Wed.Jun 07, 2023

article thumbnail

Suspected Nation-State Actors Target US Aerospace Industry

Data Breach Today

PowerDrop Malware Simple But Sophisticated Suspected nation-state hackers are using that malware researchers say straddles between the line between off-the-shelf and advanced tactics in order to target the U.S. aerospace industry. Researchers from Adlumin in May found the malware on a defense contractor's network.

162
162
article thumbnail

RSAC Fireside Chat: A breakthrough in securing cloud collaboration — decentralized key storage

The Last Watchdog

Back in 2002, when I was a reporter at USA Today , I had to reach for a keychain fob to retrieve a single-use passcode to connect remotely to the paper’s publishing system. Related: A call to regulate facial recognition This was an early example of multifactor authentication (MFA). Fast forward to today; much of the MFA concept is being reimagined by startup Circle Security to protect data circulating in cloud collaboration scenarios.

Cloud 151
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cybersecurity Challenges and Opportunities With AI Chatbots

Data Breach Today

'Preparedness Pays,' European AI and Cybersecurity Experts Say at ENISA Conference At the EU cybersecurity agency ENISA's recent conference on the cybersecurity upsides and downsides of AI chatbots, presenters urged "preparedness," recommending that cybersecurity professionals track the "warp speed" evolution of chatbots to target emerging risks as well as opportunities.

article thumbnail

FBI: Sextortionist Campaigns Use Deepfakes to Target Children, Adults

Dark Reading

Threat actors are lifting public images and videos from the Internet, altering them, and posting them online in a new wave of sextortion campaigns.

120
120
article thumbnail

Customer Experience Management: Optimizing Your Strategy for Financial Success

Speaker: Diane Magers, Founder and Chief Experience Officer at Experience Catalysts

In the world of business, connecting the dots from experience to financial impact is an essential skill. Transforming customer engagement, Voice of Customer (VoC) insights, and Journey Maps into tangible financial outcomes poses a significant challenge for most organizations. To gain buy-in from the C-Suite and key stakeholders, it’s crucial to illustrate how Experience Management translates into clear, measurable business results.

article thumbnail

A CISO's View: How to Handle an Insider Threat

Data Breach Today

Security Director Ian Keller on Enabling Responsible Disclosure Within Your Company In this post of his blog "A CISO's View," security director Ian Keller discusses the importance of having mechanisms in place to report potential personal compromise or potential compromise of another person in your company and provides simple steps for making security everyone's responsibility.

Security 147

More Trending

article thumbnail

US SEC Sues Binance and Coinbase Over Securities Violations

Data Breach Today

Lawsuits Are Latest Washington Regulatory Salvo Against Cryptocurrency The Biden administration stepped up regulatory enforcement against cryptocurrency trading platforms in consecutive lawsuits targeting Binance and Coinbase for alleged violations of securities laws. "We already have digital currency. It's called the U.S. dollar," said U.S. SEC Chairman Gary Gensler.

Security 147
article thumbnail

Minecraft Malware Spreading Through Mods, Plug-ins

Dark Reading

A worm virus called "fracturizer" has been embedded in modpacks from various sites, including CurseForge and CraftBukkit.

110
110
article thumbnail

Hospital Worker Sentenced for HIPAA Crimes in ID Theft Scam

Data Breach Today

Former Employee Gets 4.5 Years in Federal Prison and Is Ordered to Repay Patients A former employee of an Arizona hospital has been sentenced to federal prison and ordered to pay restitution to victims after pleading guilty to criminal HIPAA violations and his participation in an identity theft scam that compromised the data of nearly 500 patients.

147
147
article thumbnail

5 enhancements from WWDC to help Apple win the enterprise and change the future of work

Jamf

Apple’s Worldwide Developer Conference (WWDC) shows how Apple is leveraging its five major platforms to advance Apple's adoption in the enterprise. Here are the ways Apple is pushing each platform forward to continue winning in the workplace.

