July, 2023

article thumbnail

Banking Firms Under Attack by Sophisticated 'Toitoin' Campaign

Dark Reading

An attack involves a multi-stage infection chain with custom malware hosted on Amazon EC2 that ultimately steals critical system and browser data; so far, targets have been located in Latin America.

113
113
article thumbnail

Who’s Behind the DomainNetworks Snail Mail Scam?

Krebs on Security

If you’ve ever owned a domain name, the chances are good that at some point you’ve received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don’t need, and probably will never receive.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

White House Unveils National Cyber Workforce Strategy

Data Breach Today

Plan Includes Boosting Cyber Professional Skills, Plus Cyber Literacy for All Jobs The Biden administration on Monday released a national strategy addressing cyber workforce shortages and calling long-standing vacancies a national security imperative. The White House says the U.S. needs more cyber professionals and should augment cyber literacy in jobs throughout the economy.

Security 243
article thumbnail

News Alert: CrowdSec report highlights the rise of IPv6 in cyber criminal activities

The Last Watchdog

Paris, France, July 27, 2023 – CrowdSec , the pioneering open source and collaborative cybersecurity company, today released its Q2 2023 Majority Report , a comprehensive community-driven data report fueled by the collective efforts of its thousands of users. Key takeaways from the report include the rise of IPv6 as well as the role of VPN in cybercriminal activities.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Threads: We Don’t Want to “Hang Out With Everybody.” Sometimes, We Want To Leave.

John Battelle's Searchblog

(AP Photo/Richard Drew) Apparently the open web has finally died. This the very same week Meta launches Threads , which, if its first day is any indication, seems to be thriving (10 million sign ups in its first few hours, likely 50 million by the time this publishes…). But before Threads’ apparent success, most writers covering tech had decided that the era of free, open-to-the-public, at scale services like Twitter, Reddit, and even Facebook/Insta is over.

IT 141

More Trending

article thumbnail

Microsoft Teams Exploit Tool Auto-Delivers Malware

Dark Reading

The "TeamsPhisher" cyberattack tool gives pentesters — and adversaries — a way to deliver malicious files directly to a Teams user from an external account, or tenant.

145
145
article thumbnail

World Youth Skills Day 2023: Engaging Youth with Cybersecurity

Thales Cloud Protection & Licensing

World Youth Skills Day 2023: Engaging Youth with Cybersecurity madhav Thu, 07/13/2023 - 04:56 In 2014, the United Nations General Assembly declared 15 July as World Youth Skills Day to celebrate the strategic importance of equipping young people with skills for employment, decent work, and entrepreneurship. “Young people are drivers of change and must be fully engaged in decisions affecting their future,” said UN Secretary-General António Guterres.

article thumbnail

Midyear Health Data Breach Analysis: The Top Culprits

Data Breach Today

Latest Hacking, Vendor Incident Trends Emerging From the Federal Tally Hacking incidents, including those involving ransomware attacks or vendors, that affect tens of millions of individuals, continue to account for the majority of health data breaches reported to federal regulators so far this year. What are the other emerging breach trends?

article thumbnail

MY TAKE: ‘IOWN’ makes the business case for fostering diversity, respecting individual privacy

The Last Watchdog

To tap the full potential of massively interconnected, fully interoperable digital systems we must solve privacy and cybersecurity, to be sure. Related: Using ‘Big Data’ to improve health and well-being But there’s yet another towering technology mountain to climb: we must also overcome the limitations of Moore’s Law. After 30 years, we’ve reached the end of Moore’s Law , which states that the number of transistors on a silicon-based semiconductor chip doubles approximately eve

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

U.S. Announces Fulfillment of EU-U.S. Data Privacy Framework Requirements

Hunton Privacy

On July 3, 2023, U.S. Secretary of Commerce Gina Raimondo issued a statement confirming that the U.S. has fulfilled its commitments for implementing the EU-U.S. Data Privacy Framework (the “Framework”). In the statement, it was confirmed that the EU, Iceland, Liechtenstein and Norway, have been designated as “qualifying states” for purposes of implementing the redress mechanism established under Executive Order 14086, such designation to be become effective upon the adoption of an adequacy decis

article thumbnail

New Report Shows Social Engineering and Business Email Compromise Attacks Have Drastically Increased in 2023

KnowBe4

Email-based social engineering attacks have risen by 464% this year compared to the first half of 2022, according to a report by Acronis. Business email compromise (BEC) attacks have also increased significantly.

102
102
article thumbnail

Google Searches for 'USPS Package Tracking' Lead to Banking Theft

Dark Reading

Attackers are leveraging well-executed brand impersonation in a Google ads malvertising effort that collects both credit card and bank details from victims.

127
127
article thumbnail

Webcast: Today’s biggest information management challenges

OpenText Information Management

Are information sprawl, data access and security concerns holding back workforce productivity? Will the seemingly endless amounts of information that can be generated by AI only exacerbate information overload? Is cloud adoption creating siloes of information and adding complexity? These information management challenges and how to overcome them were discussed by a panel of industry … The post Webcast: Today’s biggest information management challenges appeared first on OpenText Blogs.

Cloud 98
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Combat IT Team Burnout by Embracing Automation

Data Breach Today

Expel VP Chris Waynforth on How Security Researchers Can Reduce False Positives Unnecessary cyber alerts are a threat that can overwhelm defenders, leading to burnout and reduced efficiency within the team. Chris Waynforth, vice president and general manager at Expel, said adopting automation solutions to filter and prioritize alerts allows for more effective incident response.

