Data Breach Today

DECEMBER 8, 2023

Also: Top Threat Actors Are Targeting Hospitals; Remembering Steve Katz In the latest weekly update, editors at ISMG discuss the rampant rise in healthcare sector attacks and breaches in 2023, the most common vulnerabilities and targets, and remember the life of the Steve Katz, the world's first CISO who inspired generations of security leaders.

Data breaches 292

Data breaches Security 292

Krebs on Security

APRIL 11, 2023

Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. CVE-2023-28205 can be used by a malicious or hacked website to install code. Both vulnerabilities are addressed in iOS/iPadOS 16.4.1,

Ransomware 243

Ransomware Access Phishing Security 243

Krebs on Security

MAY 9, 2023

Microsoft today released software updates to fix at least four dozen security holes in its Windows operating systems and other software, including patches for two zero-day vulnerabilities that are already being exploited in active attacks. “Once they gain initial access they will seek administrative or SYSTEM-level permissions.

Access 228

Access Ransomware Security IT 228

Krebs on Security

JANUARY 10, 2023

Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. Speaking of APT groups, the U.S.

Encryption 249

Encryption Security Access IT 249

Krebs on Security

AUGUST 8, 2023

today issued software updates to plug more than 70 security holes in its Windows operating systems and related products, including multiple zero-day vulnerabilities currently being exploited in the wild. They were assigned a single placeholder designation of CVE-2023-36884. Microsoft Corp.

Passwords 197

Passwords Security Risk IT 197

Krebs on Security

MARCH 15, 2023

Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. The Outlook vulnerability ( CVE-2023-23397 ) affects all versions of Microsoft Outlook from 2013 to the newest. “This is on par with an attacker having a valid password with access to an organization’s systems.”

Passwords 243

Passwords Authentication Cloud Access 243

Data Breach Today

NOVEMBER 28, 2023

CEO Adam Selipsky Unveils AI Assistant, Projects With Salesforce, NVIDIA, Anthropic In an effort to upstage Microsoft in the AI space, AWS CEO Adam Selipsky invited NVIDIA CEO Jensen Huang and Dario Amodei, co-founder of Anthropic, to share the stage at AWS re:Invent 2023.

Security 278

Security 278

Krebs on Security

JULY 11, 2023

today released software updates to quash 130 security bugs in its Windows operating systems and related software, including at least five flaws that are already seeing active exploitation. The latest security update that includes the fix for the zero-day bug should be available in iOS/iPadOS 16.5.1 , macOS 13.4.1 , and Safari 16.5.2.

Ransomware 213

Ransomware Security Phishing Authentication 213

Data Breach Today

JUNE 6, 2023

Report's Lead Author Shares Top Findings, Best Practices Pretexting incidents, a social engineering technique that manipulates victims into divulging information, have nearly doubled, representing 50% of all social engineering attacks, according to Verizon's 2023 Data Breach Investigations Report, which analyzed more than 16,312 security incidents. (..)

Data breaches 252

Data breaches Security 252

The Last Watchdog

JULY 11, 2023

Boston, July 7, 2023 — CybSafe, the human risk management platform, has today announced CEO Oz Alashe MBE has been named as a SecurityInfoWatch.com , Security Business and Security Technology Executive magazines’ 2023 Security Industry Innovator Award winner.

Security 178

Security Risk Education Marketing 178

Security Affairs

JANUARY 1, 2024

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Top 2023 Security Affairs cybersecurity stories) TB OF DATA STOLEN FROM DIGITAL INTELLIGENCE FIRM CELLEBRITE LEAKED ONLINE 1.7

Cybersecurity 104

Cybersecurity Security Sales Passwords 104

The Last Watchdog

DECEMBER 12, 2023

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up , just as they have, year-to-year, for the past 20 years. Eyal Benishti , CEO, IRONSCALES Benishti Generative AI (GenAI) reshaped cybersecurity in 2023. What should I be most concerned about – and focus on – in 2024?

Cybersecurity 258

Cybersecurity Phishing Authentication Analytics 258

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. In 2023, OmniVision employed 2,200 people and had an annual revenue of $1.4 In 2023, the imaging sensors manufacturer was the victim of a Cactus ransomware attack. OmniVision Technologies Inc.

