Fri.Sep 22, 2023

article thumbnail

Apple Fixes Bugs That Infected Egyptian Politician's iPhone

Data Breach Today

Cytrox's Predator Found on Device of Ahmed Eltantawy Apple released patches Thursday to close three actively exploited vulnerabilities that researchers say commercial spyware maker Cytrox used to infect the iPhone of Egyptian politician Ahmed Eltantawy with Predator malware. The Citizen Lab attributes the attacks to the Egyptian government.

article thumbnail

MGM, Caesars Cyberattack Responses Required Brutal Choices

Dark Reading

Tens of millions in losses later, the MGM and Caesars systems are back online following dual cyberattacks by the same threat actor — here's what experts say about their incident responses.

130
130
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Google CISO Phil Venables on Building Strong CIO-CISO Bonds

Data Breach Today

CIO, CISO Must Join Forces to Upgrade Organization to More Defendable Architecture Increased engagement from boards on digital transformation initiatives around cloud and AI adoption has spurred greater investment in cybersecurity, said Google Cloud CISO Phil Venables. Systems built and designed decades ago have become increasingly difficult to secure, he said.

article thumbnail

News alert: SSH announces another US financial institution selects PrivX as its PAM solution

The Last Watchdog

Helsinki, Finland, Sept. 22, 2023 – A leading global financial institution has selected PrivX as its privileged access management (PAM) solution. The customer is one of the largest and most important financial institutions in the world. This is third major new significant lighthouse customer for PrivX in the USA. The initial contract value is approximately USD 0.25 million of annual recurring subscription revenue (ARR), including professional services.

IT 100
article thumbnail

Provide Real Value in Your Applications with Data and Analytics

The complexity of financial data, the need for real-time insight, and the demand for user-friendly visualizations can seem daunting when it comes to analytics - but there is an easier way. With Logi Symphony, we aim to turn these challenges into opportunities. Our platform empowers you to seamlessly integrate advanced data analytics, generative AI, data visualization, and pixel-perfect reporting into your applications, transforming raw data into actionable insights.

article thumbnail

MGM Resorts Says Hotels 'Operating Normally' After Attack

Data Breach Today

But Digital Room Keys Still Unavailable; Slot Machines Have 'Intermittent Issues' MGM Resorts International says its hotels and casinos are now operating "normally" after the company was hit by ransomware-wielding attackers. Even so, numerous systems remain offline - including digital room key cards - as the company seeks to rebuild its IT infrastructure.

More Trending

article thumbnail

Cato Networks Raises $238M on $3B Valuation to Move Upmarket

Data Breach Today

Equity Investment Will Allow Cato Networks to Tightly Integrate CASB, DLP With SASE A late-stage SASE startup led by a serial entrepreneur hauled in a massive equity investment to address the feature and capability needs of large enterprises. The $238 million in funding will allow Cato Networks to more tightly align CASB and DLP with SASE to safeguard cloud apps and sensitive data.

Cloud 285
article thumbnail

Information of Air Canada employees exposed in recent cyberattack

Security Affairs

Air Canada, the flag carrier and largest airline of Canada, announced that the personal information of some employees was exposed as a result of a recent cyberattack. Air Canada, the flag carrier and largest airline of Canada, announced that threat actors had access to the personal information of some employees during a recent cyberattack. “An unauthorized group briefly obtained limited access to an internal Air Canada system related to limited personal information of some employees and ce

article thumbnail

Chinese, North Korean Nation-State Groups Target Health Data

Data Breach Today

HHS Report Lists APT41, APT43 and Lazarus Among Top Threat Groups Chinese and North Korean nation-state groups continue to pose significant "unique threats" to the U.S. healthcare and public health sector, including data exfiltration attacks involving espionage and intellectual property theft, federal authorities warned Thursday in a brief naming the top groups.

280
280
article thumbnail

CISA adds Trend Micro Apex One and Worry-Free Business Security flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

US CISA added the flaw CVE-2023-41179 in Trend Micro Apex and other security products to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the high-severity flaw CVE-2023-41179 (CVSS score 7.2) affecting Trend Micro Apex One and Worry-Free Business Security to its Known Exploited Vulnerabilities Catalog.