IT 246
article thumbnail

GUEST ESSAY: Why it’s high time for us to rely primarily on passwordless authentication

The Last Watchdog

Accessing vital information to complete day-to-day tasks at our jobs still requires using a password-based system at most companies. Related: Satya Nadella calls for facial recognition regulations Historically, this relationship has been effective from both the user experience and host perspectives; passwords unlocked a world of possibilities, acted as an effective security measure, and were simple to remember.

article thumbnail

NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation

Hunton Privacy

On June 28, 2023, the New York Department of Financial Services (“NYDFS”) published an updated proposed Second Amendment (“Amendment”) to its Cybersecurity Regulation, 23 NYCRR Part 500. On November 9, 2022, NYDFS published a first draft of the proposed Amendment and received comments from stakeholders over a 60-day period. The updated proposed Amendment will be subject to an additional 45-day comment period.

article thumbnail

Can AI make government services more human?

CGI

While much attention on artificial intelligence (AI) has been focused on the commercial sector, AI and the public sector is a perfect fit. In fact, there are many use cases already for using AI to digitalize government services, including improving water quality for communities to helping answer constituent and health worker questions.

article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Microsoft Discloses 5 Zero-Days in Voluminous July Security Update

Dark Reading

Fixes for more than 100 vulnerabilities affect numerous products, including Windows, Office,Net, and Azure Active Directory, among others.

Security 128
article thumbnail

TETRA Radio Code Encryption Has a Flaw: A Backdoor

WIRED Threat Level

A secret encryption cipher baked into radio systems used by critical infrastructure workers, police, and others around the world is finally seeing sunlight. Researchers say it isn’t pretty.

article thumbnail

Federal Reserve's FedNow Goes Live With Fast Payments

Data Breach Today

Program Expected to Modernize Country's Payment Systems FedNow, the Federal Reserve's first instant payment service, officially launched on Thursday. FedNow so far has 35 banks and credit unions and 16 service providers certified to use the service including community banks and large lenders such as JPMorgan Chase and Bank of New York Mellon.

246
246
article thumbnail

What’s new in Application Modernization & Connectivity  

OpenText Information Management

Helping our customers build for the future through smarter modernization New product updates are now available within Application Modernization & Connectivity (AMC) – OpenText’s marketing leading solution for COBOL and mainframe application development, deployment, and modernization as well as mainframe host access and security. Latest OpenText of Cloud Editions includes updates to its COBOL, Mainframe … The post What’s new in Application Modernization & Connectivity appeared fi

Cloud 98
article thumbnail

The Big Payoff of Application Analytics

Outdated or absent analytics won’t cut it in today’s data-driven applications – not for your end users, your development team, or your business. That’s what drove the five companies in this e-book to change their approach to analytics. Download this e-book to learn about the unique problems each company faced and how they achieved huge returns beyond expectation by embedding analytics into applications.

article thumbnail

UK ICO Encourages Use of Privacy Enhancing Technologies

Hunton Privacy

On June 19, 2023, the UK Information Commissioner’s Office (“ICO”) recommended that organizations start using privacy enhancing technologies (“PETs”) to share personal information safely, securely and anonymously. The ICO also has issued new guidance on PETs which is aimed at those using large data sets in finance, healthcare, money laundering and cybercrime.

Privacy 103
article thumbnail

Digital Is Killing Serendipity

John Battelle's Searchblog

The buildings are the same, but the information landscape has changed, dramatically. Today I’m going to write about the college course booklet, an artifact of another time. I hope along the way we might learn something about digital technology, information design, and why we keep getting in our own way when it comes to applying the lessons of the past to the possibilities of the future.

article thumbnail

Shell Becomes Latest Cl0p MOVEit Victim

Dark Reading

In another MOVEit attack, oil and gas giant Shell saw the release of the private information of its employees.

IT 134
article thumbnail

OCR and FTC Issue a Joint Letter Suggesting Enforcement Actions May Be in the Pipeline

Data Protection Report

On July 20, 2023 HHS and the Federal Trade Commission (“FTC”) issued a joint letter to approximately 130 companies regarding their online data collection processes. The letter follows the much discussed December 1, 2022, Bulletin that expanded the kinds of websites and applications governed by HIPAA (you can read about our analysis of the bulletin here ).

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Clop Crime Group Adds 62 Ernst & Young Clients to Leak Sites

Data Breach Today

Victims Include Airline, Banks, Hospitals, Retailers in Canada The growing list of MOVEit cyberattack victims has grown. Sixty-two 62 clients of Big Four accounting firm Ernst & Young now appear on the Clop ransomware group's data leak sites. A spokesperson for Ernst & Young confirmed that a "limited" attack on the company's systems had occurred.

Retail 246
article thumbnail

Two flaws in Linux Ubuntu affect 40% of Ubuntu users

Security Affairs

Wiz researchers discovered two Linux vulnerabilities in the Ubuntu kernel that can allow an unprivileged local user to gain elevated privileges. Wiz Research discovered two privilege escalation vulnerabilities, tracked as CVE-2023-2640 and CVE-2023-32629, in the OverlayFS module in the Linux distro Ubuntu. According to the researchers, the flaws impact 40% of the users of the popular Linux distribution.

Cloud 97
article thumbnail

BREAKING: EU Commission Adopts EU-U.S. Data Privacy Framework Adequacy Decision

Hunton Privacy

On July 10, 2023, the European Commission formally adopted a new adequacy decision on the EU-U.S. Data Privacy Framework (the “Adequacy Decision”). The adoption of this Adequacy Decision follows years of intense negotiations between the EU and the U.S., after the invalidation of the EU-U.S. Privacy Shield by the Court of Justice of the European Union (“CJEU”) in the Schrems II case.