Data breaches 101

Data breaches Ransomware Manufacturing Encryption 101

Data Breach Today

JUNE 16, 2023

Forrester's Brian Wrozek on Poison AI Data, Cloud Complexity, Nation-State Threats The potential for cybercriminals to reverse-engineer generative AI tools, the rise of geopolitical threats and increased cloud complexity are among the top new threats facing security teams in 2023, according to Forrester's Top Cybersecurity Threats In 2023 report.

Cloud 177

Cloud Cybersecurity Security 177

Thales Cloud Protection & Licensing

NOVEMBER 1, 2023

Thales Wins Big in 2023 madhav Thu, 11/02/2023 - 05:09 Here at Thales, we are incredibly proud of what we do. 2023 has been a particularly good year for us; keep reading for a run-through of our most recent successes. 2023 has been a particularly good year for us; keep reading for a run-through of our most recent successes.

Cloud 144

Cloud Cybersecurity Marketing Ransomware 144

Data Breach Today

JANUARY 7, 2024

SQL Injection Flaw Affects All Supported Versions of Ivanti Endpoint Manager Ivanti issued an urgent alert to users of its endpoint security product to patch a critical vulnerability that exposes systems to potential exploitation by unauthorized attackers.

Security 300

Security IT 300

eSecurity Planet

JANUARY 5, 2023

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. 2023, he predicted, “will not be any easier when it comes to keeping users’ data safe and private.” Trade Cyberthreats.

Security 145

Security Ransomware Cybersecurity Privacy 145

Data Breach Today

APRIL 24, 2023

Emerging AI Tech, Identity Concerns and Latest Threats Are Among the Hot Topics ISMG editors are live at RSA Conference 2023 in San Francisco with an overview of opening-day speakers and hot topics including the emergence of AI, the latest intel on nation-state threats, security product innovation and deals, and ransomware trends.

Ransomware 211

Ransomware Security 211

The Last Watchdog

DECEMBER 14, 2023

We asked two questions: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization? Their guidance: Brandon Colley , Principal Security Consultant, Trimarc Security Colley Some 10-year-old vulnerabilities are still wildly prevalent. Part three to follow on Friday.

Cybersecurity 235

Cybersecurity Cloud Risk Mining 235

Security Affairs

NOVEMBER 1, 2023

Experts warn that threat actors started exploiting the critical flaw CVE-2023-46747 in F5 BIG-IP installs less than five days after PoC exploit disclosure. F5 this week warned customers about a critical security vulnerability, tracked as CVE-2023-46747 (CVSS 9.8), that impacts BIG-IP and could result in unauthenticated remote code execution.

Authentication 108

Authentication Access Cybersecurity Security 108

Security Affairs

MARCH 7, 2024

The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 billion in 2023. The 2023 Internet Crime Report published the FBI’s Internet Crime Complaint Center (IC3) reveals that reported cybercrime losses reached $12.5 billion in 2023. billion in 2023 (+38%).

Ransomware 103

Ransomware Data breaches Personal data Phishing 103

IT Governance

OCTOBER 24, 2023

Publicly disclosed data breaches and cyber attacks City of Philadelphia discloses data breach after five months Date of breach: 24 May 2023 ( notice issued 20 October 2023). International Criminal Court says cyberattack was attempted espionage Date of breach: 19 September 2023 ( update on 20 October 2023).

Data Privacy 107

Data Privacy Privacy Security Data breaches 107

Security Affairs

NOVEMBER 29, 2023

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-6345, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day, tracked as CVE-2023-6345, in the Chrome browser.

Libraries 110

Libraries Security Access IT 110

Data Breach Today

FEBRUARY 28, 2024

Credential Stuffing Plummets, More Malicious Requests Detected Amid Huge Investment Okta's 90-day push to improve its security architecture and operations following a crippling October 2023 data breach delivered quick results, CEO Todd McKinnon said.

