Sat.Dec 24, 2022 - Fri.Dec 30, 2022

article thumbnail

LastPass Data Breach: It's Time to Ditch This Password Manager

WIRED Threat Level

The password manager's most recent data breach is so concerning, users need to take immediate steps to protect themselves. Security Security / Cyberattacks and Hacks Security / Security Advice Security / Security News

Passwords 114
article thumbnail

North Korean Hackers Steal NFTs via Phishing Websites

Data Breach Today

APT Groups Use 500 Decoy Domains of Popular NFT, DeFi Platforms North Korean attackers are using phishing websites to impersonate popular NFT platforms and DeFi marketplaces to steal digital assets worth hundreds of thousands of dollars.

Phishing 130
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

After the Uber Breach: 3 Questions All CISOs Should Ask Themselves

Dark Reading

How CISOs handle the ethical issues around data breaches can make or break their careers. Don't wait until a breach happens to plot the course forward

article thumbnail

Experts warn of attacks exploiting WordPress gift card plugin

Security Affairs

Threat actors are actively exploiting a critical flaw in the YITH WooCommerce Gift Cards Premium WordPress plugin installed by over 50,000 websites.

article thumbnail

Subsurface: The Ultimate Data Lakehouse Conference

Speaker: Panel Speakers

We’ve just opened registration for Subsurface LIVE 2023! Learn how to innovate with open source technologies such as Apache Arrow, Delta Lake, and more. Register now to secure your spot at Subsurface LIVE being held March 1-2, 2023.

article thumbnail

The Worst Hacks of 2022

WIRED Threat Level

The year was marked by sinister new twists on cybersecurity classics, including phishing, breaches, and ransomware attacks. Security Security / Cyberattacks and Hacks Security / National Security

More Trending

article thumbnail

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

KrebsOnSecurity turns 13 years old today. That’s a crazy long time for an independent media outlet these days, but then again I’m bound to keep doing this as long as they keep letting me. Heck, I’ve been doing this so long I briefly forgot which birthday this was!

Security 190
article thumbnail

War and Geopolitical Conflict: The New Battleground for DDoS Attacks

Dark Reading

The effectiveness of attacks largely depends on organizations' distributed denial-of-service defenses

114
114
article thumbnail

Recovering Smartphone Voice from the Accelerometer

Schneier on Security

Yet another smartphone side-channel attack: “ EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers “: Abstract: Eavesdropping from the user’s smartphone is a well-known threat to the user’s safety and privacy.

article thumbnail

LockBit Group Claims Attack on Port of Lisbon

Data Breach Today

Website Remains Down Following Christmas Day Attack One of Europe's busiest ports is added to the list of LockBit ransomware victims. The hacking group targeted Portugal's Port of Lisbon on Christmas day, giving the facility a deadline of Jan.18 to pay a ransom of $1.5

article thumbnail

Data Value Scorecard Report

This report examines the quantitative research of data leaders on data value and return on investment.

article thumbnail

Attackers Pose as Facebook Support Using Legitimate Facebook Posts to Bypass Security Solutions

KnowBe4

Impersonating Facebook using its own platform against them, a new phishing attack takes advantage of victim’s inability to distinguish legitimate from illegitimate

article thumbnail

Extracting Encrypted Credentials From Common Tools

Dark Reading

Attackers are harvesting credentials from compromised systems. Here's how some commonly used tools can enable this

article thumbnail

LastPass Breach

Schneier on Security

Last August, LastPass reported a security breach, saying that no customer information—or passwords—were compromised.

article thumbnail

Bahamian Regulator Controls FTX Digital Assets Worth $3.5B

Data Breach Today

Agency Says It Has Temporary 'Exclusive Control' of Assets for Safe Custody The Bahamas Securities Commission seized digital assets worth $3.5 billion from local firm FTX Digital Markets.

article thumbnail

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

Enterprises poured $73 billion into data management software in 2020 – but are seeing very little return on their data investments. 22% of data leaders surveyed have fully realized ROI in the past two years, with 56% having no consistent way of measuring it.

