Thu.Feb 29, 2024

article thumbnail

FBI Is Focused on Election Integrity, Misinformation Threats

Data Breach Today

Agent Robert K. Tripp on FBI's Approach to Deepfakes, Nation-State Election Threats The U.S. presidential election is still eight months away, but the FBI is already seeing its share of cyberattacks, nation-state threats and AI-generated deepfakes. According to FBI Agent Robert K. Tripp, "We're no longer considering threats as a what-if situation; it's happening now.

IT 321
article thumbnail

Fulton County, Security Experts Call LockBit’s Bluff

Krebs on Security

The ransomware group LockBit told officials with Fulton County, Ga. they could expect to see their internal documents published online this morning unless the county paid a ransom demand. LockBit removed Fulton County’s listing from its victim shaming website this morning, claiming the county had paid. But county officials said they did not pay, nor did anyone make payment on their behalf.

Security 300
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cryptohack Roundup: FTX Updates

Data Breach Today

Also: Bitcoin Fog Case Testimony; Axie Infinity Co-Founder Hack This week, progress was made in the FTX case, a hacker testified in the Bitcoin Fog case, an Axie Infinity co-founder and a MicroStrategy account were hacked, the KyberSwap hacker moved funds, the EU has a new AMLA office, and Aleo was breached.

297
297
article thumbnail

Researchers found a zero-click Facebook account takeover

Security Affairs

A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed attackers to take control of any account. The Nepalese researcher Samip Aryal described the flaw as a rate-limiting issue in a specific endpoint of Facebook’s password reset flow.

Passwords 145
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Stages of LockBit Grief: Anger, Denial, Faking Resurrection?

Data Breach Today

Is LockBit a Kremlin Sock Puppet? Is Moscow using the Russian-speaking LockBit ransomware group as a tool to disrupt critical infrastructure and democracy in the West? While no publicly available evidence reveals direct ties, what are the chances that the prolific, trash-talking group has escaped authorities' attention - or demands?

More Trending

article thumbnail

ICO Reprimands UK Home Office for Privacy Violations

Data Breach Today

Home Office Electronic Migrant Tracking System Violates UK GDPR, Says ICO A defunct U.K. Home Office pilot project that tracked the whereabouts of 600 migrants violated British privacy law, the British data regulator said early Friday in London, giving the agency a deadline of nearly a month to bring its data processing requirements under compliance.

Privacy 273
article thumbnail

Lazarus APT exploited zero-day in Windows driver to gain kernel privileges

Security Affairs

North Korea-linked Lazarus APT exploited a zero-day flaw in the Windows AppLocker driver (appid.sys) to gain kernel-level access to target systems. Avast researchers observed North Korea-linked Lazarus APT group using an admin-to-kernel exploit for a zero-day vulnerability in the appid.sys AppLocker driver. The zero-day, tracked as CVE-2024-21338 has been addressed by Microsoft in the February Patch Tuesday update.

article thumbnail

US Coast Guard Expands Cyber Command to Combat New Threats

Data Breach Today

Officials Express Concern Over Growing Potential for Chinese Maritime Cyberthreats Officials from the U.S. Coast Guard Cyber Command told lawmakers Thursday the military branch is building out deployable teams of cybersecurity protection units and taking advantage of expanded authorities under a recent executive order to better protect Americas modern maritime infrastructure.

Military 272
article thumbnail

A Pornhub Chatbot Stopped Millions From Searching for Child Abuse Videos

WIRED Threat Level

Every time someone in the UK searched for child abuse material on Pornhub, a chatbot appeared and told them how to get help.

Security 141
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Rhysida Offers to Sell Children's Hospital Data for $3.4M

Data Breach Today

One Month Later, Lurie Children's Hospital Still Recovering From Ransomware Attack Ransomware group Rhysida is offering to sell "exclusive data" stolen from a Chicago children's hospital for $3.4 million on the dark web, while the hospital is still struggling to recover its IT systems, including its electronic health records and patient portal, one month after the attack.

article thumbnail

Is the LockBit gang resuming its operation?

Security Affairs

Experts warn that the LockBit ransomware group has started using updated encryptors in new attacks, after the recent law enforcement operation. The LockBit ransomware group appears to have fully recovered its operations following the recent law enforcement initiative, code-named Operation Cronos , which aimed to disrupt its activities. Researchers from Zscaler first observed the ransomware group using new ransom notes referencing the new Tor infrastructure.

IT 140
article thumbnail

'Silver SAML' Haunts Entra ID SIngle Sign On Security

Data Breach Today

Moving From AFDS to Avoid 'Golden SAML' Wasn't A Cure-All A post-SolarWinds move away from Active Directory Federation Services to Azure AD - now known as Entra ID - didn't necessarily stop hackers from forging single sign on authentication messages, warn security researchers from Semperis, who unveiled an attack they dub "Silver SAML.

Security 271
article thumbnail

New SPIKEDWINE APT group is targeting officials in Europe

Security Affairs

A new threat actor, tracked as dubbed SPIKEDWINE, has been observed targeting officials in Europe with a previously undetected backdoor WINELOADER. Zscaler researchers warn that a previously unknown threat actor dubbed SPIKEDWINE has been observed targeting European officials. The cyberspies used a bait PDF document masqueraded as an invitation letter from the Ambassador of India, inviting diplomats to a wine-tasting event in February 2024.

