Sat.Jan 06, 2024 - Fri.Jan 12, 2024

article thumbnail

Here’s Some Bitcoin: Oh, and You’ve Been Served!

Krebs on Security

A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. The case is thought to be first in which a federal court has recognized the use of information included in a bitcoin transaction — such as a link to a civil claim filed in federal court — as reasonably likely to provide notice of the lawsuit to the defendant.

article thumbnail

How the Merck Case Shapes the Future of Cyber Insurance

Data Breach Today

Merck & Co.'s proposed settlement with insurers over a $1.4 billion claim related to the NotPetya attack will change the language the insurance industry uses to exclude acts of war in its policies, and organizations need to consider how those changes affect risk, said attorney Peter Halprin.

Insurance 318
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

GUEST ESSAY: The case for using augmented reality (AR) and virtual reality (VR) to boost training

The Last Watchdog

Augmented reality (AR) and virtual reality (VR) technologies provide intriguing opportunities for immersive and interactive experiences in cybersecurity training. Related: GenAI’ impact on DevSecOps Here’s how these technologies can bridge learning gaps in cybersecurity awareness and enhance the overall training experience. AR and VR technologies can create distinct immersive experiences by merging digital reality with the physical world.

article thumbnail

New Strategy System Reimagines AIIM

AIIM

2024 is going to be a special year. As we celebrate our 80th anniversary, we are also launching a brand new strategy. This new strategy reimagines AIIM for the age of artificial intelligence where trusted data and information are essential. In the coming months, we will be sharing much more about our new strategy, but I am very excited to give you a preview of what's to come.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. All four pleaded guilty to conspiracy and racketeering charges. But there is a fascinating and untold backstory behind the two Russian men involved, who co-ran the world’s top spam forum and worked closely with Russia’s most dangerous cybercriminals.

More Trending

article thumbnail

Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467

Security Affairs

Researchers published a proof-of-concept (PoC) code for the recently disclosed critical flaw CVE-2023-51467 in the Apache OfBiz. Researchers from cybersecurity firm VulnCheck have created a proof-of-concept (PoC) exploit code for the recently disclosed critical flaw CVE-2023-51467 (CVSS score: 9.8) in the Apache OfBiz. In December, experts warned of an authentication bypass zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system.

Honeypots 127
article thumbnail

News alert: Trimarc launches Active Directory security posture tool for enterprise, M&A

The Last Watchdog

Washington, DC, Jan. 12, 2024 – Trimarc Security , the professional services company with extensive expertise in securing Active Directory for enterprise organizations, today announced the early access availability of its new product, Trimarc Vision. Trimarc Vision is a powerful security posture analysis product that provides visibility into the most important security components of Active Directory.

Security 100
article thumbnail

[Security Masterminds] Revolutionizing Cybersecurity Training: How AI Is Changing the Game

KnowBe4

Artificial intelligence (AI) in the cybersecurity realm is a nuanced topic. On the one hand, it has the potential to enhance our abilities to detect and prevent cyber threats significantly.

article thumbnail

Ransomware Trends: Medusa and Akira Rage; Tortilla Disrupted

Data Breach Today

Crypto-Malware Trackers Report a Surge in Known Ransomware Victims at End of 2023 Ransomware-wielding attackers show no signs of stopping, and experts report December 2023 was the second-worst month on record for known victims. Lately, Akira-wielding attackers have been hitting Finland hard, and Medusa has been behind a rising number of attacks.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Iranian crypto exchange Bit24.cash leaks user passports and IDs

Security Affairs

Bit24.cash has inadvertently exposed sensitive data belonging to nearly 230,000 users, as revealed by Cybernews research. Due to its limited access to foreign financial markets, Iran has embraced cryptocurrency significantly. Last year, Iranian crypto exchanges facilitated transactions totaling nearly $3 billion. Almost all incoming crypto volume in Iran adheres to Know Your Customer (KYC) requirements.

