Sat.Dec 17, 2022 - Fri.Dec 23, 2022

article thumbnail

2022 Cyber Security Review of the Year

IT Governance

2022 will go down as the year where some semblance of normality returned. Social distancing restrictions were gone, masks disappeared and we made travel plans unfettered by fear of positive lateral flow tests. These were truly precedented times.

IT 93
article thumbnail

Hack on a Services Firm's Vendor Affects 271,000 Patients

Data Breach Today

Breach Is Latest in Long List of Complex Vendor Incidents An Oklahoma-based provider of administrative and technology services to healthcare organizations is notifying more than 271,000 individuals that their personal information may have been compromised in a hacking incident involving a third-party data storage vendor.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Threat Modeling in the Age of OpenAI's Chatbot

Dark Reading

New technical chatbot capabilities raise the promise that their help in threat modeling could free humans for more interesting work

110
110
article thumbnail

Hacked Ring Cams Used to Record Swatting Victims

Krebs on Security

Photo: BrandonKleinPhoto / Shutterstock.com. Two U.S.

Passwords 226
article thumbnail

Subsurface: The Ultimate Data Lakehouse Conference

Speaker: Panel Speakers

We’ve just opened registration for Subsurface LIVE 2023! Learn how to innovate with open source technologies such as Apache Arrow, Delta Lake, and more. Register now to secure your spot at Subsurface LIVE being held March 1-2, 2023.

article thumbnail

GUEST ESSAY: Achieving trust — in a tumultuous 2023 that’s likely to come — can lead to success

The Last Watchdog

The 2020s are already tumultuous. Related: The Holy Grail of ‘digital resiliency’ Individuals are experiencing everything from extraordinary political and social upheaval to war on the European continent to the reemergence of infectious diseases to extreme weather events. Against this unsettling backdrop, citizens, consumers, employees, and partners will look to organizations that they trust for stability and positive long-term relationships.

Risk 127

More Trending

article thumbnail

New Brand of Security Threats Surface in the Cloud

Dark Reading

Tech Insight report co-produced by Black Hat, Dark Reading, and Omdia examines how cloud security is evolving in a rapid race to beat threat actors to the (cloud) breach

Cloud 113
article thumbnail

The Equifax Breach Settlement Offer is Real, For Now

Krebs on Security

Millions of people likely just received an email or snail mail notice saying they’re eligible to claim a class action payment in connection with the 2017 megabreach at consumer credit bureau Equifax.

Security 195
article thumbnail

GUEST ESSAY: ‘Initial access brokers’ — IABs — specialize in enabling surreptitious access

The Last Watchdog

Cybercrime is a big business. And like any other large industry, specialization has emerged. Related: IABs fuel ransomware surge. As data becomes more valuable, criminals can profit more from stealing, selling or holding it for ransom, leading to a massive black market of information. Initial access brokers (IABs) play an increasingly central role in this cyber underworld. IABs specialize in finding vulnerable targets and sell their details to other cybercriminals.

Access 113
article thumbnail

Co-Founder of OneCoin Cryptocurrency Scam Pleads Guilty

Data Breach Today

International Fraudulent Cryptocurrency Pyramid Scheme Netted $4 Billion Karl Sebastian Greenwood, a dual citizen of Sweden and the United Kingdom pleaded guilty in U.S. federal court to his role in selling the purported multi-billion-dollar cryptocurrency pyramid OneCoin that netted $4 billion.

article thumbnail

Data Value Scorecard Report

This report examines the quantitative research of data leaders on data value and return on investment.

article thumbnail

How AI/ML Can Thwart DDoS Attacks

Dark Reading

When properly designed and trained, artificial intelligence and machine learning can help improve the accuracy of DDoS detection and mitigation

article thumbnail

Old vulnerabilities in Cisco products actively exploited in the wild

Security Affairs

IT giant Cisco is warning of threat actors exploiting many old vulnerabilities in attacks in the wild. Cisco has updated multiple security advisories to warn of the active exploitation of several old vulnerabilities impacting its products.

Access 110
article thumbnail

"How I lost my dog and almost my Google credentials."

KnowBe4

A well-trained Knowster posted: " I lost my dog this weekend and my mother in law was trying to be helpful and put my real phone number on a few social media posts she made. Now im getting these kinds of texts and it’s heartbreaking to think someone else may have fallen for this! Social Engineering

IT 95
article thumbnail

Biden Signs Law to Safeguard IT Against Quantum Computing

Data Breach Today

Federal Agencies Told to Prepare to Move Quickly Once Standards Get Identified U.S.

