Fri.Jan 20, 2023

article thumbnail

Hostile Takeover: Kraken Hacks Rival Darknet Market Solaris

Data Breach Today

Since Hydra Market Got Shuttered by Police, Russian Rivals Battle for Market Share Competition between rival Russian-language darknet markets remains fierce since police shuttered Hydra last year. The latest to fall dark is Solaris, which controlled an estimated 25% of the darknet drug trade.

Marketing 169
article thumbnail

Critical Manufacturing Sector in the Bull's-eye

Dark Reading

Serious security flaws go unpatched, and ransomware attacks increase against manufacturers

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

ISMG Editors: Why Is LockBit Ransomware Group So Prolific?

Data Breach Today

Also: Netskope's SASE Vision; The Compassionate CISO In the latest weekly update, ISMG editors discuss why being a CISO is like being the first family doctor in a small village, why you can't trust ransomware gangs such as LockBit, and why cloud security vendor Netskope took on $401 million in debt from Morgan Stanley to fuel its SASE offering.

article thumbnail

Compromised Zendesk Employee Credentials Lead to Breach

Dark Reading

Zendesk has alerted customers to a successful SMS phishing campaign that has exposed "service data," but details remain scarce

Phishing 112
article thumbnail

Subsurface: The Ultimate Data Lakehouse Conference

Speaker: Panel Speakers

We’ve just opened registration for Subsurface LIVE 2023! Learn how to innovate with open source technologies such as Apache Arrow, Delta Lake, and more. Register now to secure your spot at Subsurface LIVE being held March 1-2, 2023.

article thumbnail

Optiv CEO Kevin Lynch on Getting Value Via Unstructured Data

Data Breach Today

Why Clients Should Go Beyond Logs and Probe Transaction Data and System Interfaces Optiv has gone beyond examining log data and classic managed security services work to pursue threats across a broader swath of structured and unstructured data.

More Trending

article thumbnail

Fortinet VPN Flaw Shows Pitfalls of Security Appliances

Data Breach Today

Internet-Facing Appliances Are a Target for State-Backed Hackers Security appliances are targets for sophisticated threat actors who take advantage of devices' limited configuration and logging features, as well as their incompatibility with endpoint detection and response.

article thumbnail

The Evolution of Account Takeover Attacks: Initial Access Brokers for IoT

Dark Reading

Head off account takeover attacks by being proactive about IoT security. Start with designing and building better security protocols into IoT devices, always change weak default configurations, and regularly apply patches to ensure that IoT devices are secure

IoT 107
article thumbnail

Securing the SaaS Layer

Data Breach Today

In this episode of "Cybersecurity Unplugged," Galit Lubetzky Sharon, CTO of Wing Security, discusses the challenge of securing SaaS applications, which are decentralized and ever-expanding. She describes how Wing Security manages app inventories and issues of compliance, remediation and privacy

article thumbnail

Blank-Image Attacks Impersonate DocuSign

KnowBe4

An unusual phishing technique has surfaced this week. Avanan, a Check Point Software company, released a blog Thursday morning detailing a new attack in which hackers hide malicious content inside a blank image within an HTML attachment in phishing emails claiming to be from DocuSign.

Phishing 104
article thumbnail

Data Value Scorecard Report

This report examines the quantitative research of data leaders on data value and return on investment.

article thumbnail

eSentire CEO Kerry Bailey on Using XDR to Cut Business Risk

Data Breach Today

How eSentire Used Its $325 Million Investment to Boost Customers' Cyber Resiliency eSentire has used the $325 million it received in February to leverage data from its Atlas XDR platform and strengthen customers' positions around cyber resiliency.

article thumbnail

Ransomware Profits Decline as Victims Dig In, Refuse to Pay

Dark Reading

Two new reports show ransomware revenues for threat actors dropped sharply in 2022 as more victims ignored ransom demands

article thumbnail

FAA Says No Evidence of Cyberattack in NOTAM Outage

Data Breach Today

Human Error, Not Hackers, Behind Hourslong System Outage That Grounded Flights Contractors for the Federal Aviation Administration who attempted to correct a database synchronization issue ended up causing an hourslong outage to a key flight safety system, says the agency.

article thumbnail

Real-World Steganography

Schneier on Security

From an article about Zheng Xiaoqing, an American convicted of spying for China: According to a Department of Justice (DOJ) indictment, the US citizen hid confidential files stolen from his employers in the binary code of a digital photograph of a sunset, which Mr Zheng then mailed to himself.

article thumbnail

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

Enterprises poured $73 billion into data management software in 2020 – but are seeing very little return on their data investments. 22% of data leaders surveyed have fully realized ROI in the past two years, with 56% having no consistent way of measuring it.

article thumbnail

The Small but Mighty Danger of Echo Chamber Extremism

WIRED Threat Level

Research shows that relatively few people exist in perfectly sealed-off media bubbles—but they’re still having an outsize impact on US politics. Security Security / National Security Security / Security News Business / National Affairs

article thumbnail

T-Mobile Breached Again, This Time Exposing 37M Customers' Data

Dark Reading

This time around, weak API security allowed a threat actor to access account information, the mobile phone giant reported

Access 94
article thumbnail

ChatGPT’s Dark Side: An Endless Supply of Polymorphic Malware

eSecurity Planet

CyberArk researchers are warning that OpenAI’s popular new AI tool ChatGPT can be used to create polymorphic malware.

