Thu.Apr 18, 2024

article thumbnail

Ransomware Victims Who Pay a Ransom Drops to Record Low

Data Breach Today

Experts See Groups Shoot Themselves in the Foot by Yet Again Swindling Affiliates Here's ransomware news to celebrate: The number of victims who opt to pay a ransom has dropped to a record low. Also, the operators of two major groups hit by law enforcement disruptions have each chosen to swindle their affiliates, sowing disaffection and driving away burned business partners.

article thumbnail

LastPass Warns of Deepfake Phishing Attempt

KnowBe4

LastPass has warned that one of its employees was targeted by a social engineering attack that used an audio deepfake that impersonated the company’s CEO. Fortunately, the employee grew suspicious and avoided falling for the attack.

Phishing 118
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Breach Roundup: LabHost Goes Down

Data Breach Today

Also: Omni Hack Exposed Customer Data and More Ivanti Vulnerabilities This week, police took down the LabHost phishing-as-a-service site, customer data compromised in Omni Hotels hack, more Ivanti vulnerabilities, a Moldovan botnet operators faces U.S. charges, Cisco warned of data breach in Duo and a Spanish Guardia Civil contractor suffered a ransomware attack.

article thumbnail

Other Attempts to Take Over Open Source Projects

Schneier on Security

After the XZ Utils discovery, people have been examining other open-source projects. Surprising no one, the incident is not unique: The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, bearing different names and overlapping GitHub-associated emails. These emails implored OpenJS to take action to update one of its popular JavaScript projects to “address any critical vulnerabilities,” yet cited no specifics.

article thumbnail

10 Rules for Managing Apache Cassandra

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

article thumbnail

Hacking the Floodgates: U.S. Dams Face Growing Cyber Threats

Data Breach Today

Hacks on Unregulated Dams Can Result in Mass Casualties, Experts and Lawmakers Warn Cybersecurity experts and top lawmakers are warning that a successful cyberattack targeting federally-regulated dams across the United States - the majority of which have not received a cyber audit - could result in a severe impact on public health and even mass casualties.

More Trending

article thumbnail

Dark Web Sales Driving Major Rise in Credential Attacks

Data Breach Today

Cybercriminals Netting Over 50 Credentials Per Infected Device, Kaspersky Says The value of corporate credentials in the cybercrime market contributed to a 643% increase in data theft attacks over the past three years, cybersecurity company Kaspersky says. Malicious access brokers stole close to 400 million logins and passwords for numerous websites in the past year.

Sales 167
article thumbnail

The Real-Time Deepfake Romance Scams Have Arrived

WIRED Threat Level

Watch how smooth-talking scammers known as “Yahoo Boys” use widely available face-swapping tech to carry out elaborate romance scams.

article thumbnail

Why Health Firms Struggle with Cybersecurity Frameworks

Data Breach Today

Healthcare sector organizations often still struggle to implement security frameworks effectively, often not fully understanding the requirements or failing to integrate them into their overall cybersecurity strategy, said Keith Forrester of security firm Optiv, who offers tips to help.

article thumbnail

FIN7 targeted a large U.S. carmaker phishing attacks

Security Affairs

BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. FIN7 targeted employees who worked in the company’s IT department and had higher levels of administrative rights.

Phishing 110
article thumbnail

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage

Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, VP of Engineering at Betterworks, will explore a practical framework to transform Generative AI pr

article thumbnail

Cryptohack Roundup: First Conviction in Smart Contract Hack

Data Breach Today

Also: Nebraska Man Steals $3.5 Million of Cloud Services to Mine $1M of Crypto Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, sentencing in the first-ever conviction for hacking a smart contract, indictment in a million-dollar illicit mining, FTX executive's sentencing, Railgun's money-laundering defense and Uniswap's Wells Notice.

Mining 167
article thumbnail

AI Voice Cloning and Bank Voice Authentication: A Recipe for Disaster?

KnowBe4

New advancements in generative AI voice cloning come at a time when banks are looking for additional ways to authenticate their customers – and they’re choosing your voice.

article thumbnail

Company Says Change Healthcare Hackers Stole Sensitive Data

Data Breach Today

UnitedHealth Group Makes Low Key Admission in Online FAQ UnitedHealthGroup said for the first time that hackers behind a February ransomware attack against Change Healthcare breached sensitive health information, an admission that triggers a regulatory countdown clock for public disclosures and individual notification.

article thumbnail

United Nations Development Programme (UNDP) investigates data breach

Security Affairs

The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack and the subsequent theft of data. The United Nations Development Programme (UNDP) is investigating an alleged ransomware attack that resulted in data theft. The United Nations Development Programme (UNDP) is a United Nations agency tasked with helping countries eliminate poverty and achieve sustainable economic growth and human development.

article thumbnail

10 Rules for Managing Apache Kafka

Without proper guidance, it’s easy to miss out on Kafka’s full capabilities. While not the easiest technology to optimize, Kafka rewards those willing to explore its depths. Under the hood, it is an elegant system for stream processing, event sourcing, and data integration. Download this white paper to learn the 10 critical rules that will help you optimize your Kafka system and unlock its full potential.

article thumbnail

Novel Android Malware Targets Korean Banking Users

Data Breach Today

New Malware SoumniBot Exploiting Legitimate Android Process A new banking Trojan is targeting Korean users using obfuscation techniques that target the Android manifest, exploit vulnerabilities and take advantage of weaknesses in how Android apps interpret this file. SoumniBot stands out for its approach to camouflaging its malicious intent.