article thumbnail

[Heads Up] LastPass Attack Could Supercharge Spear Phishing Attacks

KnowBe4

By Roger A. Grimes. KnowBe4 recommends that everyone use a password manager to create and use strong passwords as a part of their password policy [link]. Social Engineering Phishing Spear Phishing

article thumbnail

Healthcare Providers and Hospitals Under Ransomware's Siege

Dark Reading

According to the FBI and Internet Crime Complaint Center, 25% of ransomware complaints involve healthcare providers

article thumbnail

QR Code Scam

Schneier on Security

An enterprising individual made fake parking tickets with a QR code for easy payment. Uncategorized forgery QR codes scams

article thumbnail

Why Governments Should Give Incentives for Collaboration

Data Breach Today

Global Cyber Alliance CEO Philip Reitinger Shares Updates, Challenges Global Cyber Alliance CEO Philip Reitinger shares updates on the alliance's Internet Integrity and Capacity & Resilience programs, which tackle key challenges of internet infrastructure, privacy and safety.

article thumbnail

12 Considerations When Evaluating Data Lake Engine Vendors for Analytics and BI

Businesses today compete on their ability to turn big data into essential business insights. Modern enterprises leverage cloud data lakes as the platform used to store data. 57% of the enterprises currently using a data lake cite improved business agility as a benefit.

article thumbnail

Everyone Is Using Google Photos Wrong

WIRED Threat Level

Ever-expanding cloud storage presents more risks than you might think. Security Security / Privacy

Cloud 87
article thumbnail

3 Industries, 3 Security Programs

Dark Reading

Security leaders from a media corporation, a commercial real estate company, and an automotive technology company share how they address cyber-risk

Risk 113
article thumbnail

Phishing Activity Rose 130% in the Second Half of 2022, Representing Three-Quarters of All Email-Based Attacks

KnowBe4

New data focused on cyberattacks in the second half of the year-to-date shows phishing taking the overwhelming lead as the initial attack vector of choice. Social Engineering Phishing

article thumbnail

Why Healthcare Needs to Beef Up Incident Response Plans

Data Breach Today

Effective testing of incident response plans continues to be a major weakness for many healthcare sector entities, especially those facing ransomware and other disruptive incidents, says Van Steel, a partner at consultancy LBMC Information Security

article thumbnail

Checklist Report: Preparing for the Next-Generation Cloud Data Architecture

Data architectures have evolved dramatically. It is time to reconsider the fundamental ways that information is accumulated, managed, and then provisioned to the different downstream data consumers.

article thumbnail

The Password Isn’t Dead Yet. You Need a Hardware Key

WIRED Threat Level

Any multifactor authentication adds protection, but a physical token is the best bet when it really counts. Security Security / Security Advice

article thumbnail

Why Attackers Target GitHub, and How You Can Secure It

Dark Reading

The unfettered collaboration of the GitHub model creates a security headache. Follow these seven principles to help relieve the pain

IT 113
article thumbnail

QBot Malware Attacks Use SVG files to Perform HTML Smuggling

KnowBe4

QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows. Social Engineering Phishing Malware

article thumbnail

Hacker Claims to Have Scraped 400M Twitter User Records

Data Breach Today

Regulatory Pressure over Security, Privacy Mounts on Beleaguered Social Media Firm A member of a criminal data breach forum says he's selling email addresses and phone numbers of 400 million Twitter users.

article thumbnail

7 Ways to Supercharge Your ABM Strategy with Real-Time Intent

Streaming real-time intent is a homerun for marketing and sales’ account-based marketing (ABM) strategies. With real-time buyer insights, you can be first-in-line to provide solutions and lead better, hyper-personalized conversations.

article thumbnail

Critical Linux Kernel flaw affects SMB servers with ksmbd enabled

Security Affairs

Experts warn of a critical Linux Kernel vulnerability (CVSS score of 10) impacting SMB servers that can lead to remote code execution. A critical Linux kernel vulnerability (CVSS score of 10) exposes SMB servers with ksmbd enabled to hack.

article thumbnail

Will the Crypto Crash Impact Cybersecurity in 2023? Maybe.

Dark Reading

Will the bottom falling out of the cryptocurrency market have a profound impact on cybercriminal tactics and business models? Experts weigh in on what to expect

Marketing 112
article thumbnail

Russia’s Cyberwar Foreshadowed Deadly Attacks on Civilians

WIRED Threat Level

The Kremlin’s aggression in Ukraine is following a dangerous playbook that began to unfold years ago. Security Security / National Security Security / Cyberattacks and Hacks