The Last Watchdog

SEPTEMBER 14, 2023

In today’s digital age, trust has become a cornerstone of building a better Internet. Preserving privacy for a greater good The Internet was designed as a platform for peer research, not for the vast scale and diverse uses we see today. Over the decades, it’s grown in a way that has left it with many inherent vulnerabilities. These vulnerabilities, not borne out of malice, were the result of choices made with limited information available at the time.

Mining 291

Mining Communications Privacy Risk 291

Data Breach Today

SEPTEMBER 13, 2023

Alphv/BlackCat Group Reportedly Hit Casino Operator via Social Engineering Attack Booking and reservation systems, as well as slot machines, hotel room door locks, ATMs and more remain offline at multiple MGM Resorts properties as the publicly traded casino hotel giant battles "a cybersecurity issue" that one group of security researchers has tied to a ransomware group attack.

Ransomware 327

Ransomware Cybersecurity Security 327

Krebs on Security

SEPTEMBER 13, 2023

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “ USDoD ” had infiltrated the FBI ‘s vetted information sharing network InfraGard , and was selling the contact information for all 80,000 members. The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold.

Passwords 289

Passwords Authentication Sales Data breaches 289

AIIM

SEPTEMBER 12, 2023

Navy Petty Officer1st Class Rholanda Tucker, assigned to the "Blacklions" of Strike Fighter Squadron 213, conducts routine maintenance on a 20mm gun from an F/A-18F Super Hornet in the hangar bay of the aircraft carrier USS Gerald R. Ford in the Adriatic Sea, July 16, 2023. The Gerald R. Ford Carrier Strike Group is on a scheduled deployment in the U.S.

Information governance 156

Information governance Government 156

Advertisement

With its unparalleled flexibility, rapid development and cost-saving capabilities, open source is proving time and again that it’s the leader in data management. But as the growth in open source adoption increases, so does the complexity of your data infrastructure. In this Analyst Brief developed with IDC, discover how and why the best solution to this complexity is a managed service, including: Streamlined compliance with some of the most complex regulatory guidelines Simplified operations, li

Compliance

The Last Watchdog

SEPTEMBER 13, 2023

From Kickstarter to Wikipedia, crowdsourcing has become a part of everyday life. Sharing intel for a greater good Now one distinctive type of crowdsourcing — ethical hacking – is positioned to become a much more impactful component of securing modern networks. I had a terrific discussion about this at Black Hat USA 2023 with Casey Ellis, founder and CTO of Bugcrowd , a pioneer in the crowdsourced security market.

Security 229

Security Risk Marketing IT 229

Krebs on Security

SEPTEMBER 12, 2023

Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe , Google Chrome and Apple iOS users may have their own zero-day patching to do. On Sept. 7, researchers at Citizen Lab warned they were seeing active exploitation of a “zero-click,” zero-day flaw to install spyware on iOS devices without any interaction from the victim. 

Authentication 241

Authentication Passwords Access Privacy 241

Dark Reading

SEPTEMBER 15, 2023

ALPHV/BlackCat ransomware operators have used their leak site to "set the record straight" about the MGM Resorts cyberattack. Meanwhile, more attacks abusing Okta could be likely.

Ransomware 140

Ransomware 140

The Last Watchdog

SEPTEMBER 11, 2023

In an era of global economic uncertainty, fraud levels tend to surge, bringing to light the critical issue of intellectual property (IP) theft. Related: Neutralizing insider threats This pervasive problem extends beyond traditional notions of fraud, encompassing both insider threats and external risks arising from partnerships, competitors, and poor IP management.

MDM 204

MDM Analytics Risk Access 204

Data Breach Today

SEPTEMBER 13, 2023

Defense Department Will Conduct Defensive Ops on Internal Network, Invest in People The Defense Department's updated cyber strategy calls for disrupting malicious actors and boosting the cyber capabilities of U.S. allies to take on Chinese threats to critical infrastructure. Defense officials also plan to conduct defensive operations to protect the department's information network.

307

307

Advertisement

The complexity of financial data, the need for real-time insight, and the demand for user-friendly visualizations can seem daunting when it comes to analytics - but there is an easier way. With Logi Symphony, we aim to turn these challenges into opportunities. Our platform empowers you to seamlessly integrate advanced data analytics, generative AI, data visualization, and pixel-perfect reporting into your applications, transforming raw data into actionable insights.

