July, 2023

article thumbnail

Banking Firms Under Attack by Sophisticated 'Toitoin' Campaign

Dark Reading

An attack involves a multi-stage infection chain with custom malware hosted on Amazon EC2 that ultimately steals critical system and browser data; so far, targets have been located in Latin America.

122
122
article thumbnail

Who’s Behind the DomainNetworks Snail Mail Scam?

Krebs on Security

If you’ve ever owned a domain name, the chances are good that at some point you’ve received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don’t need, and probably will never receive.

Passwords 311
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

White House Unveils National Cyber Workforce Strategy

Data Breach Today

Plan Includes Boosting Cyber Professional Skills, Plus Cyber Literacy for All Jobs The Biden administration on Monday released a national strategy addressing cyber workforce shortages and calling long-standing vacancies a national security imperative. The White House says the U.S. needs more cyber professionals and should augment cyber literacy in jobs throughout the economy.

Security 240
article thumbnail

Threads: We Don’t Want to “Hang Out With Everybody.” Sometimes, We Want To Leave.

John Battelle's Searchblog

(AP Photo/Richard Drew) Apparently the open web has finally died. This the very same week Meta launches Threads , which, if its first day is any indication, seems to be thriving (10 million sign ups in its first few hours, likely 50 million by the time this publishes…). But before Threads’ apparent success, most writers covering tech had decided that the era of free, open-to-the-public, at scale services like Twitter, Reddit, and even Facebook/Insta is over.

IT 141
article thumbnail

Customer Experience Management: Optimizing Your Strategy for Financial Success

Speaker: Diane Magers, Founder and Chief Experience Officer at Experience Catalysts

In the world of business, connecting the dots from experience to financial impact is an essential skill. Transforming customer engagement, Voice of Customer (VoC) insights, and Journey Maps into tangible financial outcomes poses a significant challenge for most organizations. To gain buy-in from the C-Suite and key stakeholders, it’s crucial to illustrate how Experience Management translates into clear, measurable business results.

article thumbnail

Admin SSO now available for Jamf Account

Jamf

Learn how to seamlessly set up an identity provider (IdP) in your Jamf Account with our step-by-step guide, and take advantage of single sign-on authentication at the admin level.

More Trending

article thumbnail

Microsoft Teams Exploit Tool Auto-Delivers Malware

Dark Reading

The "TeamsPhisher" cyberattack tool gives pentesters — and adversaries — a way to deliver malicious files directly to a Teams user from an external account, or tenant.

145
145
article thumbnail

Top Suspect in 2015 Ashley Madison Hack Committed Suicide in 2014

Krebs on Security

When the marital infidelity website AshleyMadison.com learned in July 2015 that hackers were threatening to publish data stolen from 37 million users, the company’s then-CEO Noel Biderman was quick to point the finger at an unnamed former contractor. But as a new documentary series on Hulu reveals [ SPOILER ALERT! ], there was just one problem with that theory: Their top suspect had killed himself more than a year before the hackers began publishing stolen user data.

Access 290
article thumbnail

Ransomware Continues to Plague European Healthcare Sector

Data Breach Today

Hacktivist-Led DDoS Attacks Also on the Rise, ENISA Says Ransomware continues to be the biggest threat to the European healthcare sector, but the region also is experiencing an uptick in distributed denial-of-service attacks tied to hacktivist groups, the European Union Agency for Cybersecurity warned.

article thumbnail

World Youth Skills Day 2023: Engaging Youth with Cybersecurity

Thales Cloud Protection & Licensing

World Youth Skills Day 2023: Engaging Youth with Cybersecurity madhav Thu, 07/13/2023 - 04:56 In 2014, the United Nations General Assembly declared 15 July as World Youth Skills Day to celebrate the strategic importance of equipping young people with skills for employment, decent work, and entrepreneurship. “Young people are drivers of change and must be fully engaged in decisions affecting their future,” said UN Secretary-General António Guterres.

