August, 2023

article thumbnail

Why Criminals Keep Reusing Leaked Ransomware Builders

Data Breach Today

Blame Police Crackdowns on Big Names, Hacker Thrift, Ransomware Grifters in Trouble What's behind the a profusion of reported attacks involving stolen or reused strains of ransomware? Blame a variety of factors, including law enforcement crackdowns, evolving ransomware business models and at least one case of a ransomware group leader with poor morale building skills.

article thumbnail

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

The threat of bad actors hacking into airplane systems mid-flight has become a major concern for airlines and operators worldwide. Related: Pushing the fly-by-wire envelope This is especially true because systems are more interconnected and use more complex commercial software than ever before, meaning a vulnerability in one system could lead to a malicious actor gaining access to more important systems.

Risk 264
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

The U.S. government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international law enforcement operation involved seizing control over the botnet’s online infrastructure, and quietly removing the Qakbot malware from tens of thousands of infected Microsoft Windows computers.

article thumbnail

Apple's Decision to Kill Its CSAM Photo-Scanning Tool Sparks Fresh Controversy

WIRED Threat Level

Child safety group Heat Initiative plans to launch a campaign pressing Apple on child sexual abuse material scanning and user reporting. The company issued a rare, detailed response on Thursday.

IT 141
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization

Security Affairs

The National Safety Council leaked thousands of emails and passwords of their members, including companies such as NASA and Tesla. The National Safety Council has leaked nearly 10,000 emails and passwords of their members, exposing 2000 companies, including governmental organizations and big corporations. The National Safety Council (NSC) is a non-profit organization in the United States providing workplace and driving safety training.

Passwords 138

More Trending

article thumbnail

CrowdStrike CEO: Point Product Vendors Are Being Left Behind

Data Breach Today

George Kurtz Says Clients Spot 'Point Products Masquerading as Platform Stories' CrowdStrike CEO George Kurtz said point product companies "are quickly going the way of legacy antivirus" as rivals SentinelOne and BlackBerry reportedly hunt for buyers. The endpoint security market is quickly consolidating from being "littered with dozens of companies" to just several vendors.

Marketing 299
article thumbnail

Black Hat insights: Generative AI begins seeping into the security platforms that will carry us forward

The Last Watchdog

LAS VEGAS – Just when we appeared to be on the verge of materially shrinking the attack surface, along comes an unpredictable, potentially explosive wild card: generative AI. Related: Can ‘CNAPP’ do it all? Unsurprisingly, generative AI was in the spotlight at Black Hat USA 2023 , which returned to its full pre-Covid grandeur here last week.

Security 246
article thumbnail

Hybrid Post-Quantum Signatures in Hardware Security Keys

Elie

We introduce a hybrid digital signature scheme based on two building blocks: a classically-secure scheme, ECDSA, and a post-quantum secure one, Dilithium. Our hybrid scheme maintains the guarantees of each underlying building block even if the other one is broken, thus being resistant to classical and quantum attacks.

Security 117
article thumbnail

Cybercriminals Team Up to Upgrade 'SapphireStealer' Malware

Dark Reading

A hacker published a real gem of an infostealer to GitHub that requires zero coding knowledge to use. Then a community sprung up around it, polishing the code to a high shine and creating new, even more robust features.

IT 121
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Japan’s JPCERT warns of new ‘MalDoc in PDF’ attack technique

Security Affairs

Japan’s JPCERT warns of a new recently detected ‘MalDoc in PDF’ attack that embeds malicious Word files into PDFs. Japan’s computer emergency response team (JPCERT) has recently observed a new attack technique, called ‘MalDoc in PDF’, that bypasses detection by embedding a malicious Word file into a PDF file. The researchers explained that a file created with MalDoc in PDF has magic numbers and file structure of PDF, but can be opened in Word.

IT 121
article thumbnail

Data From The Qakbot Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI

Troy Hunt

Today, the US Justice Department announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, and the United Kingdom to disrupt the botnet and malware known as Qakbot and take down its infrastructure. Beyond just taking down the backbone of the operation, the FBI began actively intercepting traffic from the botnet and instructing infected machines the uninstall the malware: To disrupt the botnet, the FBI was able to redirect Qakbot botnet traffic

Passwords 127
article thumbnail

US Aids Costa Rican Post-Hack Push for Robust SOC, Secure 5G

Data Breach Today

US Funds for Regional SOC, Use of Trusted 5G Providers Follows Big 2022 Cyberattack Costa Rica will build a national cybersecurity operations center with substantial U.S. backing following a crippling cyberattack last year while also committing to using only trusted 5G providers. The State Department extended $25 million to build a virtual security operations center.

Security 298
article thumbnail

Black Hat insights: JupiterOne’s whodunnit puts CISOs on the trail of solving a devastating breach

The Last Watchdog

LAS VEGAS — One fundamental reason some 7,000 or so IT pros are making the trek here this week is that no one ever wants to get caught in the crossfire of a devastating data breach. Related: A call to regulate facial recognition That said, a few dozen CISOs attending Black Hat USA 2023 will get to experience, hands-on, what it must have been like to be in the crucible of milestone hacks like Capital One, SolarWinds and Colonial Pipeline.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Unmasking Trickbot, One of the World’s Top Cybercrime Gangs

WIRED Threat Level

A WIRED investigation into a cache of documents posted by an unknown figure lays bare the Trickbot ransomware gang’s secrets, including the identity of a central member.

article thumbnail

Open Redirect Flaws: The Newest Phishing Trick

KnowBe4

No surprise: phishing attacks are on the rise, and a new technique is becoming increasingly popular: open redirect flaws. These flaws allow attackers to redirect victims to malicious websites, even if the link in the phishing email appears to be legitimate.

