Krebs on Security

AUGUST 22, 2023

In large metropolitan areas, tourists are often easy to spot because they’re far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like data theft and ransomware, and that more organizations should set simple virtual tripwires that sound the alarm when authorized users and devices are spotted exhibiting this behavior.

Honeypots 180

Honeypots Ransomware Security Cloud 180

The Last Watchdog

AUGUST 21, 2023

Phone number spoofing involves manipulating caller ID displays to mimic legitimate phone numbers, giving scammers a deceptive veil of authenticity. Related: The rise of ‘SMS toll fraud’ The Bank of America scam serves as a prime example of how criminals exploit this technique. These scammers impersonate Bank of America representatives, using the genuine bank’s phone number (+18004321000) to gain trust and deceive their targets.

Authentication 224

Authentication Security Risk IT 224

Data Breach Today

AUGUST 21, 2023

GuidePoint Security's Mark Lance on Ways to Delay and Gather Info on Cybercriminals Conventional wisdom recommends to never negotiate with ransomware actors. They can't be trusted. But Mark Lance at GuidePoint Security recently made the case that organizations can gather important information through negotiations, slow down the process and even lower the ransom demand.

Ransomware 245

Ransomware Security 245

DLA Piper Privacy Matters

AUGUST 22, 2023

Helpful guidance on some previously uncertain areas of China data protection compliance programmes have been provided by the Administrative Measures for Personal Information Protection Compliance Audit (Draft for Comment) (“ Draft Measures ”), which were published for public consultation on 3 August 2023 by the Cyberspace Administration of China (“ CAC ”).

Compliance 98

Compliance Personal data Privacy Government 98

Speaker: Diane Magers, Founder and Chief Experience Officer at Experience Catalysts

In the world of business, connecting the dots from experience to financial impact is an essential skill. Transforming customer engagement, Voice of Customer (VoC) insights, and Journey Maps into tangible financial outcomes poses a significant challenge for most organizations. To gain buy-in from the C-Suite and key stakeholders, it’s crucial to illustrate how Experience Management translates into clear, measurable business results.

Customer Experience

Krebs on Security

AUGUST 25, 2023

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks.

Phishing 191

Phishing Data breaches Passwords Authentication 191

Data Breach Today

AUGUST 25, 2023

Also: Global Privacy Trends; Tornado Cash Founders Charged In the latest weekly update, ISMG editors discuss the shifting dynamics of cyber insurance, why APAC is approaching privacy regulations around emerging technologies, and how U.S. authorities charged the co-founders of cryptocurrency mixer Tornado Cash with money laundering.

Insurance 246

Insurance Privacy 246

Dark Reading

AUGUST 25, 2023

Roblox gaming developers are lured in by a package that claims to create useful scripts to interact with the Roblox website, for example by “promot(ing) users, shout events, and so on, or to create Discord utiltiies (sic) to manage their community.

96

96

Collibra

AUGUST 23, 2023

As the data intelligence company, we’ve long anticipated broad adoption of AI, and Collibrians with data science and machine learning expertise have been working diligently on ways to apply AI/ML. Disruptive technologies such as ChatGPT , Bard , and other generative AI technologies suddenly made AI accessible to everyone, regardless of their level of data science expertise.

Data science 97

Data science Communications Artificial Intelligence Government 97

The Last Watchdog

AUGUST 22, 2023

Fremont, Calif., Aug. 22, 2023 — AVer Information Inc. USA , the award-winning provider of video collaboration and education solutions, announces a technology collaboration with Nureva to streamline hybrid meeting room connectivity. The plug-and-play hybrid meeting bundles include AVer’s CAM550 , a 4K dual lens PTZ camera, and Nureva’s HDL300 audio system , an integrated microphone and speaker bar.

Artificial Intelligence 100

Artificial Intelligence Education Communications IT 100

Advertiser: ZoomInfo

Marketing technology is essential for B2B marketers to stay competitive in a rapidly changing digital landscape — and with 53% of marketers experiencing legacy technology issues and limitations, they’re researching innovations to expand and refine their technology stacks. To help practitioners keep up with the rapidly evolving martech landscape, this special report will discuss: How practitioners are integrating technologies and systems to encourage information-sharing between departments and pr

B2B

Data Breach Today

AUGUST 25, 2023

Fresh Lawsuits Target Prudential, Plus Charles Schwab and Subsidiary TD Ameritrade Two financial services giants hit by the mass attack on MOVEit file-sharing software - Prudential and Schwab - are the latest victims to face lawsuits from affected individuals. The suit filed against Prudential seeks 10 years of prepaid identity theft monitoring services instead of the usual two.