Security 248

Security Data breaches IT 248

The Last Watchdog

DECEMBER 14, 2023

Last Watchdog posed two questions: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization? Consumers will begin to see their favorite applications touting “quantum-secure encryption.” But they also increase the potential for security flaws and data privacy violations.

Cybersecurity 234

Cybersecurity Encryption Marketing Risk 234

Data Breach Today

APRIL 14, 2023

Special Guests Join Editors to Share RSA Predictions, Themes, Coverage In the latest weekly update, five key cybersecurity influencers join editors at Information Security Media Group to share predictions, themes and trends ahead of RSA Conference 2023, including a preview of speakers and interviews and an overview of ISMG's coverage at the event.

Information Security 141

Information Security Cybersecurity Security 141

Security Affairs

SEPTEMBER 11, 2023

Google rolled out emergency security updates to address a new Chrome zero-day (CVE-2023-4863) actively exploited in the wild. Google rolled out emergency security updates to address a zero-day vulnerability that has been actively exploited in attacks in the wild since the start of the year.

Libraries 113

Libraries Security IT Information Security 113

Data Breach Today

APRIL 28, 2023

Storm Clouds Are Brewing Over 'Secure by Design,' AI, Privacy and Regulations As the Information Security Media Group editors wrapped up their coverage of RSA Conference 2023, everyone agreed that it was good to have the cybersecurity community back together in one place, working to solve the serious issues it faces, including AI, adversaries and "regulatory (..)

Cloud 152

Cloud Privacy Information Security Cybersecurity 152

Security Affairs

SEPTEMBER 28, 2023

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-5217, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day flaw in the Chrome browser which is tracked as CVE-2023-5217.

Libraries 108

Libraries Passwords Security IT 108

Data Breach Today

JULY 5, 2023

Losses Plunge 54% YoY; Number of Security Incidents Stays About the Same Hackers kept pace with the rapid evolution of blockchain systems, stealing about $920 million in the first half of 2023. Cybercriminals attacked smart contracts, phished victims and stole from crypto exchanges in dozens of security incidents through June 30.

Blockchain 130

Blockchain Phishing Security 130

Security Affairs

SEPTEMBER 20, 2023

GitLab rolled out security patches to address a critical vulnerability, tracked as CVE-2023-5009, that can be exploited to run pipelines as another user. GitLab has released security patches to address a critical vulnerability, tracked as CVE-2023-5009 (CVSS score: 9.6), that allows an attacker to run pipelines as another user.

Access 104

Access Risk Security IT 104

Security Affairs

OCTOBER 18, 2023

Google’s Threat Analysis Group (TAG) reported that in recent weeks multiple nation-state actors were spotted exploiting the vulnerability CVE-2023-38831 in WinRAR. The researchers reported that several cybercrime groups began exploiting the flaw in early 2023, when the bug was still a zero-day. ” reported Google TAG.

Archiving 118

Archiving Security IT Data breaches 118

eSecurity Planet

SEPTEMBER 26, 2023

The Cisco+ Secure Connect SASE product builds off of Cisco’s networking expertise to provide a strong secure access service edge (SASE) solution. Founded in 1984, Cisco pioneered multiprotocol routers and networking and has built on this success to enter many related security fields.

Security 98

Security Cloud Access Authentication 98

Security Affairs

MARCH 13, 2024

Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomware attack had access to 27,000 people. 27, 2023. . Stanford was breached last year by Clop Ransomware.

Ransomware 105

Ransomware Data breaches Passwords Access 105

Security Affairs

DECEMBER 13, 2023

Microsoft Patch Tuesday security updates for December 2023 addressed 33 vulnerabilities in multiple products, including a zero-day. Microsoft Patch Tuesday security updates for December 2023 addressed 33 vulnerabilities in multiple products. In fact, this is the lightest release since December 2017. ” reported ZDI.

Security 109

Security IT 109

Security Affairs

APRIL 12, 2023

SAP April 2023 security updates include a total of 24 notes, 19 of which are new vulnerabilities. CVE-2023-28765 : An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management) – versions 420, 430, can exploit the issue to access to lcmbiar file and further decrypt the file.

Security 81

Security Education Authentication Passwords 81