Wed.Dec 14, 2022

article thumbnail

Six Charged in Mass Takedown of DDoS-for-Hire Sites

Krebs on Security

The U.S. Department of Justice (DOJ) today seized four-dozen domains that sold “booter” or “stresser” services — businesses that make it easy and cheap for even non-technical users to launch powerful Distributed Denial of Service (DDoS) attacks designed knock targets offline. The DOJ also charged six U.S. men with computer crimes related to their alleged ownership of the popular DDoS-for-hire services.

article thumbnail

GUEST ESSAY: Why ‘continuous pentesting’ is high among the trends set to accelerate in 2023

The Last Watchdog

There is much that can be gleaned from helping companies identify and manage their critical vulnerabilities 24X7. Related: The case for proactive pentests. Based on insights from our team of elite security researchers here at Bugcrowd, these are three trends gaining steam as 2022 comes to a close – trends that I expect to command much attention in 2023.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Combating Ransomware Attacks: Which Strategies Hold Promise?

Data Breach Today

Defenders have made strides in disrupting ransomware, but assessing the effectiveness of countermeasures is tough due to a scarcity of information, says cybersecurity veteran Jen Ellis. "We know what the tip of the iceberg looks like, but we don't know what percentage of that iceberg we can see.

article thumbnail

Microsoft Patch Tuesday, December 2022 Edition

Krebs on Security

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day in a Windows feature that tries to flag malicious files from the Web, a critical bug in PowerShell , and a dangerous flaw in Windows 11 systems that was detailed publicly prior to this week’s Patch Tuesday.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Nikesh Arora on Palo Alto's Approach to Supply Chain Defense

Data Breach Today

The $250 million acquisition of Cider Security will allow Palo Alto Networks to secure a piece of code from development to its implementation in a runtime environment. CEO Nikesh Arora says the company must understand the tool sets and open-source widgets coming into the customer's supply chain.

Security 130

More Trending

article thumbnail

Assessing Cyber Risk, Maturity in Healthcare M&As

Data Breach Today

When healthcare organizations come together through mergers or acquisitions, it is critical for the entities to carefully assess the cyber risk each poses, as well as its level of cyber maturity, says Jigar Kadakia, CISO and chief privacy officer at Boston-based Mass General Brigham.

Risk 130
article thumbnail

3.5m IP cameras exposed, with US in the lead

Security Affairs

The number of internet-facing cameras in the world is growing exponentially. Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives. Original post at [link]. When you spy on your neighborhood or your cafe customers, do you wonder if someone is watching Big Brother – you, in this case?

Passwords 129
article thumbnail

Dental Practice Hit With HIPAA Fine for Posting PHI on Yelp

Data Breach Today

HHS Settlement Is Latest Involving Similar Social Media Blunders A California dental practice that for years revealed patient data on Yelp must stop doing so and pay federal regulators a $23,000 fine. New Vision Dental, owned by Dr. Brandon Au, must also delete social media posts and send breach notification letters to affected patients.

130
130
article thumbnail

Apple fixed the tenth actively exploited zero-day this year

Security Affairs

Apple rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari to fix a new actively exploited zero-day (CVE-2022-42856). Apple released security updates to address a new zero-day vulnerability, tracked as CVE-2022-42856, that is actively exploited in attacks against iPhones. The flaw is the tenth actively exploited zero-day vulnerability since the start of the year.

Security 114
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Microsoft Patches Zero-Day Magniber Ransomware Hackers Used

Data Breach Today

SecureScreen Treated Malformed Signature the Same as a Valid Signature Microsoft's last monthly dump of patches for 2022 includes a fix for a zero-day exploited by ransomware hackers to bypass the SmartScreen security mechanism for malware execution. The zero-day hinged on hackers creating a malformed Authenticode signature.

article thumbnail

Royal Ransomware Puts Novel Spin on Encryption Tactics

Dark Reading

An emerging cybercriminal group linked with Conti has expanded its partial encryption strategy and demonstrates other evasive maneuvers, as it takes aim at healthcare and other sectors.

article thumbnail

Hacker Reportedly Breaches US FBI Cybersecurity Forum

Data Breach Today

Bureau Ushered a Phony CEO Who Stole Emails Into a Seat at InfraGard A hacker selling a data set purportedly containing emails stripped from the FBI's InfraGard public-private cybersecurity forum obtained access by sending an application, which the bureau approved, reports independent cybersecurity journalist Brian Krebs.

article thumbnail

December 2022 Patch Tuesday fixed 2 zero-day flaws

Security Affairs

Microsoft released December 2022 Patch Tuesday security updates that fix 52 vulnerabilities across its products. Microsoft December 2022 Patch Tuesday security updates addressed 52 vulnerabilities in Microsoft Windows and Windows Components; Azure; Office and Office Components; SysInternals; Microsoft Edge (Chromium-based); SharePoint Server; and the.NET framework. 12 of these vulnerabilities were submitted through the ZDI program.

