Tue.Jan 24, 2023

article thumbnail

North Korean Hackers Attacked Horizon, Confirms FBI

Data Breach Today

Lazarus Group, APT38 Stole $100M From the Blockchain Bridge in June North Korea's Lazarus Group was behind the $100 million theft from the Horizon blockchain bridge, the U.S. federal government confirmed. The FBI vowed "to expose and combat North Korea's use of illicit activities - including cybercrime and virtual currency theft - to generate revenue.

article thumbnail

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

Denis Emelyantsev , a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.

IoT 205
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft Security Sales Hit $20B as Consolidation Increases

Data Breach Today

Growing Empire: Microsoft's Security Revenue Up 33% Since 2021, 100% Since 2020 The world's largest cybersecurity vendor continues to pull away from the competition, with Microsoft's security sales surpassing $20 billion in 2022 after 33% annual growth. The cloud computing and software giant continues to reap the rewards of security tool consolidation.

Sales 200
article thumbnail

SHARED INTEL: Here’s why security analysts need to remain on high alert for fake bug reports

The Last Watchdog

In an ideal world, cybersecurity analysts would get legitimate daily reports on improving a company’s security. Unfortunately, the likelihood of being handed unsolicited, untrustworthy advice is high. Related: Tech giants foster third-party snooping This is what fake bug reports are all about. Scammers now routinely spray out fake bug reports designed to take advantage of the naiveite and/or lack of vigilance of security analysts in the field.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

CommonSpirit Facing 2 Proposed Class Actions Post-Breach

Data Breach Today

Lawsuits: Hospital Chain Failed to Protect Data in Ransomware Compromise CommonSpirit was negligent in failing to protect sensitive health data, resulting in a compromise affecting at least 623,000 patients and perhaps many more, allege plaintiffs in two proposed class action lawsuits filed against the Chicago-based hospital chain after a 2022 ransomware attack.

More Trending

article thumbnail

VA: Contractors Have One Hour to Report a Security Incident

Data Breach Today

Final Rule Also Addresses 'Liquidated Damages' Contractors Must Pay in Breaches An update to acquisition regulations within the Department of Veterans Affairs emphasizes that contractor have one hour to report a security and privacy incident. The clock starts ticking after the incident's discovery. The department says the rule change only codifies an existing requirement.

Security 130
article thumbnail

Cybercriminals Use VSCode Extensions as New Attack Vector

eSecurity Planet

Microsoft’s Visual Studio Code integrated development environment (IDE) is used by as much as 75% of developers, so any security issue has widespread implications. And Aqua Nautilus researchers have discovered a big one. The researchers reported earlier this month that the VSCode editor could be vulnerable to attacks targeting its extensions. The free open source and cross-platform IDE is very easy to use, and there are literally thousands of free extensions developers can install in one c

article thumbnail

What Federal Charges Against Bitzlato Mean for Cybercrime

Data Breach Today

Feds Say a Firm Nobody's Heard of Was Part of a 'High-Tech Axis of Crypto Crime' When the DOJ announced a "major, international cryptocurrency enforcement action," observers expected to see charges against a well-known firm. Instead, the agency charged a lesser-known figure, Anatoly Legkodymov, the Russian founder of Bitzlato, with facilitating $700 million in illegal activity.

130
130
article thumbnail

How you can drive data health with data observability

Collibra

Your organization may have invested heavily in analytical tools. But analytical insights can be only as good as the quality of the input data. Many organizations struggle with the challenges of data quality and the way it affects their decisions. As a data engineer, you typically work on the raw data with missing, duplicate, and inconsistent records and deliver high-quality data.

Paper 98
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

EU Pega Committee Hears Call For Policy Overhaul on Spyware

Data Breach Today

Draft Recommendations Call for Ban on Trade in Zero Days and Government Stockpiling The European Parliament's Pegasus spyware committee heard draft recommendations calling for a ban on the commercial buying and selling of zero day exploits and for an immediate moratorium on the sale and use of advanced spyware.

Sales 130
article thumbnail

VMware warns of critical code execution bugs in vRealize Log Insight

Security Affairs

A critical vulnerability in VMware vRealize Log Insight appliance can allow an unauthenticated attacker to take full control of a target system. VMware addressed multiple vulnerabilities, tracked as CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, and CVE-2022-31711, in its vRealize Log Insight appliance. VRealize Log Insight is a log collection and analytics virtual appliance that enables administrators to collect, view, manage and analyze syslog data.

article thumbnail

Microsoft to Block Excel Add-ins to Stop Office Exploits

Dark Reading

The company will block the configuration files, which interact with Web applications — since threat actors increasingly use the capability to install malicious code.

129
129
article thumbnail

CISA added Zoho ManageEngine RCE (CVE-2022-47966) to its Known Exploited Vulnerabilities Catalog

Security Affairs

US CISA added the Zoho ManageEngine RCE vulnerability CVE-2022-47966 to its Known Exploited Vulnerabilities Catalog. The US CISA added the Zoho ManageEngine remote code execution flaw ( CVE-2022-47966 ) to its Known Exploited Vulnerabilities Catalog. The CVE-2022-47966 flaw is an unauthenticated remote code execution vulnerability that impacts multiple Zoho products with SAML SSO enabled in the ManageEngine setup.