Access 130
article thumbnail

CNIL Opens Consultation on Transfer Impact Assessment Guide

Hunton Privacy

On January 8, 2024, the French Data Protection Authority (the “CNIL”) opened a consultation on its draft guidance for the use of transfer impact assessments (“Guidance”). In describing the Guidance, the CNIL references the decision of the Court of Justice of the European Union in Schrems II and states that exporters relying on tools listed in Article 46(2) and Article 46(3) of the EU General Data Protection Regulation (“GDPR”) for personal data transfers are required to assess the level of prote

GDPR 120
article thumbnail

Microsoft Takes the Lead in Q4 2023 for Alarming Phishing Attempts

KnowBe4

Microsoft was the most impersonated brand last quarter, accounting for a third (33%) of all brand phishing attempts in October, November, and December 2023, according to Check Point’s Brand Phishing Report for Q4 2023.

Phishing 112
article thumbnail

Chinese Nation-State Hacker Is Exploiting Cisco Routers

Data Breach Today

'Volt Typhoon' Could Be Preparing for Renewed Burst of Activity A Chinese state hacking group is attacking superseded Cisco routers to target government entities in the United States, the United Kingdom and Australia. Beijing cyberespionage hackers dubbed "Volt Typhoon" are using vulnerabilities that were first disclosed in early 2019.

article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Saudi Ministry exposed sensitive data for 15 months

Security Affairs

Saudi Ministry of Industry and Mineral Resources (MIM) had an environment file exposed, opening up sensitive details for anybody willing to take them. The Cybernews research team believes that the sensitive data was accessible for 15 months. An environment (env.) file serves as a set of instructions for computer programs, making it a critical component for any system.

article thumbnail

Legal Tech Predictions for 2024: Embracing a New Era of Innovation

Hanzo Learning Center

As we step into 2024, the legal industry continues to be reshaped by technological advancements. This year promises to bring new developments that could revolutionize how legal professionals work and interact with clients.

114
114
article thumbnail

KnowBe4 Named a Leader in the Winter 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR)

KnowBe4

We are excited to announce that KnowBe4 has been named a leader in the Winter 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the PhishER platform for the eleventh consecutive quarter!

Security 111
article thumbnail

Amazon Appeals Privacy Fine of 746 Million Euros

Data Breach Today

E-Commerce Giant Accuses Luxembourg Regulators of Attacking the Company Amazon in a Luxembourg court Tuesday contested a once-record privacy fine levied against the e-commerce giant for its advertising practices by the diminutive country's data protection authority. The fine of 746 million euros stems from a 2018 complaint by French privacy group La Quadrature du Net.

Privacy 305
article thumbnail

The Big Payoff of Application Analytics

Outdated or absent analytics won’t cut it in today’s data-driven applications – not for your end users, your development team, or your business. That’s what drove the five companies in this e-book to change their approach to analytics. Download this e-book to learn about the unique problems each company faced and how they achieved huge returns beyond expectation by embedding analytics into applications.

article thumbnail

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea

Security Affairs

Researchers discovered a macOS backdoor, called SpectralBlur, which shows similarities with a North Korean APT’s malware family. Security researcher Greg Lesnewich discovered a backdoor, called SpectralBlur, that targets Apple macOS. The backdoor shows similarities with the malware family KANDYKORN (aka SockRacket), which was attributed to the North Korea-linked Lazarus sub-group known as BlueNoroff (aka TA444 ).

Phishing 125
article thumbnail

Modernizing mainframe applications with a boost from generative AI

IBM Big Data Hub

Look behind the scenes of any slick mobile application or commercial interface, and deep beneath the integration and service layers of any major enterprise’s application architecture, you will likely find mainframes running the show. Critical applications and systems of record are using these core systems as part of a hybrid infrastructure. Any interruption in their ongoing operation could be disastrous to the continued operational integrity of the business.

article thumbnail

[New Phishing Template] Formula 1 Exclusive: Gene Haas on Guenther Steiner's Departure

KnowBe4

In a surprising turn of events for Formula 1 enthusiasts, the Haas F1 Team is grappling with the departure of its widely-respected Team Principal, Guenther Steiner. Let's dive into the implications of Guenther Steiner's departure and more information on a new template that our KnowBe4 customers can access in the ModStore now!