IT 98
article thumbnail

How to Stay Competitive in the Evolving State of Martech

Marketing technology is essential for B2B marketers to stay competitive in a rapidly changing digital landscape — and with 53% of marketers experiencing legacy technology issues and limitations, they’re researching innovations to expand and refine their technology stacks. To help practitioners keep up with the rapidly evolving martech landscape, this special report will discuss: How practitioners are integrating technologies and systems to encourage information-sharing between departments and pr

article thumbnail

Shedding New Light on Software Visibility in the Age of SBOM

Data Breach Today

Center for Internet Security CISO on 'Transitional' State of Software Supply Chain With the federal government's software bill of materials regulations looming, many organizations are not ready to respond, warned CISO Sean Atkinson of the Center for Internet Security. He provided tips for ensuring transparency in the software supply chain and preparing for SBOM regulations.

Security 147
article thumbnail

AI Will Save Security – And Eliminate Jobs

eSecurity Planet

AI has been the subject of a lot of hype in recent months, but one place where the hype is justified is cybersecurity. AI will completely remake the cybersecurity landscape — and create a lot of disruption in the process. To cut to the chase before we get into the details: AI will make security worse before it makes it significantly better, but at the cost of a lot of jobs.

article thumbnail

Dragos Lays Off 9% of Workers as OT Security Spending Slows

Data Breach Today

50 Staffers Axed as Dragos Sees Longer Sales Cycles and Smaller Initial Deployments Dragos has axed 50 workers after longer sales cycles and smaller initial deployment sizes caused the industrial cybersecurity vendor to miss its first quarter revenue target. Dragos revealed plans to reduce its staff by 9% to ensure the company can stay independent through an IPO or Series E round.

article thumbnail

Cyber Essentialism & 'Doing Less With Less'

Dark Reading

Cybersecurity benefits from a focus on the vital few chores rather than the trivial many. Find the "right things" to encourage strategic thinking, then move the culture needle to promote that policy.

article thumbnail

The Essential Guide to Analytic Applications

Embedding dashboards, reports and analytics in your application presents unique opportunities and poses unique challenges. We interviewed 16 experts across business intelligence, UI/UX, security and more to find out what it takes to build an application with analytics at its core. No matter where you are in your analytics journey, you will learn about emerging trends and gather best practices from product experts.

article thumbnail

Clop Ransomware Gang Asserts It Hacked MOVEit Instances

Data Breach Today

Russian-Speaking Extortion Operation Says It Will Start Listing Victims on June 14 The Clop ransomware-as-a-service gang said it's the actor behind a spate of hacks taking advantage of a vulnerability in Progress Software's MOVEit managed file transfer application. "We download alot [ sic ] of your data as part of exceptional exploit," the gang's dark web leak site says.

article thumbnail

Email Retention Policies Could Change in Spokane County via Government Technology

IG Guru

Officials in Spokane County, Wash., are considering changes to email retention policies as a means of saving money on storage costs. The county pays about $52,000 a year to save well over 10 terabytes of emails.

article thumbnail

Smishing Campaign Expands to the Middle East

KnowBe4

A Chinese-speaking phishing gang has expanded its targeting from the Asia-Pacific region to the Middle East, researchers at Group-IB have found. The gang, which the researchers call “PostalFurious,” impersonated a toll operator and a postal service in the Middle East.

article thumbnail

+60,000 Android apps spotted hiding adware for past six months

Security Affairs

Bitdefender researchers have discovered 60,000 different Android apps secretly installing adware in the past six months. Bitdefender announced the discovery of more than 60,000 Android apps in the past six months that were spotted installing adware on Android devices. The researchers discovered the hidden adware by using a recently announced anomaly detection technology incorporated into Bitdefender Mobile Security. “Upon analysis, the campaign is designed to aggressively push adware to

article thumbnail

ABM Evolution: How Top Marketers Are Using Account-Based Strategies

In times of economic uncertainty, account-based strategies are essential. According to several business analysts and practitioners, ABM is a necessity for creating more predictable revenue. Research shows that nearly three-quarters of marketers (74%) already have the resources needed to build successful ABM programs.

article thumbnail

Verizon: Email Reigns Supreme as Initial Attack Vector for Ransomware Attacks

KnowBe4

My analysis of this year’s newly-released Verizon Data Breach Investigations Report begins with ransomware findings that point back to users as a big problem.

article thumbnail

VMware fixes a command injection flaw CVE-2023-20887 in VMware Aria Operations for Networks