Security 109
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Zero Trust: How to Know What Your Crown Jewels Are

Data Breach Today

Three Experts Discuss Why Zero Trust Isn't Needed for Everything To get zero trust strategy right, it is important to know what exactly to protect and decide what your crown jewels are. Three panelists discuss the various ways to do that and also offer their thoughts on whether zero trust is need for everything.

IT 130
article thumbnail

NSA Slices Up 5G Mobile Security Risks

Dark Reading

The feds' mobile service provider guidance details cybersecurity threat vectors associated with 5G network slicing.

Risk 134
article thumbnail

Palo Alto CEO: 'SIEM Needs to Be Eliminated and Replaced'

Data Breach Today

Arora Tells Conference Attendees XSIAM Can Replace Alert Triage Attempts From SIEMs Speaking at the company's annual conference, Palo Alto Networks CEO Nikesh Arora urged the industry to move away from the alert triage model popularized by SIEM. SIEM tools have for decades highlighted alerts for SOC analysts to focus on, but the most important ones are getting ignored, he warns.

130
130
article thumbnail

Patch Tuesday Fixes Actively Exploited MOTW Vulnerability

eSecurity Planet

Microsoft’s December 2022 Patch Tuesday includes fixes for over four dozen vulnerabilities, six of them critical – including a zero-day flaw in the SmartScreen security tool, CVE-2022-44698 , that’s being actively exploited. Regarding that flaw, Microsoft observed, “An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, whi

Risk 103
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

How Criminals Extort Healthcare Victims With Ransomware

Data Breach Today

Victims Urged to Prepare Rather Than Pay, Especially for False Data-Wiping Promises Ransomware operations have become expert at finding ways to make a victim pay. But experts say there are multiple steps healthcare sector entities in particular can take to better protect themselves and ensure that they can quickly restore systems and never have to consider paying a ransom.

article thumbnail

Jamf Patch Management

Jamf

Patch Management is an important function that allows IT professionals to confidently maintain their environments and keep them secure. And while it’s certainly critical, the unique app lifecycle management workflow is just one component of a broader, comprehensive device management and security solution that only Jamf offers.

article thumbnail

Measure adoption with Collibra’s Usage Analytics

Collibra

Last month Collibra launched Usage Analytics. This new realtime adoption analytics dashboard capability allows admins to understand the usage of Collibra and the organization’s knowledge graph among its users. Its purpose is to provide actionable insights into how users are utilizing the platform, and which information they engage with, helping admins to better understand how their data curation and adoption efforts are going.

article thumbnail

Ughh. FBI’s Vetted Threat Sharing Network ‘InfraGard’ Hacked

KnowBe4

Investigative reported Brian Krebs reported December 13, 2022 that " InfraGard , a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum.

Sales 98
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Microsoft-Signed Malicious Drivers Usher In EDR-Killers, Ransomware

Dark Reading

Malicious Windows drivers signed as legit by Microsoft have been spotted as part of a toolkit used to kill off security processes in post-exploitation cyber activity.

article thumbnail

Crooks use HTML smuggling to spread QBot malware via SVG files

Security Affairs

Talos researchers uncovered a phishing campaign distributing the QBot malware to Windows systems using SVG files. Talos researchers uncovered a phishing campaign distributing the QBot malware using a new technique that leverages Scalable Vector Graphics (SVG) images embedded in HTML email attachments. HTML smuggling is a highly evasive technique for malware delivery that leverages legitimate HTML5 and JavaScript features.

article thumbnail

Look Out For Scammers This Holiday Season on Social Media

KnowBe4

You know how some gifts are insanely sought after each year, selling out in mere minutes? Well, these are great tools for scammers, especially on social media.

97
article thumbnail

Call Center Modernization with AI

IBM Big Data Hub

Picture this: A traveler sets off on a camping trip. She decides to extend her RV rental halfway through her trip, so she calls customer service for assistance, but finds herself waiting minutes, then what feels like hours. When she finally does get a hold of somebody, her call is redirected. More waiting follows. Suddenly her new plan doesn’t seem worth the aggravation.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Ten Charged with BEC Healthcare Scheme That Took More than $11 Million

KnowBe4

Tricking five state Medicaid programs, two Medicare Administrative Contractors, and two private health insurers, the scammers posed as hospitals to alter payment details.

article thumbnail

Reimagining Democracy

Schneier on Security

Last week, I hosted a two-day workshop on reimagining democracy. The idea was to bring together people from a variety of disciplines who are all thinking about different aspects of democracy, less from a “what we need to do today” perspective and more from a blue-sky future perspective. My remit to the participants was this: The idea is to start from scratch, to pretend we’re forming a new country and don’t have any precedent to deal with.

article thumbnail

Utility Bill is the New Phishbait for Cybercriminals

KnowBe4

An SMS phishing (smishing) campaign is impersonating utility providers in the US, Cybernews reports. Researchers at Enea AdaptiveMobile Security spotted the campaign, which informs recipients of offers to save money. The text messages contain offers related to gas prices, electricity bills, concert tickets, car insurance policies. If a user clicks the link, they’ll be taken to a website designed to steal their personal and financial information.