article thumbnail

How to Stay Competitive in the Evolving State of Martech

Marketing technology is essential for B2B marketers to stay competitive in a rapidly changing digital landscape — and with 53% of marketers experiencing legacy technology issues and limitations, they’re researching innovations to expand and refine their technology stacks. To help practitioners keep up with the rapidly evolving martech landscape, this special report will discuss: How practitioners are integrating technologies and systems to encourage information-sharing between departments and pr

article thumbnail

U.S. Announces Fulfillment of EU-U.S. Data Privacy Framework Requirements

Hunton Privacy

On July 3, 2023, U.S. Secretary of Commerce Gina Raimondo issued a statement confirming that the U.S. has fulfilled its commitments for implementing the EU-U.S. Data Privacy Framework (the “Framework”). In the statement, it was confirmed that the EU, Iceland, Liechtenstein and Norway, have been designated as “qualifying states” for purposes of implementing the redress mechanism established under Executive Order 14086, such designation to be become effective upon the adoption of an adequacy decis

article thumbnail

Weekly Update 354

Troy Hunt

I'm in Thailand! It's spectacular here, and even more so since recording this video and getting out of Bangkok and into the sorts of natural beauty you see in all the videos. Speaking of which, rather than writing more here (whilst metres away from the most amazing scenery), I'm going to push the publish button on this week's video and go enjoy it.

article thumbnail

Google Searches for 'USPS Package Tracking' Lead to Banking Theft

Dark Reading

Attackers are leveraging well-executed brand impersonation in a Google ads malvertising effort that collects both credit card and bank details from victims.

133
133
article thumbnail

Apple & Microsoft Patch Tuesday, July 2023 Edition

Krebs on Security

Microsoft Corp. today released software updates to quash 130 security bugs in its Windows operating systems and related software, including at least five flaws that are already seeing active exploitation. Meanwhile, Apple customers have their own zero-day woes again this month: On Monday, Apple issued (and then quickly pulled) an emergency update to fix a zero-day vulnerability that is being exploited on MacOS and iOS devices.

article thumbnail

The Essential Guide to Analytic Applications

Embedding dashboards, reports and analytics in your application presents unique opportunities and poses unique challenges. We interviewed 16 experts across business intelligence, UI/UX, security and more to find out what it takes to build an application with analytics at its core. No matter where you are in your analytics journey, you will learn about emerging trends and gather best practices from product experts.

article thumbnail

Latest MOVEit Bug Is Another Critical SQL Injection Flaw

Data Breach Today

Progress Software Reveals 1 New 'Critical' and 2 'High-Severity' Bugs For the third time since the discovery of the MOVEit Transfer application zero-day vulnerability, Progress Software has revealed a new critical SQL injection vulnerability that allows remote attackers to bypass authentication and execute arbitrary code.

article thumbnail

New Report Shows Social Engineering and Business Email Compromise Attacks Have Drastically Increased in 2023

KnowBe4

Email-based social engineering attacks have risen by 464% this year compared to the first half of 2022, according to a report by Acronis. Business email compromise (BEC) attacks have also increased significantly.

105
105
article thumbnail

NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation

Hunton Privacy

On June 28, 2023, the New York Department of Financial Services (“NYDFS”) published an updated proposed Second Amendment (“Amendment”) to its Cybersecurity Regulation, 23 NYCRR Part 500. On November 9, 2022, NYDFS published a first draft of the proposed Amendment and received comments from stakeholders over a 60-day period. The updated proposed Amendment will be subject to an additional 45-day comment period.

article thumbnail

Webcast: Today’s biggest information management challenges

OpenText Information Management

Are information sprawl, data access and security concerns holding back workforce productivity? Will the seemingly endless amounts of information that can be generated by AI only exacerbate information overload? Is cloud adoption creating siloes of information and adding complexity? These information management challenges and how to overcome them were discussed by a panel of industry … The post Webcast: Today’s biggest information management challenges appeared first on OpenText Blogs.

Cloud 98
article thumbnail

1st, 2nd, and 3rd Party Intent Data: Which Is Right for You?

How do 1st, 2nd, and 3rd party intent data compare? 1st, 2nd, and 3rd party data each have specific advantages and disadvantages. It comes down to four factors: accuracy, cost, control and quantity. This infographic explains the pros and cons of each and helps you understand which one is best for meeting your business objectives. Intent data can be a great way to fill your pipeline and close more deals.

article thumbnail

Researchers Develop Exploit Code for Critical Fortinet VPN Bug

Dark Reading

Some 340,000 FortiGate SSL VPN appliances remain exposed to the threat more than three weeks after Fortinet released firmware updates to address the issue.

