Data Breach Today
AUGUST 30, 2023
Blame Police Crackdowns on Big Names, Hacker Thrift, Ransomware Grifters in Trouble What's behind the a profusion of reported attacks involving stolen or reused strains of ransomware? Blame a variety of factors, including law enforcement crackdowns, evolving ransomware business models and at least one case of a ransomware group leader with poor morale building skills.
Krebs on Security
SEPTEMBER 1, 2023
Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because.US is overseen by the U.S. government, which is frequently the target of phishing domains ending in.US. Also,US domains are only supposed to be available to U.S. citizens and to those who can demonstrate that they have a physical presence in the United States.US is the “country code top-level doma
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
AUGUST 30, 2023
Interesting story of an Apple Macintosh app that went rogue. Basically, it was a good app until one particular update…when it went bad. With more official macOS features added in 2021 that enabled the “Night Shift” dark mode, the NightOwl app was left forlorn and forgotten on many older Macs. Few of those supposed tens of thousands of users likely noticed when the app they ran in the background of their older Macs was bought by another company, nor when earlier this year that c
The Last Watchdog
AUGUST 29, 2023
The threat of bad actors hacking into airplane systems mid-flight has become a major concern for airlines and operators worldwide. Related: Pushing the fly-by-wire envelope This is especially true because systems are more interconnected and use more complex commercial software than ever before, meaning a vulnerability in one system could lead to a malicious actor gaining access to more important systems.
Advertisement
With its unparalleled flexibility, rapid development and cost-saving capabilities, open source is proving time and again that it’s the leader in data management. But as the growth in open source adoption increases, so does the complexity of your data infrastructure. In this Analyst Brief developed with IDC, discover how and why the best solution to this complexity is a managed service, including: Streamlined compliance with some of the most complex regulatory guidelines Simplified operations, li
Data Breach Today
SEPTEMBER 1, 2023
Bill 'Poses a serious threat' to end-to-end encryption, Apple Says U.S. tech companies are stepping up warnings to British lawmakers over a government proposal they say will fatally weaken security and privacy protections for users. The House of Lords is set to return the bill to the House of Commons after a third reading scheduled to begin Wednesday.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
WIRED Threat Level
AUGUST 31, 2023
Child safety group Heat Initiative plans to launch a campaign pressing Apple on child sexual abuse material scanning and user reporting. The company issued a rare, detailed response on Thursday.
The Last Watchdog
AUGUST 28, 2023
API security has arisen as a cornerstone of securing massively interconnected cloud applications. At Black Hat USA 2023 , I had a great discussion about API security with Data Theorem COO Doug Dooley and Applovin CISO Jeremiah Kung. For a full drill down, please give the accompanying podcast a listen. As a fast-rising mobile ad network going toe-to-toe with Google and Facebook, Applovin has been acquiring advanced security tools and shaping new practices to manage its API exposures.
Data Breach Today
AUGUST 31, 2023
George Kurtz Says Clients Spot 'Point Products Masquerading as Platform Stories' CrowdStrike CEO George Kurtz said point product companies "are quickly going the way of legacy antivirus" as rivals SentinelOne and BlackBerry reportedly hunt for buyers. The endpoint security market is quickly consolidating from being "littered with dozens of companies" to just several vendors.
Security Affairs
AUGUST 31, 2023
The National Safety Council leaked thousands of emails and passwords of their members, including companies such as NASA and Tesla. The National Safety Council has leaked nearly 10,000 emails and passwords of their members, exposing 2000 companies, including governmental organizations and big corporations. The National Safety Council (NSC) is a non-profit organization in the United States providing workplace and driving safety training.
Advertisement
The complexity of financial data, the need for real-time insight, and the demand for user-friendly visualizations can seem daunting when it comes to analytics - but there is an easier way. With Logi Symphony, we aim to turn these challenges into opportunities. Our platform empowers you to seamlessly integrate advanced data analytics, generative AI, data visualization, and pixel-perfect reporting into your applications, transforming raw data into actionable insights.
