper, it wasn’t generally exported to digital format for review back then. Obviously, … The post Evolution of the in-house legal department: Today’s greater challenges appeared first on OpenText Blogs.

Paper 104
article thumbnail

Cuba Ransomware Gang Continues to Evolve With Dangerous Backdoor

Dark Reading

The Russian-speaking ransomware gang continues to update its tactics while managing to steal highly sensitive information from its victims.

article thumbnail

MGM Suffers Ransomware Attack that Started with a Simple Helpdesk Call

KnowBe4

As the aftermath unfolds, the details around the recent attack on MGM Resorts, providing crucial insight into the attacks impact, who’s responsible, and how it started.

article thumbnail

Professional Sports: The Next Frontier of Cybersecurity?

Dark Reading

Sports teams, major leagues, global sporting associations, and entertainment venues are all home to valuable personal and business data. Here's how to keep them safe.

article thumbnail

Get Better Network Graphs & Save Analysts Time

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

article thumbnail

Can Someone Guess My Password From the Wi-Fi Signal On My Phone?

KnowBe4

Cybercriminals can't ascertain your phone password just from a Wi-Fi signal, but they can come close according to a method described in a recent research paper. Researchers have demonstrated a method that uses Wi-Fi signals to infer numerical passwords, and the mechanics behind it are nothing short of intriguing.

article thumbnail

Stealer Thugs Behind RedLine & Vidar Pivot to Ransomware

Dark Reading

In a notable shift in strategy, the threat actors are abusing code-signing certificates to spread a double whammy of infostealers and ransomware payloads.

article thumbnail

The iPhone of a Russian journalist was infected with the Pegasus spyware

Security Affairs

The iPhone of a prominent Russian journalist, who is at odds with Moscow, was infected with NSO Group’s Pegasus spyware. The iPhone of the Russian journalist Galina Timchenko was compromised with NSO Group’s Pegasus spyware. A joint investigation conducted by Access Now and the Citizen Lab revealed that the journalist, who is at odds with the Russian government, was infected with the surveillance software.

article thumbnail

Cybersecurity and Compliance in the Age of AI

Dark Reading

It takes a diverse village of experts to enact effective cybersecurity guidelines, practices, and processes.

article thumbnail

How Embedded Analytics Gets You to Market Faster with a SAAS Offering

Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.

article thumbnail

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I’m speaking at swampUP 2023 in San Jose, California, on September 13, 2023 at 11:35 AM PT. The list is maintained on this page.

87
article thumbnail

Zero-Click iPhone Exploit Drops Pegasus Spyware on Exiled Russian Journalist

Dark Reading

The exploit is one of many that government and intelligence agencies have to infect target devices with the notorious surveillance tool.

article thumbnail

Thales & Prime Factors’ 30 Year Collaboration Continues to Deliver Simplicity, Flexibility, and Security for Payment Applications

Thales Cloud Protection & Licensing

Thales & Prime Factors’ 30 Year Collaboration Continues to Deliver Simplicity, Flexibility, and Security for Payment Applications madhav Thu, 09/14/2023 - 10:25 Thales recently announced the launch of the payShield Cloud HSM service , making it easier and more flexible for payment HSMs to migrate to the cloud. Our team at Prime Factors had the opportunity to be among the first to successfully test the new HSM service with our Bank Card Security System (BCSS) to ensure flexibility and full functi