Fri.Jul 05, 2024

article thumbnail

Breach Roundup: FBI Warns of US Renewable Energy Sector Threats

Data Breach Today

Google Offers $250,000 Reward for KVM Vulns; CocoaPods Flaws Expose Apple Apps This week: FBI warns of cyberthreats to U.S. renewable energy sector; Indonesia data center hacker apologizes; Google Pixel 6 series devices bricked, critical vulnerability in EoL D-Link routers, Google offers $250,000 reward for KVM vulnerabilities, NCA disrupts global Cobalt Strike supply chain.

288
288
article thumbnail

Hackers stole OpenAI secrets in a 2023 security breach

Security Affairs

The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the New York Times reported. The American newspaper revealed that the threat actors gained access to the internal discussions among researchers and other employees, but they did not access the source code of the company’s systems.

Security 128
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cryptohack Roundup: JPEX Case Update

Data Breach Today

Also: SEC's Lawsuit Against Silvergate, Suspected Bittensor Exploit Every week, ISMG rounds up cybersecurity incidents in digital assets. This week's stories include singer Nine Chen’s potential prosecution in the JPEX case, SEC's lawsuit Silvergate, a suspected Bittensor exploit, and Q2 crypto scam stats.

article thumbnail

Don't Fall for It: How to Spot Social Media Job Scams a Mile Away

KnowBe4

As social media becomes more intertwined with our daily routines, cybercriminals are using it to trick people with fake job offers. What are these social-media recruitment scams, and how can you spot the red flags?

IT 102
article thumbnail

Provide Real Value in Your Applications with Data and Analytics

The complexity of financial data, the need for real-time insight, and the demand for user-friendly visualizations can seem daunting when it comes to analytics - but there is an easier way. With Logi Symphony, we aim to turn these challenges into opportunities. Our platform empowers you to seamlessly integrate advanced data analytics, generative AI, data visualization, and pixel-perfect reporting into your applications, transforming raw data into actionable insights.

article thumbnail

Why Zero Trust Is Critical in Health and Government Sectors

Data Breach Today

Implementing a zero trust security approach is critical to avoid the types of major IT disruptions and massive data compromises seen in recent cyberattacks that affected the healthcare, public health and government sectors, said Clinton McCarty, CISO at National Government Services.

More Trending

article thumbnail

OpenAI Did Not Disclose 2023 Breach to Feds, Public: Report

Data Breach Today

Hacker had Unauthorized Access to Data on Designs for New AI Use Cases A hacker reportedly stole information on OpenAI's new technologies last year by breaking into the company's internal messaging systems. The messages comprised details of designs for new AI technologies, the New York Times said. The hacker did not access systems housing or building its applications.

Access 190
article thumbnail

Hackers compromised Ethereum mailing list and launched a crypto draining attack

Security Affairs

Hackers compromised Ethereum ‘s mailing list provider and sent phishing messages to the members attempting to drain their crypto funds. Hackers compromised Ethereum’s mailing list provider and on the night of June 23, they sent an email to the 35,794 addresses. The email was sent from the address ‘updates@blog.ethereum.org’ and included a link to a malicious site running a crypto drainer. “This website had a crypto drainer running in the background, and if a user initiate

Phishing 106
article thumbnail

New Zealand Fitness Retailer Hit By DragonForce Ransomware

Data Breach Today

Ransomware Group Apparently Uses Leaked LockBit Builder Code to Mount Attacks A ransomware group that uses locker malware based on the leaked LockBit 3.0 ransomware builder compromised New Zealand's leading fitness equipment retailer. The DragonForce ransomware group on Tuesday said on its leak site that it stole 5.31 gigabytes of data Elite Fitness.

