Wed.Jun 07, 2023

article thumbnail

+60,000 Android apps spotted hiding adware for past six months

Security Affairs

Bitdefender researchers have discovered 60,000 different Android apps secretly installing adware in the past six months. Bitdefender announced the discovery of more than 60,000 Android apps in the past six months that were spotted installing adware on Android devices. The researchers discovered the hidden adware by using a recently announced anomaly detection technology incorporated into Bitdefender Mobile Security. “Upon analysis, the campaign is designed to aggressively push adware to

article thumbnail

RSAC Fireside Chat: A breakthrough in securing cloud collaboration — decentralized key storage

The Last Watchdog

Back in 2002, when I was a reporter at USA Today , I had to reach for a keychain fob to retrieve a single-use passcode to connect remotely to the paper’s publishing system. Related: A call to regulate facial recognition This was an early example of multifactor authentication (MFA). Fast forward to today; much of the MFA concept is being reimagined by startup Circle Security to protect data circulating in cloud collaboration scenarios.

Cloud 188
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

VMware fixes a command injection flaw CVE-2023-20887 in VMware Aria Operations for Networks

Security Affairs

Virtualization giant VMware addressed critical and high-severity vulnerabilities in VMware Aria Operations for Networks. Virtualization technology giant VMware released security patches to address three critical and high-severity vulnerabilities, tracked as CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, in VMware Aria Operations for Networks. VMware Aria Operations for Networks (formerly vRealize Network Insight) is a network monitoring tool that helps organizations build an optimized, highly

article thumbnail

The Bizarre Reality of Getting Online in North Korea

WIRED Threat Level

New testimony from defectors reveals pervasive surveillance and monitoring of limited internet connections. For millions of others, the internet simply doesn't exist.

Privacy 167
article thumbnail

State of AI in Sales & Marketing 2025

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

article thumbnail

June 2023 Security Update for Android fixed Arm Mali GPU bug used by spyware?

Security Affairs

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices. Security updates released this month also addressed a vulnerability, tracked as CVE-2022-22706 , that affects the Arm Mali GPU.

Security 246

More Trending

article thumbnail

New PowerDrop malware targets U.S. aerospace defense industry

Security Affairs

A previously unknown threat actor has been observed targeting the U.S. aerospace defense sector with a new PowerShell malware dubbed PowerDrop. Researchers from the Adlumin Threat Research discovered a new malicious PowerShell script, dubbed PowerDrop, that was employed in attacks aimed at organizations in the U.S. aerospace sector. The PowerShell-based malware uses advanced techniques to evade detection, including deception, encoding, and encryption.

article thumbnail

The Bold Plan to Create Cyber 311 Hotlines

WIRED Threat Level

UT-Austin will join a growing movement to launch cybersecurity clinics for cities and small businesses that often fall through the cracks.

article thumbnail

Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug

Security Affairs

Clop ransomware group claims to have hacked hundreds of companies globally by exploiting MOVEit Transfer vulnerability. The Clop ransomware group may have compromised hundreds of companies worldwide by exploiting a vulnerability in MOVEit Transfer software. MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer files using SFTP, SCP, and HTTP-based uploads.

article thumbnail

Cybersecurity Challenges and Opportunities With AI Chatbots

Data Breach Today

'Preparedness Pays,' European AI and Cybersecurity Experts Say at ENISA Conference At the EU cybersecurity agency ENISA's recent conference on the cybersecurity upsides and downsides of AI chatbots, presenters urged "preparedness," recommending that cybersecurity professionals track the "warp speed" evolution of chatbots to target emerging risks as well as opportunities.

article thumbnail

How to Achieve High-Accuracy Results When Using LLMs

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

article thumbnail

FBI: Sextortionist Campaigns Use Deepfakes to Target Children, Adults

Dark Reading

Threat actors are lifting public images and videos from the Internet, altering them, and posting them online in a new wave of sextortion campaigns.

114
114
article thumbnail

A CISO's View: How to Handle an Insider Threat

Data Breach Today

Security Director Ian Keller on Enabling Responsible Disclosure Within Your Company In this post of his blog "A CISO's View," security director Ian Keller discusses the importance of having mechanisms in place to report potential personal compromise or potential compromise of another person in your company and provides simple steps for making security everyone's responsibility.

Security 147
article thumbnail

AI Will Save Security – And Eliminate Jobs

eSecurity Planet

AI has been the subject of a lot of hype in recent months, but one place where the hype is justified is cybersecurity. AI will completely remake the cybersecurity landscape — and create a lot of disruption in the process. To cut to the chase before we get into the details: AI will make security worse before it makes it significantly better, but at the cost of a lot of jobs.

Security 105
article thumbnail

Hospital Worker Sentenced for HIPAA Crimes in ID Theft Scam

Data Breach Today

Former Employee Gets 4.5 Years in Federal Prison and Is Ordered to Repay Patients A former employee of an Arizona hospital has been sentenced to federal prison and ordered to pay restitution to victims after pleading guilty to criminal HIPAA violations and his participation in an identity theft scam that compromised the data of nearly 500 patients.