119
119
article thumbnail

Can AI make government services more human?

CGI

While much attention on artificial intelligence (AI) has been focused on the commercial sector, AI and the public sector is a perfect fit. In fact, there are many use cases already for using AI to digitalize government services, including improving water quality for communities to helping answer constituent and health worker questions.

article thumbnail

Banking Tech Forecast: Cloudy, With a Chance of Cyber Risk

Data Breach Today

Cloud Adoption in Financial Services has Soared - as Has Security Risk Financial services organizations face unique cloud security challenges, due to special regulatory, data security and privacy considerations that don't necessarily apply to other industries. Security and payments experts with overlapping skillsets unpack the challenges and how to deal with them.

Risk 239
article thumbnail

Heads Up: Google Inactive Account Deletion Notifications

KnowBe4

Google announced an update to their inactive account policies in May. Accounts that have been inactive for a period of two years or more will start being deleted in December 2023, at the earliest.

article thumbnail

10 Rules for Managing PostgreSQL®

PostgreSQL is a highly versatile and robust technology, capable of addressing a wide range of challenges in diverse environments. Its expanding range of use cases is witnessing exponential growth, allowing PostgreSQL to effectively target an ever-increasing number of applications while minimizing limitations. This whitepaper presents ten indispensable rules that will empower you to optimize your PostgreSQL installation and stay ahead of the evolving landscape.

article thumbnail

UK ICO Encourages Use of Privacy Enhancing Technologies

Hunton Privacy

On June 19, 2023, the UK Information Commissioner’s Office (“ICO”) recommended that organizations start using privacy enhancing technologies (“PETs”) to share personal information safely, securely and anonymously. The ICO also has issued new guidance on PETs which is aimed at those using large data sets in finance, healthcare, money laundering and cybercrime.

Privacy 105
article thumbnail

TETRA Radio Code Encryption Has a Flaw: A Backdoor

WIRED Threat Level

A secret encryption cipher baked into radio systems used by critical infrastructure workers, police, and others around the world is finally seeing sunlight. Researchers say it isn’t pretty.

article thumbnail

Microsoft Discloses 5 Zero-Days in Voluminous July Security Update

Dark Reading

Fixes for more than 100 vulnerabilities affect numerous products, including Windows, Office,Net, and Azure Active Directory, among others.

Security 134
article thumbnail

What’s new in Application Modernization & Connectivity  

OpenText Information Management

Helping our customers build for the future through smarter modernization New product updates are now available within Application Modernization & Connectivity (AMC) – OpenText’s marketing leading solution for COBOL and mainframe application development, deployment, and modernization as well as mainframe host access and security. Latest OpenText of Cloud Editions includes updates to its COBOL, Mainframe … The post What’s new in Application Modernization & Connectivity appeared fi

Cloud 98
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Midyear Health Data Breach Analysis: The Top Culprits

Data Breach Today

Latest Hacking, Vendor Incident Trends Emerging From the Federal Tally Hacking incidents, including those involving ransomware attacks or vendors, that affect tens of millions of individuals, continue to account for the majority of health data breaches reported to federal regulators so far this year. What are the other emerging breach trends?

article thumbnail

Digital Is Killing Serendipity

John Battelle's Searchblog

The buildings are the same, but the information landscape has changed, dramatically. Today I’m going to write about the college course booklet, an artifact of another time. I hope along the way we might learn something about digital technology, information design, and why we keep getting in our own way when it comes to applying the lessons of the past to the possibilities of the future.

article thumbnail

BREAKING: EU Commission Adopts EU-U.S. Data Privacy Framework Adequacy Decision

Hunton Privacy

On July 10, 2023, the European Commission formally adopted a new adequacy decision on the EU-U.S. Data Privacy Framework (the “Adequacy Decision”). The adoption of this Adequacy Decision follows years of intense negotiations between the EU and the U.S., after the invalidation of the EU-U.S. Privacy Shield by the Court of Justice of the European Union (“CJEU”) in the Schrems II case.