Security Affairs

JULY 5, 2024

The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the New York Times reported. The American newspaper revealed that the threat actors gained access to the internal discussions among researchers and other employees, but they did not access the source code of the company’s systems.

Security 359

Security Artificial Intelligence Risk Access 359

Data Breach Today

JULY 5, 2024

Hacker had Unauthorized Access to Data on Designs for New AI Use Cases A hacker reportedly stole information on OpenAI's new technologies last year by breaking into the company's internal messaging systems. The messages comprised details of designs for new AI technologies, the New York Times said. The hacker did not access systems housing or building its applications.

Access 311

Access IT 311

Security Affairs

JULY 5, 2024

Hackers compromised Ethereum ‘s mailing list provider and sent phishing messages to the members attempting to drain their crypto funds. Hackers compromised Ethereum’s mailing list provider and on the night of June 23, they sent an email to the 35,794 addresses. The email was sent from the address ‘updates@blog.ethereum.org’ and included a link to a malicious site running a crypto drainer. “This website had a crypto drainer running in the background, and if a user initiate

Phishing 349

Phishing Risk Security Access 349

Data Breach Today

JULY 5, 2024

Google Offers $250,000 Reward for KVM Vulns; CocoaPods Flaws Expose Apple Apps This week: FBI warns of cyberthreats to U.S. renewable energy sector; Indonesia data center hacker apologizes; Google Pixel 6 series devices bricked, critical vulnerability in EoL D-Link routers, Google offers $250,000 reward for KVM vulnerabilities, NCA disrupts global Cobalt Strike supply chain.

306

306

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

Security Affairs

JULY 5, 2024

Cybersecurity company Censys has identified over 380,000 hosts that are still referencing the malicious polyfill.io domain. Censys reported that over 380,000 internet-exposed hosts are still referencing the malicious polyfill.io domain. The polyfill.io domain was suspended last week following multiple reports of malicious activity. The domain Polyfill.io was used to host JavaScript code that added modern functionality to older browsers that do not support certain web standards.

Cybersecurity 327

Cybersecurity Government IT Security 327

Security Affairs

JULY 5, 2024

Microsoft discovered two flaws in Rockwell Automation PanelView Plus that remote, unauthenticated attackers could exploit. Microsoft responsibly disclosed two vulnerabilities in Rockwell Automation PanelView Plus that remote, unauthenticated attackers can exploit to perform remote code execution (RCE) and denial-of-service (DoS). The RCE vulnerability in PanelView Plus involves exploiting two custom classes to upload and load a malicious DLL.

Libraries 324

Libraries Communications Cybersecurity Risk 324

Data Breach Today

JULY 5, 2024

Implementing a zero trust security approach is critical to avoid the types of major IT disruptions and massive data compromises seen in recent cyberattacks that affected the healthcare, public health and government sectors, said Clinton McCarty, CISO at National Government Services.

Government 281

Government Security IT 281

WIRED Threat Level

JULY 5, 2024

Growing numbers of insurgents and extremists use the FGC-9. Forensic analysis of online platforms reveals the dark world of the man who created it—a self-described incel who supported the German far right.

IT 202

IT Security 202

Collaboration 2.0

JULY 5, 2024

Prime Day returns July 16, but you can already shop great deals across tech, home, and beyond -- and not just at Amazon. Find some of the best anti-Prime Day deals from retailers such as Best Buy, Walmart, Costco, and more.

Retail 189

Retail 189

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Data Breach Today

JULY 5, 2024

Ransomware Group Apparently Uses Leaked LockBit Builder Code to Mount Attacks A ransomware group that uses locker malware based on the leaked LockBit 3.0 ransomware builder compromised New Zealand's leading fitness equipment retailer. The DragonForce ransomware group on Tuesday said on its leak site that it stole 5.31 gigabytes of data Elite Fitness.

Retail 189

Retail Ransomware IT 189

KnowBe4

JULY 5, 2024

As popularity grows for these proven methods of weight loss, scammers have taken note and have placed a significant focus on separating victims from their money.

Phishing 128

Phishing 128

Data Breach Today

JULY 5, 2024

HealthEquity Says a Vendor's Compromised Credentials Led to Data Theft Breach HealthEquity, which administers healthcare benefits plans for employers, has notified the U.S. Securities and Exchange Commission of a data exfiltration breach involving the compromised credentials of a third-party vendor. Incident did not disrupt IT systems or processes.

Security 182

Security IT 182

KnowBe4

JULY 5, 2024

As social media becomes more intertwined with our daily routines, cybercriminals are using it to trick people with fake job offers. What are these social-media recruitment scams, and how can you spot the red flags?

IT 123

IT Phishing 123

Advertiser: ZoomInfo

Incorporating generative AI (gen AI) into your sales process can speed up your wins through improved efficiency, personalized customer interactions, and better informed decision- making. Gen AI is a game changer for busy salespeople and can reduce time-consuming tasks, such as customer research, note-taking, and writing emails, and provide insightful data analysis and recommendations.

