WIRED Threat Level

MAY 2, 2023

The attackers were in thousands of corporate and government networks. They might still be there now. Behind the scenes of the SolarWinds investigation.

Government 139

Government Security 139

Dark Reading

MAY 3, 2023

Malicious packages are hard to avoid and hard to detect — unless you know what to look for.

144

144

The Last Watchdog

MAY 2, 2023

The rising complexity and prevalence of cybersecurity threats are making experts anxious. Related: Training employees to mitigate phishing It pressures working analysts to perform 24 hours’ worth of work in an 8-hour day. Automation could alleviate the burden on IT teams and cybersecurity professionals by shouldering some monotonous, time-consuming tasks.

Cybersecurity 159

Cybersecurity Phishing Security Risk 159

Data Breach Today

MAY 3, 2023

Ukraine Links Attacks to Russian Intelligence Sandworm Hackers Ukrainian cyber defenders say they spotted a malicious script used to activate the delete option on a Windows file archiving utility likely planted by the Russian intelligence agency unit Sandworm. CERT-UA says attackers likely used a compromised VPN credential to gain access.

Archiving 269

Archiving Access 269

Advertisement

At the beginning of 2023, concern grew over pixels and trackers, which load into the browser as a part of the software supply chain, being used by data harvesting platforms to collect user data. The data is then transferred to the servers of the companies owning the pixels/trackers as a part of their advertising and marketing business. Aggressive data harvesting practices increase the likelihood and/or actual transfer of sensitive data, which may cause unintended consequences, including expensiv

Security

Dark Reading

MAY 4, 2023

Courts closed, but police, fire rescues unaffected following ransomware attack.

Ransomware 145

Ransomware 145

The Last Watchdog

APRIL 30, 2023

The theme of RSA Conference 2023 — ‘stronger together’ — was certainly well chosen. Related: Demystifying ‘DSPM’ This was my nineteenth RSAC. I attended my first one in 2004, while covering Microsoft for USA TODAY. It certainly was terrific to see the cybersecurity industry’s premier trade event fully restored to its pre-Covid grandeur at San Francisco’s Moscone Center last week.

Authentication 192

Authentication Cybersecurity Security Cloud 192

Data Breach Today

MAY 5, 2023

Hackers Treasure Crypto's Anonymity, Cybercrime Defenders its Traceability Ransomware hackers' favorite currency is cryptocurrency. Digital assets transfer millions of dollars each year from victims to cybercriminals. But that dependency is also an opportunity for law enforcement to hit ransomware hackers in their most vulnerable spot.

Ransomware 287

Ransomware IT 287

Dark Reading

MAY 2, 2023

The cyberattack campaign, similar to one to spread the Rhadamanthys Stealer, is part of a larger trend by attackers to use malvertising as initial access for ransomware and other threat activity.

Ransomware 136

Ransomware Access 136

Krebs on Security

MAY 4, 2023

The U.S. government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check , one of the cybercrime underground’s most trusted services for checking the validity of stolen credit card data. U.S. authorities say 43-year-old Denis Kulkov ‘s card-checking service made him at least $18 million, which he used to buy a Ferrari, Land Rover, and other luxury items.

Passwords 238

Passwords Government Ransomware Military 238

Advertisement

Case studies are proof of successful client relations and a verifiable product or service. They persuade buyers by highlighting your customers' experiences with your company and its solution. In sales, case studies are crucial pieces of content that can be tailored to prospects' pain points and used throughout the buyer's journey. In marketing, case studies are versatile assets for generating business, providing reusable elements for ad and social media content, website material, and marketing c

Sales

KnowBe4

MAY 2, 2023

Compromised websites (legitimate sites that have been successfully compromised to support social engineering) are serving visitors fake Google Chrome update error messages.

Security awareness 110

Security awareness Security 110

Data Breach Today

MAY 2, 2023

Use Cases: Cybersecurity Offense, Defense and Safeguarding AI Itself, Experts Say Pre-RSA social media gaming predicted it. Many predicted they would loath it. And it happened: Discussions at this year's RSA conference again and again came back to generative artificial intelligence - but with a twist. Even some of the skeptics professed their conversion to the temple of AI.

Artificial Intelligence 275

Artificial Intelligence Cybersecurity IT 275

Dark Reading

MAY 5, 2023

Users can check for the updated firmware version of their wireless headphones in the Bluetooth settings of their iPhone, iPad, or Mac devices.

145

145

IBM Big Data Hub

MAY 2, 2023

The introduction of generative AI systems into the public domain exposed people all over the world to new technological possibilities, implications, and even consequences many had yet to consider. Thanks to systems like ChatGPT, just about anyone can now use advanced AI models that are not only capable of detecting patterns, honing data, and making recommendations as earlier versions of AI would, but also moving beyond that to create new content, develop original chat responses, and more.

Privacy 108

Privacy Government Risk Artificial Intelligence 108

Advertisement

Unleash the power of NoSQL with "Apache Cassandra® NoSQL for the Relational DBA." Learn from Lewis DiFelice, an experienced Professional Services Consultant at Instaclustr, as he shares his journey transitioning from SQL to managing a 40-node Cassandra cluster. Gain insights into Cassandra's architecture, configuration strategies, and best practices.

