Sat.Dec 14, 2024 - Fri.Dec 20, 2024

article thumbnail

Wrestling with the Paper Mountain: A Real-World Information Challenge

AIIM

Discovering What We Actually Have At The Salvation Army Australia, we're facing what I call the "Paper Mountain" - we have this paper mountain, and we don't know what's in most of it. We don't know whether it helps us, whether it hurts us. We know it costs us money every year to store it, but we don't know what's in it.

Paper 161
article thumbnail

Critical Infrastructure Under Siege: 42% Spike in Ransomware Attacks on Utilities

KnowBe4

Ransomware attacks targeting utilities have surged by 42% over the past year, with spear phishing playing a major role in 81% of cases, according to a ReliaQuest study spanning November 2023 to October 2024.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

How Infoblox Streamlines Operations Across Hybrid Settings

Data Breach Today

Infoblox CEO Scott Harrell Pushes Unified Strategy Amid Hybrid Cloud Convergence Scott Harrell, CEO of Infoblox, explores the convergence of network operations, security operations and cloud operations to tackle hybrid infrastructure complexities. He introduces Universal DDI and emphasizes a shift toward proactive threat management to counter AI-driven malware.

Cloud 130
article thumbnail

How to Lose a Fortune with Just One Bad Click

Krebs on Security

Image: Shutterstock, iHaMoo. Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click “yes” to a Google prompt on his mobile device.

article thumbnail

5 Ways You Can Win Faster with Gen AI in Sales

Incorporating generative AI (gen AI) into your sales process can speed up your wins through improved efficiency, personalized customer interactions, and better informed decision- making. Gen AI is a game changer for busy salespeople and can reduce time-consuming tasks, such as customer research, note-taking, and writing emails, and provide insightful data analysis and recommendations.

article thumbnail

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

Continuing our look back at 2024, part two of Last Watchdogs year-ender roundtable turns its focus to emerging threats vs. evolving defense tactics. Part two of a four-part series The explosion of AI-driven phishing, insider threats, and business logic abuse has forced a shift toward more proactive, AI-enhanced defenses. The drivers are intensifying.

Security 264

More Trending

article thumbnail

Siemens Warns of a Critical Vulnerability in UMC

Data Breach Today

Heap Overflow Flaw Threatens Industrial Control Systems Globally Siemens issued a security advisory for a vulnerability affecting industrial control systems in its User Management Component that could enable attackers to execute arbitrary code. The heap-based buffer overflow flaw impacts products used in manufacturing and the energy sector.

article thumbnail

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix , a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey.

IT 204
article thumbnail

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

Today, part three of Last Watchdog s year-end roundtable zeroes in on the regulatory and compliance landscape. Part three of a four-part series In 2024, global pressure on companies to implement advanced data protection measures intensified, with new standards in encryption and software transparency raising the bar. From the push for quantum-resilient cryptography to Software Bill of Material (SBOM ) requirements aimed at bolstering supply chain security, this installment examines the regulatory

article thumbnail

Want to save your old computer? Try these 6 Linux distros

Collaboration 2.0

Here's how to save money, reduce e-waste, and extend the life of your old hardware at the same time.

130
130
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Crypto Roundup: LastPass Breach Linked to $5.4M Crypto Theft

Data Breach Today

Also, CoinLurker Malware Steals Data via Fake Updates Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, LastPass breach linked to $5.4M crypto theft, CoinLurker malware steals data via fake updates, cryptocurrency key to 27 million euro seizure and nearly 800 arrested in crypto-romance scam.

article thumbnail

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Security Affairs

Researchers warn of previously undetected surveillance spyware, named NoviSpy, that was found infecting a Serbian journalist’s phone. In February 2024, Serbian journalist Slavia Milanov was summoned to a police station after a routine traffic stop. After the police released him, Milanov noticed suspicious changes to his phone settings, such as disabled data and Wi-Fi.

article thumbnail

Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets

WIRED Threat Level

Digital license plates sold by Reviver, already legal to buy in some states and drive with nationwide, can be hacked by their owners to evade traffic regulations or even law enforcement surveillance.

Security 120
article thumbnail

7 Android widgets to make your phone or tablet more useful

Collaboration 2.0

If you like your Android home screen to give you quick access to information, services, and apps, you should consider adding a small collection of widgets.