IT 157
article thumbnail

Law enforcement operation dismantled phishing-as-a-service platform LabHost

Security Affairs

An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost. An international law enforcement operation, codenamed Nebulae and coordinated by Europol, led to the disruption of LabHost, which is one of the world’s largest phishing-as-a-service platforms. Law enforcement from 19 countries participated in the operation which resulted in the arrest of 37 individuals.

Phishing 104
article thumbnail

From $8.3B to $200M: Why Lacework Is Examining a Sale to Wiz

Data Breach Today

Lacework Got the Largest Funding Round in Cyber History. Now, It's Eyeing the Exits Wiz is in advanced negotiations to buy Lacework for between $150 million and $200 million. The companies recently signed a letter of intent and are now in the midst of a comprehensive due diligence process, after which a decision will be made on whether the acquisition will go through.

Sales 157
article thumbnail

Getting ready for artificial general intelligence with examples

IBM Big Data Hub

Imagine a world where machines aren’t confined to pre-programmed tasks but operate with human-like autonomy and competence. A world where computer minds pilot self-driving cars, delve into complex scientific research, provide personalized customer service and even explore the unknown. This is the potential of artificial general intelligence (AGI), a hypothetical technology that may be poised to revolutionize nearly every aspect of human life and work.

article thumbnail

Navigating the Future: Generative AI, Application Analytics, and Data

Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?

article thumbnail

Jury Dishes Out Guilty Verdict in Mango Markets Fraud Case

Data Breach Today

Hacker Masterminded, Executed $110 Million Crypto Fraud Scheme A New York federal jury has found a hacker guilty of charges that he masterminded and carried out a scheme to fraudulently obtain $110 million in cryptocurrency from crypto currency exchange Mango Markets and investors.

Marketing 157
article thumbnail

Microsoft employees exposed internal passwords in security lapse via Tech Crunch

IG Guru

Check out the article here. The post Microsoft employees exposed internal passwords in security lapse via Tech Crunch first appeared on IG GURU.

article thumbnail

Lowest-Rung Attackers Challenging Ransomware-as-a-Service

Data Breach Today

Christopher Budd on the Rise of Junk Gun Ransomware Variants Since June 2023, 19 junk gun ransomware variants have been discovered on the dark web. These cheap, independently produced and crudely constructed variants offer an attractive way for newer cybercriminals to get started in the ransomware world and are mostly effective against SMBs.

article thumbnail

Probable Root Cause: Accelerating incident remediation with causal AI 

IBM Big Data Hub

It has been proven time and time again that a business application’s outages are very costly. The estimated cost of an average downtime can run USD 50,000 to 500,000 per hour , and more as businesses are actively moving to digitization. The complexity of applications is growing as well, so Site Reliability Engineers (SREs) require hours—and sometimes days—to identify and resolve problems.

IT 64
article thumbnail

Get Better Network Graphs & Save Analysts Time

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

article thumbnail

Code to Cloud Roadshow - Minneapolis In-Person Event hosted by Palo Alto Networks

Data Breach Today

Code to Cloud Roadshow, Minneapolis In-Person Event.

Cloud 157
article thumbnail

HID Creates New Workforce Identity Ecosystem Program

HID Global

HID, a worldwide leader in trusted identity solutions, has created a new program that allows application developers to build both secure and dynamic workplace experiences. Get the full scoop here.

article thumbnail

The Power of Partnerships: Unlocking the Full Potential of Enterprise Data with Reltio

Reltio

Data sources and complexity are growing exponentially, creating a challenging landscape for enterprise IT and data leaders. While most enterprises are awash in data, extracting value from the information has never been more challenging. With the growing array of solutions and approaches, there is a lot of confusion in the market over the best approaches to becoming data-driven.

article thumbnail

AI Emerges as Top Priority for Enterprises, Driving Competitive Advantage

Information Matters

In a survey of over 1,000 C-suite executives across the United States, Canada, United Kingdom, Australia, and New Zealand, Constellation Research has found that artificial intelligence (AI) has become the Read more The post AI Emerges as Top Priority for Enterprises, Driving Competitive Advantage appeared first on Information Matters - Where AI Meets Business Transformation.

article thumbnail

How Embedded Analytics Gets You to Market Faster with a SAAS Offering

Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.

article thumbnail

How declarative device management transforms Apple MDM

Jamf

Apple's declarative device management (DDM) is a relative newcomer to MDM. But in only three years, it has become a cornerstone of modern Apple management. You can expect DDM's impact to grow ever more transformative.

MDM 40
article thumbnail

Slack AI is now available to all paid users. Here's what these features can do for your team

Collaboration 2.0

As an add-on for Slack Pro and Business+ plans, these generative AI features tackle many of your biggest Slack headaches.

40
article thumbnail

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Security Affairs

Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since 2022. WithSecure researchers identified a new backdoor named Kapeka that has been used in attacks targeting victims in Eastern Europe since at least mid-2022. The backdoor is very sophisticated, it serves as both an initial toolkit and as a backdoor for maintaining long-term access to compromised systems.