Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The international police organization INTERPOL said last week it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it simple for even complete novices to conduct complex and convincing phishing scams.

Phishing 185

Phishing Passwords Data breaches Security 185

Data Breach Today

AUGUST 17, 2023

Nation-States Running Information Operations Embrace AI-Generated Images and Video Hackers wielding generative artificial intelligence tools have yet to pose a serious cybersecurity risk, say researchers at Google's threat intelligence group Mandiant, as they sound the alarm instead about a rise in information operations featuring AI-generated fake images and video.

Artificial Intelligence 245

Artificial Intelligence Cybersecurity Risk 245

The Last Watchdog

AUGUST 13, 2023

LAS VEGAS – Just when we appeared to be on the verge of materially shrinking the attack surface, along comes an unpredictable, potentially explosive wild card: generative AI. Related: Can ‘CNAPP’ do it all? Unsurprisingly, generative AI was in the spotlight at Black Hat USA 2023 , which returned to its full pre-Covid grandeur here last week.

Security 232

Security Cybersecurity Cloud Artificial Intelligence 232

AIIM

AUGUST 15, 2023

"With great power comes great responsibility" is an adage that Stan Lee’s Spider-Man popularized in popular comics, films, and other media. In Information Management today, there is great power in systems that leverage Artificial Intelligence for quickly making decisions and processing massive volumes of information. As information managers, we have a responsibility to understand that these systems have a potential for bias and how to identify and mitigate risks associated with producing reliabl

Artificial Intelligence 104

Artificial Intelligence Risk 104

Speaker: Diane Magers, Founder and Chief Experience Officer at Experience Catalysts

In the world of business, connecting the dots from experience to financial impact is an essential skill. Transforming customer engagement, Voice of Customer (VoC) insights, and Journey Maps into tangible financial outcomes poses a significant challenge for most organizations. To gain buy-in from the C-Suite and key stakeholders, it’s crucial to illustrate how Experience Management translates into clear, measurable business results.

Customer Experience

Krebs on Security

AUGUST 14, 2023

John Clifton Davies , a convicted fraudster estimated to have bilked dozens of technology startups out of more than $30 million through phony investment schemes, has a brand new pair of scam companies that are busy dashing startup dreams: A fake investment firm called Equity-Invest[.]ch , and Diligere[.]co.uk , a scam due diligence company that Equity-Invest insists all investment partners use.

Cloud 160

Cloud IT 160

The Last Watchdog

AUGUST 15, 2023

Social media giants have long held too much power over our digital identities. Related: Google, Facebook promote third-party snooping Today, no one is immune to these giants’ vicious cycle of collecting personal data, selling it to advertisers, and manipulating users with data metrics. By making people feel like mere products- this exploitative digital environment further encourages a bubble of distrust amongst social media users.

Privacy 203

Privacy Encryption Personal data Metadata 203

Jamf

AUGUST 18, 2023

Is your Small or Medium-sized Business (SMB) protected against cyber threats? Safeguard your organization's sensitive data and assets with Jamf Now. Read now and enhance your SMB's cybersecurity posture.

Security 98

Security Cybersecurity 98

OpenText Information Management

AUGUST 16, 2023

In our discussions with customers and countless surveys, cybersecurity and sensitive data protection are always top-ranking issues. IT now has available some of the most advanced cybersecurity innovations in its arsenal than ever before, with excellent authentication and real-time threat detection. While these tools are critical to secure IT infrastructure, many organizations still struggle with … The post 5 steps to strengthen critical information protection appeared first on OpenText Blo

Cybersecurity 98

Cybersecurity Authentication Security Content services 98

Data Breach Today

AUGUST 18, 2023

In this episode of CyberEd.io's podcast series "Cybersecurity Insights," Oliver Tavakoli, CTO at Vectra AI, discusses ways that discriminative AI technology can filter out all of the noise from the massive volume of alerts from a portfolio of cybersecurity tools.

Cybersecurity 246

Cybersecurity 246

Advertiser: ZoomInfo

Marketing technology is essential for B2B marketers to stay competitive in a rapidly changing digital landscape — and with 53% of marketers experiencing legacy technology issues and limitations, they’re researching innovations to expand and refine their technology stacks. To help practitioners keep up with the rapidly evolving martech landscape, this special report will discuss: How practitioners are integrating technologies and systems to encourage information-sharing between departments and pr

B2B

The Last Watchdog

AUGUST 17, 2023

Tel Aviv, Israel, Aug. 17, 2023 — Cynomi , the leading AI-powered virtual Chief Information Security Officer (vCISO) platform vendor for Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs) and consulting firms, has published the results of its first annual report, “ The State of the Virtual CISO 2023 ”. The report, conducted by Global Surveys on behalf of Cynomi, reveals critical insights into MSPs and MSSPs’ recent shift towards vCISO services.