IT 107
article thumbnail

Entity Resolution: Your Guide to Deciding Whether to Build It or Buy It

Adding high-quality entity resolution capabilities to enterprise applications, services, data fabrics or data pipelines can be daunting and expensive. Organizations often invest millions of dollars and years of effort to achieve subpar results. This guide will walk you through the requirements and challenges of implementing entity resolution. By the end, you'll understand what to look for, the most common mistakes and pitfalls to avoid, and your options.

article thumbnail

Guardians of the Cyberverse: Building a Resilient Security Culture

Dark Reading

Whether achieved through AI-enabled automation, proactive identification and resolution of issues, or the equitable distribution of risk management responsibilities, the goal must be resilience.

Security 103
article thumbnail

Recently patched Apple and Chrome zero-days exploited to infect devices in Egypt with Predator spyware

Security Affairs

Citizen Lab and Google’s TAG revealed that the three recently patched Apple zero-days were used to install Cytrox Predator spyware. Researchers from the Citizen Lab and Google’s Threat Analysis Group (TAG) revealed that the three Apple zero-days addressed this week were used as part of an exploit to install Cytrox Predator spyware. Apple this week released emergency security updates to address three new zero-day vulnerabilities (CVE-2023-41993, CVE-2023-41991, CVE-2023-41992) that ha

Security 103
article thumbnail

How to keep your CISO happy with data and alerts

Jamf

In this session, Get Well’s Todd Clark, Senior IT Support Specialist, and Jeremy Lynch, CISO, return to JNUC to explain how they use data and alerts to simplify their workflows — and keep their CISO happy.

IT 98
article thumbnail

Experts warn of a 600X increase in P2Pinfect traffic

Security Affairs

The experts warn of a surge in P2PInfect botnet activity since late August 2023, they are witnessing a 600x jump between September 12 and 19, 2023. In July 2023, Palo Alto Networks Unit 42 researchers discovered a new peer-to-peer (P2P) worm called P2PInfect that targets Redis servers running on both Linux and Windows systems. The capability to target Redis servers running on both Linux and Windows operating systems makes P2PInfect more scalable and potent than other worms.

Passwords 101
article thumbnail

Deliver Mission Critical Insights in Real Time with Data & Analytics

In the fast-moving manufacturing sector, delivering mission-critical data insights to empower your end users or customers can be a challenge. Traditional BI tools can be cumbersome and difficult to integrate - but it doesn't have to be this way. Logi Symphony offers a powerful and user-friendly solution, allowing you to seamlessly embed self-service analytics, generative AI, data visualization, and pixel-perfect reporting directly into your applications.

article thumbnail

Weekly Update 366

Troy Hunt

Well that's it, Europe is done! I've spent the week in Prague with highlights including catching up with Josef Prusa, keynoting at Experts Live EU and taking a "beer spa" complete with our own endless supply of tap beer. Life is good 🍻 That’s it - we’ve peaked - life is all downhill from here 🤣 🍻 #BeerSpa pic.twitter.com/ezCpUC6XEK — Troy Hunt (@troyhunt) September 21, 2023 All that and more in this week's video, next week I&apo

article thumbnail

Sandman APT targets telcos with LuaDream backdoor

Security Affairs

A previously undocumented APT dubbed Sandman targets telecommunication service providers in the Middle East, Western Europe, and South Asia. A joint research conducted by SentinelLabs and QGroup GmbH revealed that a previously undetected APT group, dubbed Sandman, is targeting telecommunication service providers in the Middle East, Western Europe, and South Asia.

article thumbnail

Do CISOs Have to Report Security Flaws to the SEC?

Dark Reading

The new SEC rules make it seem that there is no need to report the presence of security vulnerabilities, but that doesn't quite tell the full story.