National Archives Records Express

MAY 4, 2023

Today, we published new federal regulations with standards for digitizing permanent federal records. The regulations are in 36 CFR 1236, Subpart E. These regulations will go into effect on June 5, 2023. The regulations establish standards for digitizing permanent paper records and photographic prints. They do not contain standards for digitizing film records at this time.

Paper 105

Paper Records Management 105

Data Breach Today

MAY 5, 2023

Cyber Solidarity Act Seeks to Improve EU Responses to Cyber Incidents The European Commission is proposing to spend more than 1 billion euros on cybersecurity operations centers amid long-standing worries that cyberthreats against the members of the continental alliance go undetected, concerns made more urgent by Russia's invasion of Ukraine.

Cybersecurity 182

Cybersecurity 182

Dark Reading

MAY 3, 2023

The company has removed three APTs and six potentially criminal networks from its platforms who leveraged elaborate campaigns of fake personas and profiles to lure and compromise users.

IT 131

IT 131

Schneier on Security

MAY 2, 2023

NIST has release a draft of Special Publication1800-38A: Migration to Post-Quantum Cryptography: Preparation for Considering the Implementation and Adoption of Quantum Safe Cryptography.” It’s only four pages long, and it doesn’t have a lot of detail—more “volumes” are coming, with more information—but it’s well worth reading.

IT 105

IT 105

As a business leader, you know it's important to update your apps, but it can be tough to figure out the best approach. This whitepaper helps you in upgrading your current applications using modernization strategies without any business disruptions.

IT

KnowBe4

MAY 2, 2023

Bloomberg's Brad Stone wrote an op-ed covering this topic. In the past month, a chatbot called " My AI " or "Sage" has appeared as a new friend for several hundred million Snapchat users. The chatbot utilizes OpenAI's advanced artificial intelligence tool, ChatGPT. It has shown up unexpectedly at the top of many users' friend lists on the messaging app, which is considered prime app real estate.

Artificial Intelligence 104

Artificial Intelligence IT 104

Data Breach Today

MAY 4, 2023

Also: T-Mobile, an Italian Water System, a German IT Provider, a macOS Info Stealer In the days between April 27 and May 4, the spotlight was on: a Royal ransomware attack on Dallas, Telecom giant T-Mobile's second breach in 2023, a ransomware attack disrupting water services in half a dozen southern Italian towns, a German IT services provider and the Atomic macOS Stealer.

Ransomware 173

Ransomware IT 173

Dark Reading

MAY 4, 2023

Google's new program aims to offer accessible training to fill 750K open cybersecurity jobs with diverse array of talent.

Cybersecurity 143

Cybersecurity Access 143

WIRED Threat Level

MAY 3, 2023

The tech industry’s transition to passkeys gets its first massive boost with the launch of the alternative login scheme for Google’s billions of users.

Passwords 110

Passwords IT Privacy Security 110

Advertisement

Getting off of Hadoop is a critical objective for organizations, with data executives well aware of the significant benefits of doing so. The problem is, there are few options available that minimize the risk to the business during the migration process and that’s one of the reasons why many organizations are still using Hadoop today. By migrating to the data lakehouse, you can get immediate benefits from day one using Dremio’s phased migration approach.

Risk

IBM Big Data Hub

MAY 1, 2023

The last few years—even the last few months—have seen artificial intelligence (AI) breakthroughs come at a dizzying pace. AI that can generate paragraphs of text as well as a human, create realistic imagery and video from text, or perform hundreds of different tasks has captured the public’s attention. People see AI’s high level of performance, creative potential and, in some cases, the ability for anyone to use them with little to no technical expertise.

Artificial Intelligence 102

Artificial Intelligence Risk Privacy Paper 102

Data Breach Today

MAY 2, 2023

Nearly 300 Arrests Made in the US and Europe International law enforcement agencies arrested hundreds in what authorities say is the largest crackdown on illicit drugs over the dark web, also revealing that German law enforcement was behind the December 2021 disappearance of dark web drug marketplace Monopoly Market.

Marketing 173

Marketing 173

Dark Reading

MAY 2, 2023

Mandiant CEO Kevin Mandia explains why a recently revealed targeted attack by a cyber-espionage group out of China rivals the SolarWinds attack in its complexity, and weighs in on how defenders can best leverage generative AI.

IT 131

IT 131

WIRED Threat Level

APRIL 29, 2023

Maybe you don't want your phone number, email, home address, and other details out there for all the web to see. Here's how to make them vanish.

Privacy 116

Privacy Security 116

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

Risk

Security Affairs

MAY 2, 2023

FortiGuard Labs researchers observed a worrisome level of attacks attempting to exploit an authentication bypass vulnerability in TBK DVR devices. FortiGuard Labs researchers are warning of a spike in malicious attacks targeting TBK DVR devices. Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices.

Authentication 98

Authentication Security Cybersecurity Retail 98

Data Breach Today

MAY 5, 2023

Arrests Made and Computer Equipment Seized Ukrainian law enforcement dismantled more than half a dozen bot farms and a virtual private network infrastructure spreading disinformation and fake Russian propaganda. Ukrainian authorities have dismantled a string of botnet operations in December, September and August of 2022.

162

162

Dark Reading

MAY 4, 2023

Three vulnerabilities in the platform's API Management Service could allow access sensitive data, mount further attacks, and even hijack developer portals.

Cloud 129

Cloud Security Access 129