Cybersecurity 130

Cybersecurity Security Compliance Information Security 130

Jamf

AUGUST 17, 2023

Jamf Threat Labs developed a post-exploit persistence technique on iOS 16 that falsely shows a functional Airplane Mode. In reality, after successful device exploit the attacker plants an artifical Airplane Mode that edits the UI to display Airplane Mode icons and cuts internet connection to all apps except the attacker application. This enables the attacker to maintain access to the device even when the user believes it is offline.

Access 98

Access IT 98

Security Affairs

AUGUST 17, 2023

Researchers discovered a massive campaign that delivered a proxy server application to at least 400,000 Windows systems. AT&T Alien Labs researchers uncovered a massive campaign that delivered a proxy server application to at least 400,000 Windows systems. The experts identified a company that is charging for proxy service on traffic that goes through infected machines.

Security 97

Security IT Information Security 97

Data Breach Today

AUGUST 18, 2023

Also: Highlights from BlackHat 2023; Latest Cybersecurity M&A Activity In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues including highlights of interviews at Black Hat 2023, lessons learned from the success of the Lapsus$ cybercrime group's attacks and why Check Point is buying startup Perimeter 81 for $490 million.

Cybersecurity 246

Cybersecurity Privacy 246

Advertisement

Embedding dashboards, reports and analytics in your application presents unique opportunities and poses unique challenges. We interviewed 16 experts across business intelligence, UI/UX, security and more to find out what it takes to build an application with analytics at its core. No matter where you are in your analytics journey, you will learn about emerging trends and gather best practices from product experts.

Analytics

CILIP

AUGUST 15, 2023

New approaches to leadership and combatting imposter syndrome at CILIP conference 2023 Leadership was the main theme of CILIP Conference 2023, and for an academic librarian and recently-joined CILIP member, the programme of keynotes and seminars that covered topics from imposter syndrome to rethinking leadership was welcoming and insightful. At conferences, it can often feel like there is an over-abundance of new information and people, that can lead to feelings of low-confidence and helplessnes

Libraries 97

Libraries IT 97

KnowBe4

AUGUST 15, 2023

Get the resources you need to help keep your users safe from malicious social engineering attacks during this year's Cybersecurity Awareness Month with our free resource kit.

Cybersecurity 97

Cybersecurity 97

Security Affairs

AUGUST 18, 2023

A flaw impacting the file archiver utility for Windows WinRAR can allow the execution of commands on a computer by opening an archive. WinRAR is a popular file compression and archival utility for Windows operating systems. The utility is affected by a now-fixed high-severity vulnerability, tracked as CVE-2023-40477 (CVSS score 7.8), that can allow remote execution of arbitrary code on a computer by opening a crafted RAR archive.

Archiving 96

Archiving Security Access Information Security 96

Data Breach Today

AUGUST 18, 2023

Version Uses Open-Source Communication Framework Tool for Lateral Movement Microsoft identified a new variant of BlackCat ransomware malware that uses an open-source communication framework tool to facilitate lateral movement. BlackCat, also known as Alphv, is a Russian-speaking criminal group suspected of being a successor to DarkSide and BlackMatter.

Ransomware 244

Ransomware Communications 244

Advertisement

How do 1st, 2nd, and 3rd party intent data compare? 1st, 2nd, and 3rd party data each have specific advantages and disadvantages. It comes down to four factors: accuracy, cost, control and quantity. This infographic explains the pros and cons of each and helps you understand which one is best for meeting your business objectives. Intent data can be a great way to fill your pipeline and close more deals.

IT

Dark Reading

AUGUST 14, 2023

Adopting these recommendations will help SMBs and public-sector agencies that must deal with the same questions of network security and data safety as their larger cousins, but without the same resources.

Government 97

Government Security 97

Schneier on Security

AUGUST 15, 2023

This is why we need regulation: Zoom updated its Terms of Service in March, spelling out that the company reserves the right to train AI on user data with no mention of a way to opt out. On Monday, the company said in a blog post that there’s no need to worry about that. Zoom execs swear the company won’t actually train its AI on your video calls without permission, even though the Terms of Service still say it can.