Security 101
article thumbnail

Hypothesis: Generative AI at Jamf

Jamf

Learn how Jamf views Artificial Intelligence (AI), its use cases and the proof of concepts we’ve already tackled in this JNUC 2023 session.

article thumbnail

10 Rules for Managing Apache Cassandra

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

article thumbnail

NFL, CISA Look to Intercept Cyber Threats to Super Bowl LVIII

Dark Reading

The league is working with more than 100 partners to workshop responses to a host of hypothetical cyberattacks on the upcoming Big Game in Las Vegas.

102
102
article thumbnail

One’s service is another’s product: enhance performance through the user’s voice

Jamf

Learn how taking proper care of your feedback can amplify user satisfation and benefit your products and services in this JNUC session.

98
article thumbnail

TikTok API Rules Stymie Analysis of US User Data, Academics Say

Dark Reading

Terms of service for API access give TikTok publication review over findings and limit access to critical data on the platform's impact on US users, researchers say.

Access 89
article thumbnail

Irish Regulator Fines TikTok 345 Million Euros

Hunton Privacy

On September 15, 2023, the Irish Data Protection Commission (the “DPC”) announced a fine of 345 million Euros against TikTok Technology Limited (“TikTok”) for non-compliance with GDPR rules regarding the processing of personal data of child users. This decision by the DPC reflects the binding decision of the European Data Protection Board (the “EDPB”) pursuant to Article 65 of the GDPR.

GDPR 72
article thumbnail

Using Data & Analytics for Improving Healthcare Innovation and Outcomes

In the rapidly evolving healthcare industry, delivering data insights to end users or customers can be a significant challenge for product managers, product owners, and application team developers. The complexity of healthcare data, the need for real-time analytics, and the demand for user-friendly interfaces can often seem overwhelming. But with Logi Symphony, these challenges become opportunities.

article thumbnail

ASPM Is Good, But It's Not a Cure-All for App Security

Dark Reading

What application security posture management does, it does well. But you'll still need to fill in some holes, especially concerning API security.

IT 92
article thumbnail

Streamlining Data Collection for Investigations and eDiscovery

OpenText Information Management

Organizations are practically drowning in data today, which makes using that data effectively more challenging than ever. Additionally, the risks associated with protecting that data have never been higher, due to strengthened data privacy laws worldwide and increasing cyberattacks on businesses everywhere. Businesses are faced with the challenge of needing discrete comprehensive data collection capabilities … The post Streamlining Data Collection for Investigations and eDiscovery appeared

article thumbnail

Akira Ransomware Mutates to Target Linux Systems, Adds TTPs

Dark Reading

The newly emerged ransomware actively targets both Windows and Linux systems with a double-extortion approach.

article thumbnail

Be a supplier of choice for your large partners with EDI integration

OpenText Information Management

Electronic Data Interchange (EDI) has provided smaller businesses with an effective way to cut costs and improve the service they delivered to large customers for many years. However, now EDI integration is crucial to companies of any size looking to increase their network of suppliers and customers. Large businesses increasingly want the speed and accuracy … The post Be a supplier of choice for your large partners with EDI integration appeared first on OpenText Blogs.

B2B 62
article thumbnail

10 Rules for Managing Apache Kafka

Without proper guidance, it’s easy to miss out on Kafka’s full capabilities. While not the easiest technology to optimize, Kafka rewards those willing to explore its depths. Under the hood, it is an elegant system for stream processing, event sourcing, and data integration. Download this white paper to learn the 10 critical rules that will help you optimize your Kafka system and unlock its full potential.

article thumbnail

Apple Fixes 3 More Zero-Day Vulnerabilities

Dark Reading

All of the security bugs are under active attacks, but the extent of their exploitation is unknown.

article thumbnail

Microsoft accidentally exposed 38 terabytes of data from employee workstations via The Record

IG Guru

Check out the article here. The post Microsoft accidentally exposed 38 terabytes of data from employee workstations via The Record first appeared on IG GURU.

Access 85
article thumbnail

Low-code Automation and App Installers: A Match Made in Efficiency Heaven

Jamf

In this JNUC session you’ll learn how MyFitnessPal made app management even easier by using a low-code automation platform to automatically detect, select, suggest and ultimately deploy App Installers.

52