Access 129
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

CISA: 2035 Quantum Encryption Deadline Still Achievable

Data Breach Today

CISA Says 2035 Quantum Deadline Remains Achievable Despite Recent Breakthroughs The federal governments 2035 mandate to adopt quantum-resistant encryption remains feasible despite technological advancements in quantum computing, a top official for the U.S. cyber defense agency told ISMG, but experts warn challenges such as bureaucratic delays and financial costs persist.

article thumbnail

The Mask APT is back after 10 years of silence

Security Affairs

Kaspersky researchers linked a new wave of cyber attacks to the cyber espionage group tracked as The Mask. Kaspersky researchers linked several targeted attacks to a cyber espionage group known as The Mask. The APT group targeted an organization in Latin America in 2019 and 2022. Threat actors accessed an MDaemon email server and used its WorldClient webmail component to maintain persistence within the compromised organization. “The persistence method used by the threat actor was based on

article thumbnail

Drug Dealers Have Moved Onto Social Media

WIRED Threat Level

The marketing of illegal drugs on open platforms is gaining prominence, authorities note, while the number of drug transactions on the darkweb has decreased in recent years.

Marketing 110
article thumbnail

No one wants another chatbot. This is the AI we actually need

Collaboration 2.0

Fundamental advancements are still needed to turn today's chatbots into something more -- something that can sense when we're stressed or overwhelmed, not just when we need another PDF summarized.

130
130
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Editors' Panel: Cybersecurity 2024 - Thanks for the Memories

Data Breach Today

Looking Back on the Ransomware Attacks, Resilience Lessons and Tech Trends In the latest weekly update, ISMG editors discussed defining cybersecurity moments of 2024, from the CrowdStrike outage and its implications for vendor resilience to ransomware's continued evolution, and the shifting dynamics in the tech industry affecting startups and M&A activity.

article thumbnail

Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach

Security Affairs

Meta has been fined 251M ($263M) for a 2018 data breach affecting millions in the EU, marking another penalty for violating privacy laws. The Irish Data Protection Commission (DPC) fined Meta 251 million ($263M) for a 2018 data breach impacting 29 million Facebook accounts. “The Irish Data Protection Commission (DPC) has today announced its final decisions following two inquiries into Meta Platforms Ireland Limited (MPIL).

article thumbnail

Intel Officials Warned Police That US Cities Aren’t Ready for Hostile Drones

WIRED Threat Level

In a previously unreported August memo, the Department of Homeland Security urged state and local police to conduct exercises to test their ability to respond to weaponized drones.

Security 104
article thumbnail

Windows 11 not running smoothly? 4 things I always check first

Collaboration 2.0

If you're having trouble with Windows 11, consult this short list of the four best things you can do to enhance your PC's performance.

124
124
article thumbnail

10 Ways to Leverage Buyer Signals and Drive Revenue

In today’s ultra-competitive markets, it’s no longer enough to wait for buyers to show obvious signs of interest. Instead, sales teams must be proactive, identifying and acting on nuanced buyer behaviors — often before prospects are fully ready to make a purchase. In this eBook from ZoomInfo & Sell Better, learn 10 actionable ways to use these buyer signals to transform your sales strategy and close deals faster.

article thumbnail

Alleged LockBit Coder Faces 41-Count Indictment in US

Data Breach Today

US Seeks Extradition of Dual Russian and Israeli Citizen Rostislav Panev from Israel A newly unsealed U.S. federal indictment against Rostislav Panev says the LockBit ransomware operation paid the Israeli national a $10,000 monthly salary for coding and consulting services. Federal prosecutors are seeking Panev's extradition from Israel following his August arrest.

article thumbnail

U.S. CISA adds BeyondTrust software flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection flaw, tracked as CVE-2024-12356 (CVSS score of 9.8) to its Known Exploited Vulnerabilities (KEV) catalog.

IT 112
article thumbnail

AI-Powered Investment Scams Surge: How 'Nomani' Steals Money and Data

KnowBe4

Cybersecurity researchers are warning about a new breed of investment scam that combines AI-powered video testimonials, social media malvertising, and phishing tactics to steal money and personal data.

Phishing 101
article thumbnail

The open-source tools that could disrupt the entire IT incident management market

Collaboration 2.0

Open-source tools like Grafana Labs and AI-driven AIOps are shaking up incident management, challenging PagerDuty and streamlining IT problem-solving and code fixes. Here's why it matters.

Marketing 124
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Federal Cyber Operations Would Downgrade Under Shutdown

Data Breach Today

Government Shutdown Could See Thousands of Federal Cyber Workers Furloughed A looming shutdown could sharply reduce the Cybersecurity and Infrastructure Security Agency's operations, furloughing two-thirds of its workforce and exposing critical federal networks to heightened cyber threats, especially as malicious actors target vulnerable systems during the holiday season.

article thumbnail

U.S. CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability CVE-2024-50623 (CVSS score 8.8),which impacts multiple Cleo products to its Known Exploited Vulnerabilities (KEV) catalog. “Cleo has identified an unrestricted file upload and download vulnerability (CVE-2024-50623) that could lead to remote code exe

IT 108
article thumbnail

This VPN Lets Anyone Use Your Internet Connection. What Could Go Wrong?

WIRED Threat Level

A free VPN app called Big Mama is selling access to peoples home internet networks. Kids are using it to cheat in a VR game while researchers warn of bigger security risks.

Risk 100