IT 94

IT Artificial Intelligence Privacy 94

Security Affairs

AUGUST 15, 2023

Researchers found several flaws in the ScrutisWeb ATM fleet monitoring software that can expose ATMs to hack. Researchers from the Synack Red Team found multi flaws ( CVE-2023-33871, CVE-2023-38257, CVE-2023-35763 and CVE-2023-35189 ) in the ScrutisWeb ATM fleet monitoring software that can be exploited to remotely hack ATMs. ScrutisWeb software is developed by Lagona, it allows to remotely manage ATMs fleets.

Encryption 97

Encryption Cybersecurity Security Access 97

Data Breach Today

AUGUST 18, 2023

DPRK Hackers Likely Won't Match 2022 Record But Remain Formidable Thieves North Korea is on track to have a middling year of cryptocurrency theft despite Pyongyang's constant demand for ready cash. Hackers deployed by the totalitarian regime have stolen $200 million in cryptocurrency this year, far less than the country's banner year of cryptocurrency theft in 2022.

245

245

Speaker: Shawn Phillips, CCXP, Head of Growth and Innovation

A one-size-fits-all approach is a great approach – if it’s 2010. With the growth of AI, customers expect – and often demand – a customer journey based on their unique needs and history with your brand. Advanced platforms enable you to move beyond simple personalization or mass customization to create truly unique customer journeys that optimize outcomes for both your customers and your brand.

KnowBe4

AUGUST 14, 2023

We previously reported independently on PDF-based phishing attacks skyrocketing and the rise of SEO attacks. A recent research study found that the combination of both is quite common. Most worryingly, PDF-based SEO attacks are poorly detected by common defense mechanisms such as blocklists, ad blockers or even crowdsourced antivirus services VirusTotal.

Phishing 94

Phishing 94

Dark Reading

AUGUST 17, 2023

A Biden administration adviser puts federal departments and agencies on notice to come into full compliance with presidential guidelines by the end of the year.

Compliance 97

Compliance 97

Security Affairs

AUGUST 18, 2023

Experts warn of an ongoing campaign attributed to China-linked Bronze Starlight that is targeting the Southeast Asian gambling sector. SentinelOne observed China-linked APT group Bronze Starlight (aka APT10 , Emperor Dragonfly or Storm-0401) targeting the gambling sector within Southeast Asia. The malware and infrastructure employed in the campaign are linked to the ones observed in Operation ChattyGoblin attributed by the security firm ESET to China-linked threat actors.

Encryption 94

Encryption Archiving File names Ransomware 94

Data Breach Today

AUGUST 17, 2023

WormGPT, DarkGPT and Their Ilk Underdelivered - or Were Scams, Researchers Report Various "dark" generative artificial intelligence tools purportedly help criminals more quickly amass victims. Guess what? They've all gone bust, if they weren't simply outright scams - in part because legitimate tools can be "jailbroken" to achieve similar results. What are they really achieving?

Artificial Intelligence 246

Artificial Intelligence 246

Advertiser: ZoomInfo

In times of economic uncertainty, account-based strategies are essential. According to several business analysts and practitioners, ABM is a necessity for creating more predictable revenue. Research shows that nearly three-quarters of marketers (74%) already have the resources needed to build successful ABM programs.

Marketing

KnowBe4

AUGUST 14, 2023

For the fourth consecutive year, we received a Tech Cares Award from TrustRadius! This fourth annual award celebrates companies that have gone above and beyond to provide strong Corporate Social Responsibility (CSR).

Security awareness 94

Security awareness Security 94

IBM Big Data Hub

AUGUST 17, 2023

As the tournament’s official digital innovation partner, IBM has helped the US Open attract and engage viewers for more than three decades. Year after year, IBM Consulting works with the United States Tennis Association (USTA) to transform massive amounts of data into meaningful insight for tennis fans. This year, the USTA is using watsonx , IBM’s new AI and data platform for business.

Unstructured data 91

Unstructured data Metadata Government IT 91

Security Affairs

AUGUST 15, 2023

Monti Ransomware operators returned, after a two-month pause, with a new Linux variant of their encryptor. The Monti ransomware operators returned, after a two-month break, with a new Linux version of the encryptor. The variant was employed in attacks aimed at organizations in government and legal sectors. The Monti group has been active since June 2022, shortly after the Conti ransomware gang shut down its operations.

Ransomware 95

Ransomware Encryption Security Government 95