January, 2023

article thumbnail

3 Ways ChatGPT Will Change Infosec in 2023

Dark Reading

OpenAI's chatbot has the promise to revolutionize how security practitioners work

Security 145
article thumbnail

Expect Hacking, Phishing After Leak of 200M Twitter Records

Data Breach Today

Database Will Provide Intelligence of Use to Online Criminals, Expert Warns Expect the recently leaked database containing over 200 million Twitter records to be an ongoing resource for hackers, fraudsters and other criminals operating online, even though 98% of the email addresses it contains have appeared in prior breaches, experts warn.

Phishing 363
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

Identity thieves have been exploiting a glaring security weakness in the website of Experian , one of the big three consumer credit reporting bureaus.

Security 340
article thumbnail

GUEST ESSAY: How I started a company to supply democratized pentests to immunize websites

The Last Watchdog

My name is Eden Zaraf. I’ve been driven by my passion for technology for as long as I can remember. Somewhere around the age of 13, I learned to code. I developed scripts, websites and got involved in security which led me to penetration testing. Related: Leveraging employees as detectors. Penetration Testing is a never-ending challenge. Five years ago, my friend Sahar Avitan began developing an automatic penetration testing tool for our own use.

Phishing 200
article thumbnail

Everything You Need to Know About Crypto

Speaker: Ryan McInerny, CAMS, FRM, MSBA - Principal, Product Strategy

This exclusive webinar with Ryan McInerny will teach you all about cryptocurrency and NFTs! Register to learn more about identifying crypto transactions, crypto asset market trends, managing risk and compliance, and supporting customers and partners using crypto-based payments.

article thumbnail

Phishers Trick Microsoft Into Granting Them 'Verified' Cloud Partner Status

Dark Reading

Everyone on Twitter wants a blue check mark. But Microsoft Azure's blue badges are even more valuable to a threat actor stealing your data via malicious OAuth apps

Cloud 143

More Trending

article thumbnail

Breaking RSA with a Quantum Computer

Schneier on Security

A group of Chinese researchers have just published a paper claiming that they can—although they have not yet done so—break 2048-bit RSA. This is something to take seriously. It might not be correct, but it’s not obviously wrong.

Paper 145
article thumbnail

LockBit Ransomware Group Reportedly Behind Royal Mail Attack

Data Breach Today

Attack Is Disrupting International Mail Export Services The cyber incident at the Royal Mail that is impeding exports from the United Kingdom is reportedly a ransomware attack by the LockBit ransomware-as-a-service group.

article thumbnail

New T-Mobile Breach Affects 37 Million Accounts

Krebs on Security

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years.

Security 298
article thumbnail

GUEST ESSAY — How threat detection services for SMBs are continuing to evolve and improve

The Last Watchdog

Small and medium-sized businesses are facing immense security challenges and these are the same as those of mid-size or larger enterprises. Related: Myths about safe browsing Clearly, SMBs need to be alert for cyberattacks, but they also need to stay focused on their business and not sacrifice productivity. Organizations are confronted with a severe security threats landscape, and it is critical that they have the ability to prevent, detect and respond to these threats in a timely manner.

article thumbnail

Contact vs. Company Intent Signal Data

Intent signal data comes in two types: either companies or individuals signaling interest in products like yours. Which kind of data delivers more advantages to B2B marketers? It depends. Get this infographic to learn about the advantages of intent-based leads and how you can most effectively use both types of data.

article thumbnail

Microsoft Azure-Based Kerberos Attacks Crack Open Cloud Accounts

Dark Reading

Two common attacks against on-premises Kerberos authentication servers — known as Pass the Ticket and Silver Ticket — can be used against Microsoft's Azure AD Kerberos, a security firms says

article thumbnail

Security Outlook 2023: Cyber Warfare Expands Threats

eSecurity Planet

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized.

Security 139
article thumbnail

Neeva Combines AI and Search – Now Comes The Hard Part

John Battelle's Searchblog

The Very Hardest Thing. What’s the hardest thing you could do as a tech-driven startup? I’ve been asked that question a few times over the years, and my immediate answer is always the same: Trying to beat Google in search.

article thumbnail

Ransomware Profits Dip as Fewer Victims Pay Extortion

Data Breach Today

As Funding From Ransoms Goes Down, Gangs Embrace Re-Extortion, Researchers Warn Bad news for ransomware groups: Experts find it's getting tougher to earn a crypto-locking payday at the expense of others.

article thumbnail

Exploring the Overlap: Cost Optimization and Digital Transformation

Speaker: Alex Jiménez, Managing Principal, Financial Service Consulting for EPAM

The largest banks have increased reserves for protection against deteriorating economic conditions. Should banks delay their digital transformation investments and focus on cost reductions? In this webinar, Alex Jiménez will walk us through that question and examine the prudent course of action.

article thumbnail

Experian Glitch Exposing Credit Files Lasted 47 Days

Krebs on Security

On Dec.