Data breaches 246

Data breaches Financial Services 246

DLA Piper Privacy Matters

AUGUST 21, 2023

Authors: Carolyn Bigg and Amanda Ge Businesses who must follow the China SCCs route to legitimize their cross-border transfers of personal data must file their signed China SCCs together with the supporting personal information impact assessment (“PIIA”) report with their local CAC branch by no later than 30 November 2023. This requires significant effort, and so businesses must act now to meet the filing deadline.

Compliance 98

Compliance Security Personal data IT 98

Dark Reading

AUGUST 21, 2023

AI innovation is moving faster than our laws and regulations, making it hard to decide whether Web or content scraping activity is good or bad, and what (if anything) you should do about it.

IT 97

IT 97

The Last Watchdog

AUGUST 21, 2023

Boston, Mass, Aug. 22, 2023 – airSlate , a leader in document workflow automation solutions, today announced the launch of QuickStart in collaboration with partner Forthright Technology Providers , a leading provider of user-centric IT solutions and services. The comprehensive package, available at a fixed price, combines airSlate’s automation tools, including customizable workflows and built-in eSignatures, with Forthright’s professional services, enabling organizations to streamline business

Digital transformation 100

Digital transformation Compliance Security Communications 100

Advertisement

Embedding dashboards, reports and analytics in your application presents unique opportunities and poses unique challenges. We interviewed 16 experts across business intelligence, UI/UX, security and more to find out what it takes to build an application with analytics at its core. No matter where you are in your analytics journey, you will learn about emerging trends and gather best practices from product experts.

Analytics

Data Breach Today

AUGUST 25, 2023

Madrid Touts Strategy for 'Inclusive, Sustainable, Citizen-Focused' AI Spain is set to launch Europe's first-ever artificial intelligence regulatory agency as the trading bloc finalizes legislation meant to mitigate risks and ban AI applications considered too risky. Madrid said its goal is to foster AI that is "inclusive, sustainable, and centered on citizens.

Artificial Intelligence 246

Artificial Intelligence Risk IT 246

Security Affairs

AUGUST 20, 2023

Understanding cybersecurity aspects addressed by Cloud Access Security Broker (CASB) and Secure Access Service Edge ( SASE ) In an increasingly digital world, where businesses rely on cloud services and remote access, cybersecurity has become paramount. As organizations strive to safeguard their data, applications, and networks, two prominent concepts have emerged as vital components of modern cybersecurity: Cloud Access Security Broker (CASB) and Secure Access Service Edge ( SASE ).

Cybersecurity 97

Cybersecurity Cloud Security Authentication 97

Dark Reading

AUGUST 22, 2023

Risk-aware leaders can be a cybersecurity advantage. Their flexible leadership style and emphasis on security first help set the tone and demonstrate a commitment to avoiding risk.

Risk 93

Risk Security Cybersecurity 93

KnowBe4

AUGUST 24, 2023

Users of the language learning app Duolingo should be wary of targeted phishing attacks following a recent data leak, according to Anthony Spadafora at Tom’s Guide. Criminals scraped the names and email addresses of 2.6 million Duolingo users earlier this year, and are now selling the entire dataset on underground forums for approximately $2.13.

Phishing 91

Phishing 91

Advertisement

How do 1st, 2nd, and 3rd party intent data compare? 1st, 2nd, and 3rd party data each have specific advantages and disadvantages. It comes down to four factors: accuracy, cost, control and quantity. This infographic explains the pros and cons of each and helps you understand which one is best for meeting your business objectives. Intent data can be a great way to fill your pipeline and close more deals.

IT

Data Breach Today

AUGUST 24, 2023

Fraudster Users Call Victims 'Mammoths,' Leading Eset to Dub Them 'Neanderthals' A likely Russian toolkit dubbed Telekopye by security researchers lets thieves concentrate on honing their social engineering without having to worry about the technical side of online scamming. Users dub victims "Mammoths," leading security firm Eset to christen Telekopye customers "Neanderthals.