Analytics

WIRED Threat Level

SEPTEMBER 12, 2023

Signs suggest the culprits worked within a notorious Chinese hacker group that may have also hacked Indian electric utilities years earlier.

Security 145

Security 145

Security Affairs

SEPTEMBER 11, 2023

Zscaler ThreatLabz detailed a new malware loader, named HijackLoader, which has grown in popularity over the past few months HijackLoader is a loader that is gaining popularity among the cybercriminal community. The malware is not sophisticated, however, unlike other loaders, it has a modular structure that allows supporting code injection and execution.

Security 127

Security Access IT Information Security 127

Schneier on Security

SEPTEMBER 11, 2023

The robot revolution began long ago, and so did the killing. One day in 1979, a robot at a Ford Motor Company casting plant malfunctioned—human workers determined that it was not going fast enough. And so twenty-five-year-old Robert Williams was asked to climb into a storage rack to help move things along. The one-ton robot continued to work silently, smashing into Williams’s head and instantly killing him.

Artificial Intelligence 125

Artificial Intelligence Risk Government IT 125

Data Breach Today

SEPTEMBER 15, 2023

MGM Resorts Continuing to Be Extorted by the Same Alphv/BlackCat Ransomware Group Casino and hotel giant Caesars Entertainment is warning customers that their personal details were stolen in a recent hack attack. After successfully shaking down Caesars for a ransom, the same attackers are continuing to extort MGM Resorts, claiming to have crypto-locked its EXSi hypervisors.

Ransomware 303

Ransomware Data breaches IT 303

Advertisement

Adding high-quality entity resolution capabilities to enterprise applications, services, data fabrics or data pipelines can be daunting and expensive. Organizations often invest millions of dollars and years of effort to achieve subpar results. This guide will walk you through the requirements and challenges of implementing entity resolution. By the end, you'll understand what to look for, the most common mistakes and pitfalls to avoid, and your options.

IT

Dark Reading

SEPTEMBER 14, 2023

The ransomware group is a collection of young adults who also recently breached Caesars Entertainment and made a ransom score in the tens of millions.

Ransomware 136

Ransomware 136

WIRED Threat Level

SEPTEMBER 11, 2023

State and local governments in the US are scrambling to harness tools like ChatGPT to unburden their bureaucracies, rushing to write their own rules—and avoid generative AI's many pitfalls.

Government 124

Government Artificial Intelligence Privacy Security 124

The Last Watchdog

SEPTEMBER 11, 2023

San Francisco, Calif. — Traceable AI, the industry’s leading API security company, today released its comprehensive research report – the 2023 State of API Security: A Global Study on the Reality of API Risk. Despite APIs being critical to the modern enterprise, until now, there has not been an extensive, global study offering a panoramic view of the API security landscape.

Data breaches 100

Data breaches Risk Cybersecurity Security 100

Data Breach Today

SEPTEMBER 12, 2023

Hackers Likely Exploited ProxyLogon to Gain Access, Says Eset Hackers aligned with the Iranian state are targeting vulnerable Microsoft Exchange Servers to deploy a new malware backdoor that has already victimized over two dozen Israeli organizations as part of an ongoing espionage campaign. Hackers' initial access point into systems likely was ProxyLogon.

Access 295

Access 295

Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage

Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, VP of Engineering at Betterworks, will explore a practical framework to transform Generative AI pr

Artificial Intelligence

Security Affairs

SEPTEMBER 10, 2023

Rhysida Ransomware group added three more US hospitals to the list of victims on its Tor leak site after the PROSPECT MEDICAL attack. Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization. In early August, a cyberattack disrupted the computer systems of multiple hospitals operated by Prospect Medical Holdings , which are located in multiple states, including California, Tex

Ransomware 123

Ransomware Paper Cybersecurity IT 123

Schneier on Security

SEPTEMBER 14, 2023

Google removed fake Signal and Telegram apps from its Play store. An app with the name Signal Plus Messenger was available on Play for nine months and had been downloaded from Play roughly 100 times before Google took it down last April after being tipped off by security firm ESET. It was also available in the Samsung app store and on signalplus[.]org, a dedicated website mimicking the official Signal.org.