Retail 184
article thumbnail

Chrome to Block Entrust Certificates in November 2024

eSecurity Planet

Millions of websites could be displaying security warnings in Google Chrome starting this November. The cause? A recent announcement by Google Chrome regarding its trust in certificates issued by a major certificate authority (CA), Entrust. Website security is paramount in today’s digital age. That little lock icon in your browser address bar signifies a secure connection, protected by an SSL/TLS certificate.

article thumbnail

Entity Resolution: Your Guide to Deciding Whether to Build It or Buy It

Adding high-quality entity resolution capabilities to enterprise applications, services, data fabrics or data pipelines can be daunting and expensive. Organizations often invest millions of dollars and years of effort to achieve subpar results. This guide will walk you through the requirements and challenges of implementing entity resolution. By the end, you'll understand what to look for, the most common mistakes and pitfalls to avoid, and your options.

article thumbnail

Health Benefits Administrator Reports 3rd-Party Hack to SEC

Data Breach Today

HealthEquity Says a Vendor's Compromised Credentials Led to Data Theft Breach HealthEquity, which administers healthcare benefits plans for employers, has notified the U.S. Securities and Exchange Commission of a data exfiltration breach involving the compromised credentials of a third-party vendor. Incident did not disrupt IT systems or processes.

Security 176
article thumbnail

New Golang-based Zergeca Botnet appeared in the threat landscape

Security Affairs

Researchers uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. Researchers at the QiAnXin XLab team uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. On May, 2024, the researchers detected a suspicious ELF file at /usr/bin/geomi that was uploaded from Russia to VirusTotal.

article thumbnail

ISMG Editors: A Tribute to Steve King

Data Breach Today

Steve King's Legacy in Cybersecurity: Insights and Reflections In this special edition of the ISMG Editors’ Panel, we honored the memory of industry veteran Steve King, managing director of CyberEd.io. His friend Richard Bird joined ISMG editors to share reflections on Steve's legacy, his contributions to cybersecurity, and the importance of questioning the status quo.

article thumbnail

State-Sponsored Phishing Campaigns Target 40,000 VIP Individuals

KnowBe4

Researchers at Menlo Security discovered three state-sponsored phishing campaigns that have targeted 40,000 important individuals over the past three months. “In a recent 90-day period, Menlo Labs uncovered a trifecta of sophisticated [highly evasive and adaptive threat] campaigns—LegalQloud, Eqooqp, and Boomer—compromising at least 40,000 high-value users, including C-suite executives from major banking institutions, financial powerhouses, insurance giants, legal firms, government agencies, and

article thumbnail

Deliver Mission Critical Insights in Real Time with Data & Analytics

In the fast-moving manufacturing sector, delivering mission-critical data insights to empower your end users or customers can be a challenge. Traditional BI tools can be cumbersome and difficult to integrate - but it doesn't have to be this way. Logi Symphony offers a powerful and user-friendly solution, allowing you to seamlessly embed self-service analytics, generative AI, data visualization, and pixel-perfect reporting directly into your applications.

article thumbnail

FedRAMP Launches New Framework for Emerging Technologies

Data Breach Today

Framework Sets Stage for Agencies to Increasingly Adopt New, Modern Tech Solutions The Federal Risk Authorization Management Program unveiled a new framework designed to help agencies increasingly adopt emerging technologies that maintain rigorous security standards and that can be implemented into new and existing federal systems, according to a recent blog post.

Risk 157
article thumbnail

Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain

Security Affairs

Cybersecurity company Censys has identified over 380,000 hosts that are still referencing the malicious polyfill.io domain. Censys reported that over 380,000 internet-exposed hosts are still referencing the malicious polyfill.io domain. The polyfill.io domain was suspended last week following multiple reports of malicious activity. The domain Polyfill.io was used to host JavaScript code that added modern functionality to older browsers that do not support certain web standards.

article thumbnail

Critical Vulnerabilities Found in Rockwell PanelView Plus

Data Breach Today

Microsoft Uncovers Critical Flaws in Rockwell PanelView Plus Microsoft has found critical vulnerabilities in Rockwell Automation's PanelView Plus products that could enable remote code execution and denial-of-service attacks by unauthenticated attackers, potentially compromising industrial operations.

157
157
article thumbnail

New “Paste and Run” Phishing Technique Makes CTRL-V A Cyber Attack Accomplice

KnowBe4

A new phishing campaign tries to trick email recipients into pasting and executing malicious commands on their system that installs DarkGate malware.

article thumbnail

10 Rules for Managing Apache Cassandra

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

article thumbnail

The World’s Most Popular 3D-Printed Gun Was Designed by an Aspiring Terrorist

WIRED Threat Level

Growing numbers of insurgents and extremists use the FGC-9. Forensic analysis of online platforms reveals the dark world of the man who created it—a self-described incel who supported the German far right.