Security 246

Security 246

Security Affairs

AUGUST 25, 2023

Experts observed the SmokeLoader malware delivering a new Wi-Fi scanning malware strain dubbed Whiffy Recon. Secureworks Counter Threat Unit (CTU) researchers observed the Smoke Loader botnet dropping a new Wi-Fi scanning malware named Whiffy Recon. The malicious code triangulates the positions of the infected systems using nearby Wi-Fi access points as a data point for Google’s geolocation API. “The scan results are mapped to a JSON structure (see Figure 5) that is sent to the Googl

File names 94

File names Encryption Access Security 94

Dark Reading

AUGUST 24, 2023

Embracing a risk-first mindset empowers organizations to make informed decisions, strengthen security, safeguard valuable assets, and reduce financial impact.

Risk 98

Risk Cybersecurity Security 98

KnowBe4

AUGUST 23, 2023

It appears that one of the most regulated industries also holds the title for the highest average data breach costs – coming in at just under $11 million per breach.

Data breaches 95

Data breaches IT 95

Speaker: Shawn Phillips, CCXP, Head of Growth and Innovation

A one-size-fits-all approach is a great approach – if it’s 2010. With the growth of AI, customers expect – and often demand – a customer journey based on their unique needs and history with your brand. Advanced platforms enable you to move beyond simple personalization or mass customization to create truly unique customer journeys that optimize outcomes for both your customers and your brand.

Data Breach Today

AUGUST 24, 2023

The Gulf Coast Provider Is Among the Regional Health Systems Hit Recently A three-hospital health system serving the Mississippi Gulf Coast has resorted to paper charting and other manual processes for patient care as it deals with a cyberattack that forced it to take systems offline. The incident is the latest disruptive attack on a regional medical provider.

Paper 245

Paper IT 245

Security Affairs

AUGUST 22, 2023

Snatch gang claims the hack of the Department of Defence South Africa and added the military organization to its leak site. The Snatch ransomware group added the Department of Defence South Africa to its data leak site. The mission of the Department of Defence is to provide, manage, prepare and employ defence capabilities commensurate with the needs of South Africa, as regulated by the Constitution, national legislation, parliamentary and executive direction.

Ransomware 96

Ransomware Computer and Electronics Military Security 96

Dark Reading

AUGUST 25, 2023

The cyber-espionage group has created a stealthy, hard-to-mitigate network of persistent access across a range of organizations, but the endgame is unclear.

Access 98

Access 98

KnowBe4

AUGUST 23, 2023

The number one way that hackers and malware compromise people, devices, and networks is social engineering. No one argues that anymore, but it was not always known or discussed that way. Even though social engineering has been the number one way hackers and malware exploit people and devices since the beginning of network computers, it was not generally known or discussed as such until just five or 10 years ago.

Cybersecurity 88

Cybersecurity IT 88

Advertiser: ZoomInfo

In times of economic uncertainty, account-based strategies are essential. According to several business analysts and practitioners, ABM is a necessity for creating more predictable revenue. Research shows that nearly three-quarters of marketers (74%) already have the resources needed to build successful ABM programs.

Marketing

Data Breach Today

AUGUST 24, 2023

Also: FBI Issues DPRK Alert; Incidents Affect Exactly, Harbor and Venus Protocols This week, charges were filed against Tornado Cash founders, the FBI found North Korean bitcoin wallets holding stolen cash, theft occurred in the Exactly and Harbor protocols, Venus Protocol liquidated a hacker's wallet, Terra paused operations, and Thailand threatened Meta over crypto scam ads.

245

245

Security Affairs

AUGUST 21, 2023

Israel and US government agencies announced the BIRD Cyber Program, an investment of roughly $4M in projects to enhance the cyber resilience of critical infrastructure. The BIRD Cyber Program is a joint initiative from the Israel National Cyber Directorate (INCD), the Israel-US Binational Industrial Research and Development (BIRD) Foundation, and the US Department of Homeland Security (DHS) Science and Technology Directorate (S&T) to promote projects to enhance the cyber resilience of critic

Cybersecurity 94

Cybersecurity Security Compliance Risk 94

Dark Reading

AUGUST 25, 2023

Deployed by the infamous SmokeLoader botnet, the location-tracking malware could be used for a host of follow-on cyberattacks or even physical targeting.

98

98