Phishing 108
article thumbnail

Fidelity National Financial Details LoanCare Breach

Data Breach Today

1.3 Million Customers Notified of Breach; BlackCat Ransomware Group Claimed Credit Financial services giant Fidelity National Financial has confirmed that a November 2023 hack attack compromised personal information pertaining to 1.3 million customers of its LoanCare subsidiary. FNF took multiple systems offline when responding to the attack, disrupting some homebuyers.

article thumbnail

A Tale of Two Case Studies: Using LLMs in Production

Speaker: Tony Karrer, Ryan Barker, Grant Wiles, Zach Asman, & Mark Pace

Join our exclusive webinar with top industry visionaries, where we'll explore the latest innovations in Artificial Intelligence and the incredible potential of LLMs. We'll walk through two compelling case studies that showcase how AI is reimagining industries and revolutionizing the way we interact with technology. Some takeaways include: How to test and evaluate results 📊 Why confidence scoring matters 🔐 How to assess cost and quality 🤖 Cross-platform cost vs. quality tr

article thumbnail

Team Liquid’s wiki leak exposes 118K users

Security Affairs

Liquipedia, an online e-sports platform run by Team Liquid, exposed a database revealing its users’ email addresses and other details. Users of the e-sports knowledge base were exposed via a publicly accessible and passwordless MongoDB database, the Cybernews research team has discovered. The database was closed after researchers informed Liquipedia’s admins about the issue.

article thumbnail

Top 6 predictions for AI advancements and trends in 2024

IBM Big Data Hub

In 2024, the initial cultural fascination with early generative AI yields tangible business results. This technology, which includes the ability to process and generate text, voice and video content, is revolutionizing how companies enhance productivity, foster innovation and stimulate creativity. According to McKinsey & Company , these AI applications have the potential to contribute between USD 2.6 trillion and 4.4 trillion annually to the global economy through various business scenarios.

article thumbnail

Beware of "Get to Know Me" Surveys

KnowBe4

Trained security awareness professionals are aware that whatever someone says about themselves and personal experiences can be used against them in a social engineering scam. It is always good to share that message, at least once a year with co-workers, family members, and friends.

article thumbnail

HPE to Buy Juniper for $14B to Boost AI and Networking

Data Breach Today

Deal Is 'Major Leap Forward in Our AI and Hybrid Cloud Strategy,' HPE Says Hewlett Packard Enterprise announced a $14 billion acquisition deal with networking equipment maker Juniper Networks and is touting the deal as a way to position the Silicon Valley stalwart for the burgeoning artificial intelligence market. The transaction values Juniper at $40 per share.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Cisco fixed critical Unity Connection vulnerability CVE-2024-20272

Security Affairs

Cisco addressed a critical Unity Connection security flaw that can be exploited by an unauthenticated attacker to get root privileges. Cisco has addressed a critical flaw, tracked as CVE-2024-20272, in its Unity Connection that can be exploited by a remote, unauthenticated attacker to gain root privileges on vulnerable devices. Cisco Unity Connection is a messaging platform and voicemail system that is part of the Cisco Unified Communications suite of products.

article thumbnail

What is an Apple MDM server?

Jamf

Are you diving into the world of device management? In this blog, learn about Apple MDM: from what it is to how to get started with it in your organization.

MDM 115
article thumbnail

FBI Releases Blackcat Ransomware Decryption Tool to Victims, Disrupting Attacks

KnowBe4

For the first time ever, the U.S. Justice Department announced the existence of an FBI-developed decryption tool that has been used to save hundreds of victim organizations attacked by one of the most prolific ransomware variants in the world.