IT 95
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

'DragonSpark' Malware: East Asian Cyberattackers Create an OSS Frankenstein

Dark Reading

Hackers cleverly cobbled together a suite of open source software — including a novel RAT — and hijacked servers owned by ordinary businesses.

98
article thumbnail

Pakistan hit by nationwide power outage, is it the result of a cyber attack?

Security Affairs

Pakistan suffered a nationwide blackout, local authorities are investigating the cause and suspect it was the result of a cyberattack. On Monday, a nationwide blackout in Pakistan left millions of people in the darkness, and the authorities are investigating if it was caused by a cyberattack. The power outage impacted all the major cities in Pakistan.

IT 95
article thumbnail

Bulk Surveillance of Money Transfers

Schneier on Security

Just another obscure warrantless surveillance program. US law enforcement can access details of money transfers without a warrant through an obscure surveillance program the Arizona attorney general’s office created in 2014. A database stored at a nonprofit, the Transaction Record Analysis Center (TRAC), provides full names and amounts for larger transfers (above $500) sent between the US, Mexico and 22 other regions through services like Western Union, MoneyGram and Viamericas.

article thumbnail

GoTo revealed that threat actors stole customers’ backups and encryption key for some of them

Security Affairs

GoTo is notifying customers that its development environment was breached in November 2022, attackers stole customers’ backups and encryption key. GoTo, formerly LogMeIn Inc, is a flexible-work provider of software as a service (SaaS) and cloud-based remote work tools for collaboration and IT management, The company is warning customers that threat actors breached its development environment in November 2022 and stole encrypted backups and an encryption key. “Upon learning of the inc

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

New QR Code Phishing Campaign is Impersonating the Chinese Ministry of Finance

KnowBe4

Researchers at Fortinet warn that a phishing campaign is impersonating the Chinese Ministry of Finance. The phishing emails contain a document with a QR code that leads to a credential-harvesting site.

article thumbnail

Researcher found US ‘No Fly List’ on an unsecured server

Security Affairs

A researcher discovered a U.S. No Fly List exposed on the Internet, the sensitive data were hosted on a server run by US airline CommuteAir. Researchers Maia Arson Crimew discovered a U.S. No Fly List hosted on an unsecured server run by US carrier CommuteAir. The TSC’s No Fly List is a list of people who are prohibited from boarding commercial aircraft for travel within, into, or out of the United States.

article thumbnail

View from Davos: The Changing Economics of Cybercrime

Dark Reading

Participants in a working session on ransomware at the World Economic Forum discussed how planning ahead can reduce cyber risk.

article thumbnail

Meta Platforms expands features for EE2E on Messenger App

Security Affairs

Meta Platforms announced the implementation of more features into its end-to-end encrypted Messanger App. Meta Platforms started gradually expanding testing default end-to-end encryption for Messenger. The company announced that over the next few months, its users will continue to see some of their chats gradually being upgraded with end-to-end encryption. “We will notify people in these individual chat threads as they are upgraded.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Security and the Electric Vehicle Charging Infrastructure

Dark Reading

When EVs and smart chargers plug in to critical infrastructure, what can go wrong? Plenty.

Security 111
article thumbnail

Unpacking Digital Data Laws Across Europe: Addressing the Digital Markets Act

Data Matters

The EU Digital Markets Act ( DMA ) is set to revolutionize the way in which so-called ‘Big Tech’ is regulated in the EU, shifting toward ex-ante rulemaking and away from traditional after-the-fact enforcement. The DMA imposes a stringent regulatory regime on large online platforms (so-called “ gatekeepers ”) and gives the European Commission ( Commission ) new enforcement powers, including an ability to impose severe fines and remedies for noncompliance.

article thumbnail

Skyhawk Security Launches Multicloud Runtime Threat Detection and Response Platform

Dark Reading

Skyhawk Synthesis extends cloud security misconfiguration detection across multiple clouds, the company says — throwing cloud security posture management in for free.

article thumbnail

Is the sky really falling? For Mac, there’s a silver lining.

Jamf

What might seem like discouraging market news is actually a leap ahead for Apple Mac.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Chat Cybersecurity: AI Promises a Lot, But Can It Deliver?

Dark Reading

Machine learning offers great opportunities, but it still can't replace human experts.

IT 104
article thumbnail

BYOD, or: How I Learned to Stop Worrying and Bring My Own Device

Jamf

Jamf BYOD makes using your own device simpler, more secure and more private.

article thumbnail

Ticketmaster Blames Bots in Taylor Swift 'Eras' Tour Debacle

Dark Reading

Ticketmaster testified in the Senate that a cyberattack was to blame for the high-profile Taylor Swift concert sales collapse, but some senators aren't so sure.

Sales 75