Phishing 118
article thumbnail

Fashion retailer Forever 21 data breach impacted +500,000 individuals

Security Affairs

Fashion retailer Forever 21 disclosed a data breach that exposed the personal information of more than 500,000 individuals. On March 20, 2023, the fashion retailer Forever 21 has discovered a cyber incident that impacted a limited number of systems. The company immediately launched an investigation into the incident with the help of leading cybersecurity firms.

Retail 121
article thumbnail

Own Your Own Government Surveillance Van

Schneier on Security

A used government surveillance van is for sale in Chicago: So how was this van turned into a mobile spying center? Well, let’s start with how it has more LCD monitors than a Counterstrike LAN party. They can be used to monitor any of six different video inputs including a videoscope camera. A videoscope and a borescope are very similar as they’re both cameras on the ends of optical fibers, so the same tech you’d use to inspect cylinder walls is also useful for surveillance.

article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Facebook Links Massive Disinformation Operation to China

Data Breach Today

'Spamouflage' Controlled Thousands of Facebook Pages But Struggled for Engagement Facebook parent Meta unearthed a Chinese propaganda campaign active across dozens of social media sites in what the company calls the largest known cross-platform influence operation in the world. "Spamouflage" operates across more than 50 platforms and forums.

289
289
article thumbnail

CPPA Issues Draft CPRA Regulations on Risk Assessment and Cybersecurity Audit

Hunton Privacy

On August 29, 2023, the California Privacy Protection Agency (“CPPA”) Board issued draft regulations on Risk Assessment and Cybersecurity Audit (the “Draft Regulations”). The CPPA Board will discuss the Draft Regulations during a public meeting on September 8, 2023. In issuing the Draft Regulations, the CPPA Board makes clear that it has not yet started the formal rulemaking process for cybersecurity audits, risk assessments or automated decision-making technology, and that these Draft Regulatio

Risk 110
article thumbnail

4th Annual Legal Industry Collaboration Data Survey

Hanzo Learning Center

Our focus is to gain knowledge about any challenges that corporate legal teams encounter in relation to these new data types and their relationship with ediscovery and information governance. The adoption of collaboration tools such as Slack and Microsoft Teams in enterprises has experienced remarkable growth in recent years. These platforms offer a wide range of features that are specifically designed to enhance communication, collaboration, and productivity within organizations.

article thumbnail

Industry analyst round up – top rankings for OpenText

OpenText Information Management

Across the market segments we serve at OpenText, it’s always a delight to receive acknowledgement from some of the top firms in the industry analyst community. Recently, Gartner, Forrester, and IDC have placed us in several leadership positions for key enterprise software categories. Industry analyst firm rankings provide independent assessments of the value and business … The post Industry analyst round up – top rankings for OpenText appeared first on OpenText Blogs.

Marketing 109
article thumbnail

The Big Payoff of Application Analytics

Outdated or absent analytics won’t cut it in today’s data-driven applications – not for your end users, your development team, or your business. That’s what drove the five companies in this e-book to change their approach to analytics. Download this e-book to learn about the unique problems each company faced and how they achieved huge returns beyond expectation by embedding analytics into applications.

article thumbnail

Abusing Windows Container Isolation Framework to avoid detection by security products

Security Affairs

Researchers demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions. Researcher Daniel Avinoam at the recent DEF CON hacking conference demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions. The expert explained that Windows OS separates the file system from each container to the host and avoids duplication of system files.

Security 119
article thumbnail

When Apps Go Rogue

Schneier on Security

Interesting story of an Apple Macintosh app that went rogue. Basically, it was a good app until one particular update…when it went bad. With more official macOS features added in 2021 that enabled the “Night Shift” dark mode, the NightOwl app was left forlorn and forgotten on many older Macs. Few of those supposed tens of thousands of users likely noticed when the app they ran in the background of their older Macs was bought by another company, nor when earlier this year that c

IT 109
article thumbnail

SentinelOne CEO on Wiz M&A: 'Pure Speculation on Their Part'

Data Breach Today

Tomer Weingarten Nixes Wiz Reselling Agreement After Not Seeing 'Any Contribution' SentinelOne CEO Tomer Weingarten hit back at endpoint security rivals CrowdStrike and Microsoft as well as rumored M&A suitor Wiz for publicly fanning acquisition flames. The endpoint security firm called Wiz acquisition rumors "a headscratcher," "far from fact" and "pure speculation on their part.

Security 286
article thumbnail

New York Times Spoofed to Hide Russian Disinformation Campaign

Dark Reading

"Operation Doppelganger" has convincingly masqueraded as multiple news sites with elaborate fake stories containing real bylines of journalists, blasting them out on social media platforms.

109
109
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Customers of Cryptocurrency FTX are Target of  Phishing Emails

KnowBe4

Customers of the bankrupt cryptocurrency exchange FTX are already receiving phishing emails following a breach of personal data held by several crypto companies, CoinDesk reports.

Phishing 101
article thumbnail

Google Fixes Serious Security Flaws in Chrome and Android

WIRED Threat Level

Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

Security 102
article thumbnail

Attackers can discover IP address by sending a link over the Skype mobile app

Security Affairs

A security researcher demonstrated how to discover a target’s IP address by sending a link over the Skype mobile app. The security researcher Yossi discovered that is possible to discover a target’s IP address by sending a link over the Skype mobile app. The researcher pointed out that the attack only requires the target to open the message. The problem only impacts the Skype mobile app.

Risk 119