IT 121

IT Security 121

KnowBe4

SEPTEMBER 12, 2023

In the movie, "Willy Wonka and the Chocolate Factory," kids unwrap chocolate bars in hopes of winning a golden ticket, giving the holder an inside tour of the sugar factory. The W3LL store is selling advanced phishing kits – a golden ticket for hacking Microsoft 365 accounts -- that can bypass multi-factor authentication (MFA) no less.

Phishing 120

Phishing Sales Authentication 120

Data Breach Today

SEPTEMBER 14, 2023

China Cites Apple Security Flaws in Warning to Foreign Mobile Device Manufacturers China hasn't ordered any restrictions on the use of Apple iPhones by government agencies, according to a Chinese government spokesperson, but the official cited recent security flaws in the iPhone and warned that foreign mobile device manufacturers must abide by domestic information security laws.

Government 293

Government Manufacturing Information Security Security 293

Advertisement

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

Paper

Security Affairs

SEPTEMBER 10, 2023

Akamai announced it has mitigated the largest distributed denial-of-service (DDoS) attack on a U.S. financial company. Cybersecurity firm Akamai successfully identified and prevented a massive distributed denial-of-service (DDoS) attack targeting an unnamed, leading American financial institution. The attack took place last week and the malicious traffic peaked at 633.7 gigabits per second.

Financial Services 121

Financial Services Ransomware Cybersecurity IT 121

Schneier on Security

SEPTEMBER 13, 2023

Make sure you update your iPhones : Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group’s Pegasus commercial spyware onto fully patched iPhones. The two bugs, tracked as CVE-2023-41064 and CVE-2023-41061 , allowed the attackers to infect a fully-patched iPhone running iOS 16.6 and belonging to a Washington DC-based civil society organization via PassKit attachment

Security 121

Security 121

KnowBe4

SEPTEMBER 12, 2023

Phishing attacks have always been detected through broken English, but now generative artificial intelligence (AI) tools are eliminating all those red flags. OpenAI ChatGPT, for instance, can fix spelling mistakes, odd grammar, and other errors that are common in phishing emails.

Artificial Intelligence 119

Artificial Intelligence Phishing 119

Data Breach Today

SEPTEMBER 13, 2023

EU Will Grant AI Startups Access to Supercomputers, Commission President Says The European Union will open up supercomputers to artificial intelligence startups in a bid to boost innovation inside the trading bloc, European Commission President Ursula von der Leyen said Wednesday. She said Europe has a "narrowing window of opportunity" to guide responsible innovation.

Artificial Intelligence 292

Artificial Intelligence Access 292

Advertisement

In the fast-moving manufacturing sector, delivering mission-critical data insights to empower your end users or customers can be a challenge. Traditional BI tools can be cumbersome and difficult to integrate - but it doesn't have to be this way. Logi Symphony offers a powerful and user-friendly solution, allowing you to seamlessly embed self-service analytics, generative AI, data visualization, and pixel-perfect reporting directly into your applications.

Analytics

Security Affairs

SEPTEMBER 10, 2023

Evil Telegram: a Trojanized version of the Telegram app was spotted on the Google Play Store, Kaspersky researchers reported. Researchers from Kaspersky discovered several Telegram mods on the Google Play Store that contained spyware, the campaign was tracked as Evil Telegram. One of the apps was downloaded more than ten million times before it was removed from Google Play.

File names 120

File names Personal data Encryption Security 120

Schneier on Security

SEPTEMBER 12, 2023

A new Mozilla Foundation report concludes that cars, all of them, have terrible data privacy. All 25 car brands we researched earned our *Privacy Not Included warning label—making cars the official worst category of products for privacy that we have ever reviewed. There’s a lot of details in the report. They’re all bad. BoingBoing post.

Data Privacy 120

Data Privacy Privacy 120

KnowBe4

SEPTEMBER 14, 2023

Four days later, $52 million in lost revenues and counting, a cyber attack on MGM Resorts International, a $14 billion Las Vegas gaming empire with Hollywood-famous hotel spreads like the Bellagio, Cosmopolitan, E xcalibur, Luxor, and the MGM Grand itself, had the house brought down by a perfect example of vishing …a 10-minute phone call.

Ransomware 116

Ransomware IT 116