IT 227
article thumbnail

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

Enterprises poured $73 billion into data management software in 2020 – but are seeing very little return on their data investments. 22% of data leaders surveyed have fully realized ROI in the past two years, with 56% having no consistent way of measuring it.

article thumbnail

Sophisticated DarkTortilla Malware Serves Imposter Cisco, Grammarly Pages

Dark Reading

Sites spoofing Grammarly and a Cisco webpage are spreading the DarkTortilla threat, which is filled with follow-on malware attacks

111
111
article thumbnail

North Korea-linked hackers stole $626 million in virtual assets in 2022

Security Affairs

North Korea-linked threat actors have stolen an estimated $1.2 billion worth of cryptocurrency and other virtual assets in the past five years. South Korea’s spy agency, the National Intelligence Service, estimated that North Korea-linked threat actors have stolen an estimated 1.5 trillion won ($1.2

Military 108
article thumbnail

How to Surrender to a Drone

Schneier on Security

The Ukrainian army has released an instructional video explaining how Russian soldiers should surrender to a drone: “Seeing the drone in the field of view, make eye contact with it,” the video instructs. Soldiers should then raise their arms and signal they’re ready to follow.

article thumbnail

Russian Hackers Targeted Oil Refinery Firm in NATO Country

Data Breach Today

Gamaredon,' Tied to FSB, Expands Intelligence Ops as Invasion of Ukraine Persists Security researchers at Palo Alto Networks say they identified an attempted hack on a large petroleum refining company based inside a NATO member that came from a threat actor known as Gamaredon and Trident Ursa.

article thumbnail

12 Considerations When Evaluating Data Lake Engine Vendors for Analytics and BI

Businesses today compete on their ability to turn big data into essential business insights. Modern enterprises leverage cloud data lakes as the platform used to store data. 57% of the enterprises currently using a data lake cite improved business agility as a benefit.

article thumbnail

Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes

Dark Reading

A complete bypass of the Kyverno security mechanism for container image imports allows cyberattackers to completely take over a Kubernetes pod to steal data and inject malware

Cloud 108
article thumbnail

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

Microsoft spotted an upgraded variant of the Zerobot botnet that spreads by exploiting Apache vulnerabilities.

IoT 106
article thumbnail

What Is Flipper Zero? The Hacker Tool Going Viral on TikTok, Explained

WIRED Threat Level

Don’t be fooled by its fun name and Tamagotchi-like interface—this do-everything gadget is trouble waiting to happen and a whole lot more. Security Security / Cyberattacks and Hacks

IT 89
article thumbnail

Sysdig CEO on How Open Source Fuels Cloud, Container Defense

Data Breach Today

Suresh Vasudevan on Why Falco Has Become the Industry Standard for Threat Detection Cloud vendors from Amazon, Microsoft and Google to IBM and Sumo Logic have turned to Sysdig's Falco open-source threat detection engine to secure their environments.

Cloud 182
article thumbnail

Checklist Report: Preparing for the Next-Generation Cloud Data Architecture

Data architectures have evolved dramatically. It is time to reconsider the fundamental ways that information is accumulated, managed, and then provisioned to the different downstream data consumers.

article thumbnail

T-Mobile Carrier Scammer Gets Decade in the Slammer

Dark Reading

A mobile phone store owner stole T-Mobile employee credentials to "unlock" phones for resale, earning him millions in illicit profits

110
110
article thumbnail

Experts spotted a variant of the Agenda Ransomware written in Rust

Security Affairs

Researchers spotted a new variant of the Agenda ransomware which is written in the cross-platform programming language Rust. Trend Micro researchers have spotted a new variant of the Agenda ransomware (aka Qilin) that is written in Rust Language.

article thumbnail

Microsoft Warns of Signed Drivers Being Used to Terminate AV and EDR Processes

KnowBe4

The malicious abuse of several developer program accounts in Microsoft’s Windows Hardware Developer Program allowed threat actors to have malware evade detection. Malware

87
article thumbnail

EU-U.S. Data Privacy Framework in Activist Crosshairs

Data Breach Today

European Commission Took Key Step in Finalizing Trans-Atlantic Data Flow Framework Europe took a key step in formalizing a framework to underpin the trans-Atlantic flow of commercial data but privacy activists say the EU-U.S. agreement won't stand up to a legal challenge. The Commission on Dec.

article thumbnail

7 Ways to Supercharge Your ABM Strategy with Real-Time Intent

Streaming real-time intent is a homerun for marketing and sales’ account-based marketing (ABM) strategies. With real-time buyer insights, you can be first-in-line to provide solutions and lead better, hyper-personalized conversations.

article thumbnail

Google WordPress Plug-in Bug Allows AWS Metadata Theft

Dark Reading

A successful attacker could use the SSRF vulnerability to collect metadata from WordPress sites hosted on an AWS server, and potentially log in to a cloud instance to run commands

Metadata 107
article thumbnail

Vice Society ransomware gang is using a custom locker

Security Affairs

The Vice Society ransomware group has adopted new custom ransomware, with a strong encryption scheme, in recent intrusions.

article thumbnail

XLL Files Used to Deliver Malware

KnowBe4

Attackers are using XLL files to embed malicious code in Office documents, according to researchers at Cisco Talos. Microsoft is phasing out the ability to execute VBA macros in Office documents.

85