Archiving 138
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Lazarus Group Exploits Windows AppLocker Driver Zero-Day

Data Breach Today

Microsoft Fixed Bug in February That Gave Kernel-Level Access to North Korean APT North Korea's Lazarus hackers exploited a Windows AppLocker driver zero-day to gain kernel-level access and turn off security tools that could detect the group's bring-your-own-vulnerable-driver exploitation techniques. Microsoft fixed the bug in its February patch dump.

Access 265
article thumbnail

The UK’s GPS Tagging of Migrants Has Been Ruled Illegal

WIRED Threat Level

The UK’s privacy regulator says the government did not take into account the intrusiveness of ankle tags that continuously monitor a person’s location.

Privacy 129
article thumbnail

Your Supply Chain Is Your New Attack Surface

Data Breach Today

Your supply chain is your new attack surface, according to Galit Lubetzky Sharon, the co-founder and CEO of Wing Security. She discusses Wing's solution - Secure SaaS Posture Management, or SSPM - that helps organizations ensure that all of their SaaS apps are safe and compliant.

Security 249
article thumbnail

Here Are the Google and Microsoft Security Updates You Need Right Now

WIRED Threat Level

Plus: Mozilla patches 12 flaws in Firefox, Zoom fixes seven vulnerabilities, and more critical updates from February.

Security 123
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

HHS Targets Small Behavioral Health Clinic for HIPAA Violations Following Ransomware Investigation

Hunton Privacy

On February 21, 2024, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) entered into a resolution agreement and corrective action plan with Green Ridge Behavioral Health LLC (“GRBH”) stemming from the organization’s failure to comply with the Privacy and Security Rules of the Health Insurance Portability and Accountability Act (“HIPAA”) and subsequent failure to protect against a 2019 ransomware attack that impacted the personal health information (“PHI”) of more

article thumbnail

Russia Attacked Ukraine's Power Grid at Least 66 Times to ‘Freeze It Into Submission’

WIRED Threat Level

Several of the strikes occurred far from the front lines of the conflict, indicating possible war crimes. Researchers say the attacks likely had devastating impacts on civilians.

IT 105
article thumbnail

News alert: Silence Laboratories raises $4.1M for new privacy-preserving cryptography platform

The Last Watchdog

SINGAPORE – Feb. 29, 2024. In the modern age, large companies are wrestling to leverage their customers’ data to provide ever-better AI-enhanced experiences. But a key barrier to leveraging this opportunity is mounting public concern around data privacy, as ever-greater data processing poses risks of data leaks by hackers and malicious insiders. Silence Laboratories is on a mission to create infrastructure to enable complex data collaborations between enterprises and entities, without any sensi

Privacy 100
article thumbnail

Modern Device Management: the future of MDM

Jamf

The best IT managers support today’s workplace while preparing for what lies ahead. That’s what modern management is all about.

MDM 98
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Renewable energy in action: Examples and use cases for fueling the future

IBM Big Data Hub

As more countries, companies and individuals seek energy sources beyond fossil fuels, interest in renewable energy continues to rise. In fact, world-wide capacity for energy from solar, wind and other renewable sources increased by 50% in 2023. More than 110 countries at the United Nations’ COP28 climate change conference agreed to triple that capacity by 2030, and global investment in clean energy transition hit a record high of USD 1.8 trillion in 2023.

article thumbnail

The Future Needs You Today: A Conversation on AI & Decolonization with Karen Palmer

OpenText Information Management

AI is bringing us into a new epoch of human society—it is a force multiplier for human potential. OpenText is about Information Management + Data + AI + Trust. AI also reflects its creators. We are currently at a critical point with AI. This is our moment to build the future that we want to … The post The Future Needs You Today: A Conversation on AI & Decolonization with Karen Palmer appeared first on OpenText Blogs.

IT 72
article thumbnail

Think inside the box: Container use cases, examples and applications

IBM Big Data Hub

Container management has come a long way. For decades, managing containerized environments was a relatively simple affair. The modern idea of a computer container originally appeared back in the 1970s, with the concept first being used to help define application code on Unix systems. Modern containerization technology has moved on steadily from those early beginnings, and when companies run containers now, they’re getting a lot more utility for their investment.

Cloud 82
article thumbnail

FTC Announces $16.5 Million Settlement Against UK Service Provider and Ban from Selling Browsing Data for Advertising Purposes

Hunton Privacy

On February 22, 2024, the Federal Trade Commission announced a settlement order against Avast Limited (“Avast”) requiring Avast to pay $16.5 million and prohibiting Avast from selling or licensing any web browsing data for advertising purposes. This ban is to settle charges that the company and its subsidiaries sold such information to third parties after promising that its products would protect consumers from online tracking.

Privacy 69
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

3 tips for success in Application Delivery Management

OpenText Information Management

Success in Application Delivery Management (ADM) hinges on the ability to adapt to evolving technologies and methodologies. As we get into the swing of things in 2024, three key strategies emerge as essential for thriving in this area: embracing automation, prioritizing performance monitoring, and cultivating a culture of collaboration. Let’s dive into each of these … The post 3 tips for success in Application Delivery Management appeared first on OpenText Blogs.

69
article thumbnail

This DVD-sized disk can store a massive 125,000 gigabytes of data via Popular Science

IG Guru

Check out the article here. It can hold the same amount of information as 10,000 Blu-rays. The post This DVD-sized disk can store a massive 125,000 gigabytes of data via Popular Science first appeared on IG GURU.

IT 63
article thumbnail

HID Connects Podcast Season 2 Episode 2: What's Workplace Experience Got to Do With It?

HID Global

In this podcast episode, we delve into the most recent trends and advancements in security systems tailored for commercial real estate.

IT 59