Sales

Data Breach Today

JULY 5, 2024

Steve King's Legacy in Cybersecurity: Insights and Reflections In this special edition of the ISMG Editors’ Panel, we honored the memory of industry veteran Steve King, managing director of CyberEd.io. His friend Richard Bird joined ISMG editors to share reflections on Steve's legacy, his contributions to cybersecurity, and the importance of questioning the status quo.

Cybersecurity 182

Cybersecurity 182

KnowBe4

JULY 5, 2024

A new phishing campaign tries to trick email recipients into pasting and executing malicious commands on their system that installs DarkGate malware.

Phishing 116

Phishing Security 116

Data Breach Today

JULY 5, 2024

Framework Sets Stage for Agencies to Increasingly Adopt New, Modern Tech Solutions The Federal Risk Authorization Management Program unveiled a new framework designed to help agencies increasingly adopt emerging technologies that maintain rigorous security standards and that can be implemented into new and existing federal systems, according to a recent blog post.

Risk 162

Risk Security 162

KnowBe4

JULY 5, 2024

Researchers at Menlo Security discovered three state-sponsored phishing campaigns that have targeted 40,000 important individuals over the past three months. “In a recent 90-day period, Menlo Labs uncovered a trifecta of sophisticated [highly evasive and adaptive threat] campaigns—LegalQloud, Eqooqp, and Boomer—compromising at least 40,000 high-value users, including C-suite executives from major banking institutions, financial powerhouses, insurance giants, legal firms, government agencies, and

Phishing 114

Phishing Insurance Manufacturing Government 114

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Data Breach Today

JULY 5, 2024

Microsoft Uncovers Critical Flaws in Rockwell PanelView Plus Microsoft has found critical vulnerabilities in Rockwell Automation's PanelView Plus products that could enable remote code execution and denial-of-service attacks by unauthenticated attackers, potentially compromising industrial operations.

162

162

eSecurity Planet

JULY 5, 2024

Millions of websites could be displaying security warnings in Google Chrome starting this November. The cause? A recent announcement by Google Chrome regarding its trust in certificates issued by a major certificate authority (CA), Entrust. Website security is paramount in today’s digital age. That little lock icon in your browser address bar signifies a secure connection, protected by an SSL/TLS certificate.

Compliance 110

Compliance Security Cybersecurity Encryption 110

Troy Hunt

JULY 5, 2024

It's a long one this week, in part due to the constant flood of new breaches and disclosures I discuss. I regularly have disclosure notices forwarded to me by followers who find themselves in new breaches, and it's always fascinating to hear how they're worded. You get a real sense of how much personal ownership a company is taking, how much blame they're putting back on the hackers and increasingly, how much they've been written by lawyers.

Data breaches 100

Data breaches IT 100

IG Guru

JULY 5, 2024

Check out the article here The post New technique makes lengthy privacy notices easier to understand by converting them into machine-readable formats via TechExplore first appeared on IG GURU.

Privacy 60

Privacy 60

Advertiser: ZoomInfo

In today’s ultra-competitive markets, it’s no longer enough to wait for buyers to show obvious signs of interest. Instead, sales teams must be proactive, identifying and acting on nuanced buyer behaviors — often before prospects are fully ready to make a purchase. In this eBook from ZoomInfo & Sell Better, learn 10 actionable ways to use these buyer signals to transform your sales strategy and close deals faster.

Sales

CGI

JULY 5, 2024

In radio and audio production, artificial intelligence (AI) is already showing what it can achieve—simplifying work for editors, radically accelerating workflows, and enabling services that were previously unthinkable.

Artificial Intelligence 52

Artificial Intelligence IT 52

Docuware

JULY 5, 2024

Maintaining organized and secure business documents can be challenging without a digital repository that acts as the single source of truth. So, what exactly is it This blog post will answer all your questions and explain why your business needs one.

Security 49

Security IT 49

CGI

JULY 5, 2024

Conversations at BIO centered around the integration of AI in drug discovery. The key decision facing project teams across the industry is clear: embracing AI to accelerate and revolutionize drug development is the key to future success.

52

52

Record Nations

JULY 5, 2024

Paper-based records are outdated, inefficient, and messy. Going digital helps businesses create a more organized and more accurate recordkeeping system. The automotive industry is no exception. Document scanning can transform your automotive business by improving customer service and streamlining vehicle maintenance tracking. Whether you are a dealership, auto repair shop, fleet management company, or another.

Paper 45

Paper 45

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Docuware

JULY 5, 2024

Maintaining organized and secure business documents can be challenging without a digital repository that acts as the single source of truth. So, what exactly is it This blog post will answer all your questions and explain why your business needs one.

Security 26

Security IT 26

Security Affairs

JULY 5, 2024

Researchers uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. Researchers at the QiAnXin XLab team uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. On May, 2024, the researchers detected a suspicious ELF file at /usr/bin/geomi that was uploaded from Russia to VirusTotal.

Encryption 345

Encryption Libraries Communications IT 345

Schneier on Security

JULY 5, 2024

A new vampire squid species was discovered in the South China Sea. Blog moderation policy.

119

119