Security Affairs

Virtualization giant VMware addressed critical and high-severity vulnerabilities in VMware Aria Operations for Networks. Virtualization technology giant VMware released security patches to address three critical and high-severity vulnerabilities, tracked as CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, in VMware Aria Operations for Networks. VMware Aria Operations for Networks (formerly vRealize Network Insight) is a network monitoring tool that helps organizations build an optimized, highly

article thumbnail

BioCatch Strengthens Collaboration With Microsoft Cloud for Financial Services

Dark Reading

Collaboration delivers end-to-end intelligent banking cloud platform with online fraud detection powered by next-generation behavioral biometrics.

article thumbnail

June 2023 Security Update for Android fixed Arm Mali GPU bug used by spyware?

Security Affairs

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices. Security updates released this month also addressed a vulnerability, tracked as CVE-2022-22706 , that affects the Arm Mali GPU.

article thumbnail

7+ Graphics Libraries to Enhance Your Embedded Analytics

When your customers come to your app, what do they see: clunky, outdated dashboards or a sleek, modern interface? If your embedded analytics are looking stale, leverage these free graphics libraries to take your embedded analytics offerings above and beyond. This e-book details a number of graphics libraries plus a few bonus tools to modernize your embedded dashboards.

article thumbnail

Cisco Touts New AI-Based Security, SSE Features

Dark Reading

Cisco laid out its plans for artificial intelligence (AI) and a vision for unified cloud security during Cisco Live 2023.

article thumbnail

New PowerDrop malware targets U.S. aerospace defense industry

Security Affairs

A previously unknown threat actor has been observed targeting the U.S. aerospace defense sector with a new PowerShell malware dubbed PowerDrop. Researchers from the Adlumin Threat Research discovered a new malicious PowerShell script, dubbed PowerDrop, that was employed in attacks aimed at organizations in the U.S. aerospace sector. The PowerShell-based malware uses advanced techniques to evade detection, including deception, encoding, and encryption.

article thumbnail

Microsoft Fined $20M For Xbox Child Data Collection

Dark Reading

The FTC has demanded additional data privacy protections for kids using Xbox gaming systems, extending COPPA protections.

article thumbnail

Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug

Security Affairs

Clop ransomware group claims to have hacked hundreds of companies globally by exploiting MOVEit Transfer vulnerability. The Clop ransomware group may have compromised hundreds of companies worldwide by exploiting a vulnerability in MOVEit Transfer software. MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer files using SFTP, SCP, and HTTP-based uploads.

article thumbnail

ABM Success Recipe: Mastering the Crawl, Walk, Run Approach

Shifting to an account-based marketing (ABM) strategy can be both exciting and challenging. Well-implemented ABM motions build engagement with high-value accounts and drive impactful campaigns that resonate with your audience. But where do you begin, and how do you progress from crawling to running? Watch now as Demand Gen experts delve into the essentials of each stage of the ABM process.

article thumbnail

Clients can strengthen defenses for their data with IBM Storage Defender, now generally available

IBM Big Data Hub

We are excited to inform our clients and partners that IBM Storage Defender , part of our IBM Storage for Data Resilience portfolio, is now generally available. Enterprise clients worldwide continue to grapple with a threat landscape that is constantly evolving. Bad actors are moving faster than ever and are causing more lasting damage to data. According to an IBM report , cyberattacks like ransomware that used to take months to fully deploy can now take as little as four days.

article thumbnail

How Attorneys Are Harming Cybersecurity Incident Response

Schneier on Security

New paper: “ Lessons Lost: Incident Response in the Age of Cyber Insurance and Breach Attorneys “: Abstract: Incident Response (IR) allows victim firms to detect, contain, and recover from security incidents. It should also help the wider community avoid similar attacks in the future. In pursuit of these goals, technical practitioners are increasingly influenced by stakeholders like cyber insurers and lawyers.

article thumbnail

Security Buyers Are Consolidating Vendors: Gartner Security Summit

eSecurity Planet

IT security buyers are consolidating vendors at an overwhelming rate, according to a speaker at this week’s Gartner Security & Risk Management Summit. In a session on cybersecurity market trends and growth opportunities, Gartner analyst and VP Neil MacDonald said 75% of security buyers are pursuing vendor consolidation, up from just 29% in 2020. “Customers want fewer providers,” he said.