IT 94
article thumbnail

[Eye Popper] Ransomware Victims Refused To Pay Last Year

KnowBe4

Finally some good news from the ransomware front! Despite bad actors launching a number of ransomware campaigns throughout 2022, organizations refused to submit and paid criminals an estimated $456.8 million - 40% less than the astounding total of $765 million in ransom payments from 2020 and 2021.

article thumbnail

12 Considerations When Evaluating Data Lake Engine Vendors for Analytics and BI

Businesses today compete on their ability to turn big data into essential business insights. Modern enterprises leverage cloud data lakes as the platform used to store data. 57% of the enterprises currently using a data lake cite improved business agility as a benefit.

article thumbnail

Welcome to the Era of Internet Blackouts

WIRED Threat Level

New research from Cloudflare shows that connectivity disruptions are becoming a problem around the globe, pointing toward a troubling new normal. Security Security / Cyberattacks and Hacks Security / National Security Security / Security News

article thumbnail

Chinese hackers used recently patched FortiOS SSL-VPN flaw as a zero-day in October

Security Affairs

An alleged Chinese threat actor was observed exploiting the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN. Researchers from Mandiant reported that suspected Chinese threat actors exploited the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN as a zero-day.

Access 79
article thumbnail

CIPL Publishes Discussion Paper on Digital Assets and Privacy

Hunton Privacy

On January 20, 2023, The Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth published “Digital Assets and Privacy,” a discussion paper compiling insights from workshops with CIPL member companies that explored the intersection of privacy and digital assets, with a particular focus on blockchain technology.

Paper 109
article thumbnail

Jaguar TCS Racing and Micro Focus— Sustainability at Peak Velocity

Micro Focus

As a technical partner, Micro Focus provides world-class software and services that support Jaguar TCS Racing with the goal of developing more sustainable mobility solutions. The post Jaguar TCS Racing and Micro Focus— Sustainability at Peak Velocity appeared first on Micro Focus Blog.

article thumbnail

Checklist Report: Preparing for the Next-Generation Cloud Data Architecture

Data architectures have evolved dramatically. It is time to reconsider the fundamental ways that information is accumulated, managed, and then provisioned to the different downstream data consumers.

article thumbnail

PayPal notifies 34942 users of data breach over credential stuffing attack

Security Affairs

PayPal is sending out data breach notifications to thousands of users because their accounts were compromised through credential stuffing attacks. PayPal announced that 34942 customers’ accounts have been compromised between December 6 and December 8.

article thumbnail

Ransomware Has SMBs Reprioritizing Their Cybersecurity Spending to Combat Attacks

KnowBe4

New data shows that SMBs can clearly see where they have cybersecurity issues and are taking great strides to put their devoted budget to security technology and services that actually have a chance at solving the problem! Phishing Ransomware

article thumbnail

T-Mobile's New Data Breach Shows Its $150 Million Security Investment Isn't Cutting It

WIRED Threat Level

The mobile operator just suffered at least its fifth data breach since 2018, despite promising to spend a fortune shoring up its systems. Security Security / Cyberattacks and Hacks Security / Security News

article thumbnail

The Current State of Cybersecurity Should Fear AI Tools Like ChatGPT

KnowBe4

Malicious use of the text-based AI has already begun to be seen in the wild, and speculative ways attackers can use ChatGPT may spell temporary doom for cybersecurity solutions. Social Engineering Phishing

article thumbnail

7 Ways to Supercharge Your ABM Strategy with Real-Time Intent

Streaming real-time intent is a homerun for marketing and sales’ account-based marketing (ABM) strategies. With real-time buyer insights, you can be first-in-line to provide solutions and lead better, hyper-personalized conversations.

article thumbnail

RIM and IG Community Mourns the Passing of Gavin Siggers

IG Guru

Announcement on LinkedIn. IG News Gavin Siggers Obit

68
article thumbnail

T-Mobile suffered a new data breach, 37 million accounts have been compromised

Security Affairs

Bad news for T-Mobile, the company disclosed a new data breach that resulted in the theft of data belonging to 37 customer accounts. T-Mobile suffered a new data breach, threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts.

article thumbnail

Smart PCAP: A time machine for the SOC

OpenText Information Management

Anyone familiar with packet forensics or packet recording knows you can spend hours poring over bulk information and waiting for a response. With Smart PCAP, you get information that is instant, meaningful, and finely tuned to your needs.

Retail 59