IT 89
article thumbnail

Weekly Update 407

Troy Hunt

It's a long one this week, in part due to the constant flood of new breaches and disclosures I discuss. I regularly have disclosure notices forwarded to me by followers who find themselves in new breaches, and it's always fascinating to hear how they're worded. You get a real sense of how much personal ownership a company is taking, how much blame they're putting back on the hackers and increasingly, how much they've been written by lawyers.

article thumbnail

Microsoft discloses 2 flaws in Rockwell Automation PanelView Plus

Security Affairs

Microsoft discovered two flaws in Rockwell Automation PanelView Plus that remote, unauthenticated attackers could exploit. Microsoft responsibly disclosed two vulnerabilities in Rockwell Automation PanelView Plus that remote, unauthenticated attackers can exploit to perform remote code execution (RCE) and denial-of-service (DoS). The RCE vulnerability in PanelView Plus involves exploiting two custom classes to upload and load a malicious DLL.

article thumbnail

The 17 best early anti-Prime Day deals: Best Buy, Walmart, Costco, and more

Collaboration 2.0

Prime Day returns July 16, but you can already shop great deals across tech, home, and beyond -- and not just at Amazon. Find some of the best anti-Prime Day deals from retailers such as Best Buy, Walmart, Costco, and more.

Retail 75
article thumbnail

Using Data & Analytics for Improving Healthcare Innovation and Outcomes

In the rapidly evolving healthcare industry, delivering data insights to end users or customers can be a significant challenge for product managers, product owners, and application team developers. The complexity of healthcare data, the need for real-time analytics, and the demand for user-friendly interfaces can often seem overwhelming. But with Logi Symphony, these challenges become opportunities.

article thumbnail

New technique makes lengthy privacy notices easier to understand by converting them into machine-readable formats via TechExplore

IG Guru

Check out the article here The post New technique makes lengthy privacy notices easier to understand by converting them into machine-readable formats via TechExplore first appeared on IG GURU.

Privacy 79
article thumbnail

Fast workflows and diverse content: How AI is transforming radio production

CGI

In radio and audio production, artificial intelligence (AI) is already showing what it can achieve—simplifying work for editors, radically accelerating workflows, and enabling services that were previously unthinkable.

article thumbnail

Document Scanning for the Automotive Industry

Record Nations

Paper-based records are outdated, inefficient, and messy. Going digital helps businesses create a more organized and more accurate recordkeeping system. The automotive industry is no exception. Document scanning can transform your automotive business by improving customer service and streamlining vehicle maintenance tracking. Whether you are a dealership, auto repair shop, fleet management company, or another.

Paper 45
article thumbnail

Embracing AI: The key to accelerating and revolutionizing drug development

CGI

Conversations at BIO centered around the integration of AI in drug discovery. The key decision facing project teams across the industry is clear: embracing AI to accelerate and revolutionize drug development is the key to future success.

52
article thumbnail

10 Rules for Managing Apache Kafka

Without proper guidance, it’s easy to miss out on Kafka’s full capabilities. While not the easiest technology to optimize, Kafka rewards those willing to explore its depths. Under the hood, it is an elegant system for stream processing, event sourcing, and data integration. Download this white paper to learn the 10 critical rules that will help you optimize your Kafka system and unlock its full potential.

article thumbnail

Balancing career and parenthood as a working mom 

OpenText Information Management

Balancing a thriving career with the demands of parenting is a challenge that many navigate with remarkable resilience and strength. Meet Deb James, Senior Manager, Talent Acquisition at OpenText, who embodies this balance. As a dedicated professional and a loving mother to her young daughter, Deb expertly navigates the challenges of her dual roles with grace and determination.

article thumbnail

Friday Squid Blogging: Newly Discovered Vampire Squid

Schneier on Security

A new vampire squid species was discovered in the South China Sea. Blog moderation policy.

97
article thumbnail

What Is a Document Repository? Benefits, Set Up Tips and Best Practices

Docuware

Maintaining organized and secure business documents can be challenging without a digital repository that acts as the single source of truth. So, what exactly is it This blog post will answer all your questions and explain why your business needs one.