Troy Hunt
AUGUST 30, 2023
Last week I was contacted by CERT Poland. They'd observed a phishing campaign that had collected 68k credentials from unsuspecting victims and asked if HIBP may be used to help alert these individuals to their exposure. The campaign began with a typical email requesting more information: In this case, the email contained a fake purchase order attachment which requested login credentials that were then posted back to infrastructure controlled by the attacker: All in all, CERT Poland identifi
The Last Watchdog
AUGUST 30, 2023
For a couple of decades now, the web browser has endured in workplace settings as the primary employee-to-Internet interface. It’s really just assumed to be a given that a browser built for consumers is an acceptable application for employees to use to work. And despite advances, like sandboxing, browser isolation and secure gateways, the core architecture of web browsers has remained all-too vulnerable to malicious attacks.
Data Breach Today
AUGUST 30, 2023
US Funds for Regional SOC, Use of Trusted 5G Providers Follows Big 2022 Cyberattack Costa Rica will build a national cybersecurity operations center with substantial U.S. backing following a crippling cyberattack last year while also committing to using only trusted 5G providers. The State Department extended $25 million to build a virtual security operations center.
Dark Reading
SEPTEMBER 1, 2023
The sophisticated attacks, tracked as DB#JAMMER, run shell commands to impair defenses and deploy tools to establish persistence on the host.
Advertisement
Adding high-quality entity resolution capabilities to enterprise applications, services, data fabrics or data pipelines can be daunting and expensive. Organizations often invest millions of dollars and years of effort to achieve subpar results. This guide will walk you through the requirements and challenges of implementing entity resolution. By the end, you'll understand what to look for, the most common mistakes and pitfalls to avoid, and your options.
Troy Hunt
AUGUST 29, 2023
Today, the US Justice Department announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, and the United Kingdom to disrupt the botnet and malware known as Qakbot and take down its infrastructure. Beyond just taking down the backbone of the operation, the FBI began actively intercepting traffic from the botnet and instructing infected machines the uninstall the malware: To disrupt the botnet, the FBI was able to redirect Qakbot botnet traffic
The Last Watchdog
AUGUST 31, 2023
Hannover, Germany, Aug. 31, 2023 – Hornetsecurity has recently launched The Security Swarm podcast series to shed light on the latest cybersecurity issues. The weekly show, hosted by Hornetsecurity’s Andy Syrewicze , brings together experts from across the cybersecurity sector to discuss industry challenges, how businesses can overcome ever-changing threats, and future cybersecurity issues.
Data Breach Today
AUGUST 30, 2023
'Spamouflage' Controlled Thousands of Facebook Pages But Struggled for Engagement Facebook parent Meta unearthed a Chinese propaganda campaign active across dozens of social media sites in what the company calls the largest known cross-platform influence operation in the world. "Spamouflage" operates across more than 50 platforms and forums.
Security Affairs
AUGUST 31, 2023
Fashion retailer Forever 21 disclosed a data breach that exposed the personal information of more than 500,000 individuals. On March 20, 2023, the fashion retailer Forever 21 has discovered a cyber incident that impacted a limited number of systems. The company immediately launched an investigation into the incident with the help of leading cybersecurity firms.
Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage
Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, VP of Engineering at Betterworks, will explore a practical framework to transform Generative AI pr
Dark Reading
AUGUST 31, 2023
A hacker published a real gem of an infostealer to GitHub that requires zero coding knowledge to use. Then a community sprung up around it, polishing the code to a high shine and creating new, even more robust features.
The Last Watchdog
AUGUST 31, 2023
San Francisco, Calif., Aug. 30, 2023 — Every year over 340m workers suffer a workplace injury: slips and falls, strains and sprains, vehicle collisions and crashes. Voxel, an AI startup using computer vision to transform safety and operations in the workplace , is today announcing a $12m strategic funding round to improve workplace safety and save lives.