Security 286
article thumbnail

FIRESIDE CHAT: Can ‘MLSecOps’ do for MLOps, what DevSecOps is doing for DevOps?

The Last Watchdog

Massively interconnected digital services could someday soon save the planet and improve the lives of one and all. Related: Focusing on security leading indicators But first, enterprises and small businesses, alike, must come to grips with software vulnerabilities that are cropping up – and being exploited – at a blistering pace. Innovative vulnerability management solutions are taking shape to meet this challenge.

Security 173
article thumbnail

Critical RCE Lexmark Printer Bug Has Public Exploit

Dark Reading

A nasty SSRF bug in Web Services plagues a laundry list of enterprise printers

144
144
article thumbnail

OpenText Welcomes Micro Focus Customers, Partners and Employees

OpenText Information Management

OpenText has completed the acquisition of Micro Focus and I am delighted to welcome customers, partners and employees to OpenText. We are the platform of platforms for Information Management.

article thumbnail

Intent Signal Data 101

Intent signal data helps B2B marketers engage with buyers sooner in the sales cycle. But there are many confusing terms used to describe intent data. Read this infographic to better understand three common areas of confusion.

article thumbnail

Blank-Image Attacks Impersonate DocuSign

KnowBe4

An unusual phishing technique has surfaced this week. Avanan, a Check Point Software company, released a blog Thursday morning detailing a new attack in which hackers hide malicious content inside a blank image within an HTML attachment in phishing emails claiming to be from DocuSign.

Phishing 132
article thumbnail

Why Do Ransomware Victims Pay for Data Deletion Guarantees?

Data Breach Today

Paying for Promises That Can't Be Audited Paints a Repeat-Attack Target on Victims Many ransomware-wielding attackers are expert at preying on their victims' compulsion to clean up the mess.

article thumbnail

Microsoft Patch Tuesday, January 2023 Edition

Krebs on Security

Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S.

article thumbnail

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

The Last Watchdog

In golf there’s a popular saying: play the course, not your opponent. Related: How ‘CAASM’ closes gaps. In an enterprise, it’s the same rule. All areas of an organization need to be free to “play their own game.”. And when malware, ransomware, or other cyber threats get in the way, the focus shifts from forward progress to focused co-operation. A security strategy should clear obstacles and enable every part of a business operation to run smoothly.

Risk 173
article thumbnail

The Anti-Money Laundering Act of 2020: Initial Catalysts, Current Implications, and Future Impacts

Speaker: Elizabeth "Paige" Baumann, Founder and CEO of Paige Baumann Advisory, LLC

In this session, Elizabeth “Paige” Baumann will cover the Anti-Money Laundering Act of 2020, which also includes the Corporate Transparency Act. She'll take a deep dive into the catalysts that brought on the act, the current implications of the act, and what impacts the act has on the future of banking and finance.

article thumbnail

7 Insights From a Ransomware Negotiator

Dark Reading

The rapid maturation and rebranding of ransomware groups calls for relentless preparation and flexibility in response, according to one view from the trenches

article thumbnail

The FBI Identified a Tor User

Schneier on Security

No details , though: According to the complaint against him, Al-Azhari allegedly visited a dark web site that hosts “unofficial propaganda and photographs related to ISIS” multiple times on May 14, 2019.

Military 132
article thumbnail

ChatGPT’s Dark Side: An Endless Supply of Polymorphic Malware

eSecurity Planet

CyberArk researchers are warning that OpenAI’s popular new AI tool ChatGPT can be used to create polymorphic malware.

IT 131
article thumbnail

Patched Chromium Vulnerability Allowed File Theft

Data Breach Today

Bug Exploited Symbolic Links to Find a File Path to Sensitive Data A high-severity vulnerability patched by Google Chrome a few months ago allowed hackers to steal sensitive files such as crypto wallets.

article thumbnail

Aggregage Intent Signal Service

Aggregage Intent Signal Service helps your sales team reach more active buyers sooner. You’ll get names and contact information of specific in-market buyers plus all companies and job titles signaling intent for your product or service. Get the overview to learn more!

article thumbnail

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

Denis Emelyantsev , a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week.

IoT 219
article thumbnail

GUEST ESSAY: These common myths and misconceptions make online browsing very risky

The Last Watchdog

For the average user, the Internet is an increasingly dangerous place to navigate. Related: Third-party snooping is widespread. Consider that any given website experiences approximately 94 malicious attacks a day , and that an estimated 12.8 million websites are infected with malware. So, in response to these numbers, users are seeking ways to implement a more secure approach to web browsing.

Analytics 169
article thumbnail

EmojiDeploy Attack Chain Targets Misconfigured Azure Service

Dark Reading

Multiple misconfigurations in a service that underpins many Azure features could have allowed an attacker to remotely compromise a cloud user's system

Cloud 145