147
147
article thumbnail

The GTM Intelligence Era: ZoomInfo 2025 Customer Impact Report

ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!

article thumbnail

Verizon: Email Reigns Supreme as Initial Attack Vector for Ransomware Attacks

KnowBe4

My analysis of this year’s newly-released Verizon Data Breach Investigations Report begins with ransomware findings that point back to users as a big problem.

article thumbnail

Shedding New Light on Software Visibility in the Age of SBOM

Data Breach Today

Center for Internet Security CISO on 'Transitional' State of Software Supply Chain With the federal government's software bill of materials regulations looming, many organizations are not ready to respond, warned CISO Sean Atkinson of the Center for Internet Security. He provided tips for ensuring transparency in the software supply chain and preparing for SBOM regulations.

article thumbnail

How Attorneys Are Harming Cybersecurity Incident Response

Schneier on Security

New paper: “ Lessons Lost: Incident Response in the Age of Cyber Insurance and Breach Attorneys “: Abstract: Incident Response (IR) allows victim firms to detect, contain, and recover from security incidents. It should also help the wider community avoid similar attacks in the future. In pursuit of these goals, technical practitioners are increasingly influenced by stakeholders like cyber insurers and lawyers.

Insurance 102
article thumbnail

Dragos Lays Off 9% of Workers as OT Security Spending Slows

Data Breach Today

50 Staffers Axed as Dragos Sees Longer Sales Cycles and Smaller Initial Deployments Dragos has axed 50 workers after longer sales cycles and smaller initial deployment sizes caused the industrial cybersecurity vendor to miss its first quarter revenue target. Dragos revealed plans to reduce its staff by 9% to ensure the company can stay independent through an IPO or Series E round.

Sales 147
article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Minecraft Malware Spreading Through Mods, Plug-ins

Dark Reading

A worm virus called "fracturizer" has been embedded in modpacks from various sites, including CurseForge and CraftBukkit.

101
101
article thumbnail

Clop Ransomware Gang Asserts It Hacked MOVEit Instances

Data Breach Today

Russian-Speaking Extortion Operation Says It Will Start Listing Victims on June 14 The Clop ransomware-as-a-service gang said it's the actor behind a spate of hacks taking advantage of a vulnerability in Progress Software's MOVEit managed file transfer application. "We download alot [ sic ] of your data as part of exceptional exploit," the gang's dark web leak site says.

article thumbnail

Smishing Campaign Expands to the Middle East

KnowBe4

A Chinese-speaking phishing gang has expanded its targeting from the Asia-Pacific region to the Middle East, researchers at Group-IB have found. The gang, which the researchers call “PostalFurious,” impersonated a toll operator and a postal service in the Middle East.

article thumbnail

5 enhancements from WWDC to help Apple win the enterprise and change the future of work

Jamf

Apple’s Worldwide Developer Conference (WWDC) shows how Apple is leveraging its five major platforms to advance Apple's adoption in the enterprise. Here are the ways Apple is pushing each platform forward to continue winning in the workplace.

IT 98
article thumbnail

5 Ways You Can Win Faster with Gen AI in Sales

Incorporating generative AI (gen AI) into your sales process can speed up your wins through improved efficiency, personalized customer interactions, and better informed decision- making. Gen AI is a game changer for busy salespeople and can reduce time-consuming tasks, such as customer research, note-taking, and writing emails, and provide insightful data analysis and recommendations.

article thumbnail

Email Retention Policies Could Change in Spokane County via Government Technology

IG Guru

Officials in Spokane County, Wash., are considering changes to email retention policies as a means of saving money on storage costs. The county pays about $52,000 a year to save well over 10 terabytes of emails.

article thumbnail

Security Buyers Are Consolidating Vendors: Gartner Security Summit

eSecurity Planet

IT security buyers are consolidating vendors at an overwhelming rate, according to a speaker at this week’s Gartner Security & Risk Management Summit. In a session on cybersecurity market trends and growth opportunities, Gartner analyst and VP Neil MacDonald said 75% of security buyers are pursuing vendor consolidation, up from just 29% in 2020. “Customers want fewer providers,” he said.

article thumbnail

Why Do You Still Need Security Awareness Training If You Use Phishing-Resistant MFA?

KnowBe4

For years, KnowBe4 has been a long-time proponent of everyone using PHISHING-RESISTANT multi-factor authentication (MFA) whenever possible.

article thumbnail

The Case for a Federal Cyber-Insurance Backstop

Dark Reading

By stepping in to provide aid, the federal government could help protect companies, insurers, and the economy from the impact of a widespread, catastrophic cyberattack.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Clients can strengthen defenses for their data with IBM Storage Defender, now generally available

IBM Big Data Hub

We are excited to inform our clients and partners that IBM Storage Defender , part of our IBM Storage for Data Resilience portfolio, is now generally available. Enterprise clients worldwide continue to grapple with a threat landscape that is constantly evolving. Bad actors are moving faster than ever and are causing more lasting damage to data. According to an IBM report , cyberattacks like ransomware that used to take months to fully deploy can now take as little as four days.

article thumbnail

Microsoft Fined $20M For Xbox Child Data Collection

Dark Reading

The FTC has demanded additional data privacy protections for kids using Xbox gaming systems, extending COPPA protections.

article thumbnail

Integrating data center support: Lower costs and decrease downtime with your support strategy

IBM Big Data Hub

As organizations and their data centers embrace hybrid cloud deployments, they have a rapidly growing number of vendors and workloads in their IT environments. The proliferation of these vendors leads to numerous issues and challenges that overburden IT staff, impede clients’ core business innovations and development, and complicate the support and operation of these environments.

Cloud 66