Data Breach Today
AUGUST 31, 2023
Tomer Weingarten Nixes Wiz Reselling Agreement After Not Seeing 'Any Contribution' SentinelOne CEO Tomer Weingarten hit back at endpoint security rivals CrowdStrike and Microsoft as well as rumored M&A suitor Wiz for publicly fanning acquisition flames. The endpoint security firm called Wiz acquisition rumors "a headscratcher," "far from fact" and "pure speculation on their part.
Security Affairs
AUGUST 28, 2023
Japan’s JPCERT warns of a new recently detected ‘MalDoc in PDF’ attack that embeds malicious Word files into PDFs. Japan’s computer emergency response team (JPCERT) has recently observed a new attack technique, called ‘MalDoc in PDF’, that bypasses detection by embedding a malicious Word file into a PDF file. The researchers explained that a file created with MalDoc in PDF has magic numbers and file structure of PDF, but can be opened in Word.
Advertisement
It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.
KnowBe4
AUGUST 30, 2023
No surprise: phishing attacks are on the rise, and a new technique is becoming increasingly popular: open redirect flaws. These flaws allow attackers to redirect victims to malicious websites, even if the link in the phishing email appears to be legitimate.
Schneier on Security
AUGUST 31, 2023
A used government surveillance van is for sale in Chicago: So how was this van turned into a mobile spying center? Well, let’s start with how it has more LCD monitors than a Counterstrike LAN party. They can be used to monitor any of six different video inputs including a videoscope camera. A videoscope and a borescope are very similar as they’re both cameras on the ends of optical fibers, so the same tech you’d use to inspect cylinder walls is also useful for surveillance.
Data Breach Today
AUGUST 31, 2023
UK Risks Falling Behind EU and US in AI Governance, Parliamentary Committee Warns British lawmakers are calling on the government to speed up efforts to articulate a comprehensive artificial intelligence policy in the face of challenges ranging from bias to existential risk. Delay could erode the Britain's position "as a center of AI research," the lawmakers said.
Security Affairs
AUGUST 31, 2023
Researchers demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions. Researcher Daniel Avinoam at the recent DEF CON hacking conference demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions. The expert explained that Windows OS separates the file system from each container to the host and avoids duplication of system files.
Advertisement
In the fast-moving manufacturing sector, delivering mission-critical data insights to empower your end users or customers can be a challenge. Traditional BI tools can be cumbersome and difficult to integrate - but it doesn't have to be this way. Logi Symphony offers a powerful and user-friendly solution, allowing you to seamlessly embed self-service analytics, generative AI, data visualization, and pixel-perfect reporting directly into your applications.
WIRED Threat Level
AUGUST 30, 2023
A WIRED investigation into a cache of documents posted by an unknown figure lays bare the Trickbot ransomware gang’s secrets, including the identity of a central member.
Hunton Privacy
AUGUST 29, 2023
On August 29, 2023, the California Privacy Protection Agency (“CPPA”) Board issued draft regulations on Risk Assessment and Cybersecurity Audit (the “Draft Regulations”). The CPPA Board will discuss the Draft Regulations during a public meeting on September 8, 2023. In issuing the Draft Regulations, the CPPA Board makes clear that it has not yet started the formal rulemaking process for cybersecurity audits, risk assessments or automated decision-making technology, and that these Draft Regulatio
Data Breach Today
AUGUST 31, 2023
The Panelists Also Discuss Improving the User Experience and Verifying Identities In the latest "Proof of Concept," two CyberEd board members, Connecticut state CISO Jeff Brown and Maricopa County CISO Lester Godsey, join ISMG editors to discuss securing digital government services, improving user experiences and balancing user convenience with robust identity verification.
Expert insights. Personalized for you.
337 
Let's personalize your content