Fri.Sep 06, 2024

article thumbnail

After CrowdStrike Outage: Time to Rebuild Microsoft Windows?

Data Breach Today

Global Outage Triggers Calls for 'Less-Invasive Access' to Essential Functions The global disruption caused by a faulty CrowdStrike software triggering a kernel panic and computer meltdowns has led government agencies, experts and vendors to call for rethinking Windows operating system resiliency, including the deep-level OS access security tools now require.

article thumbnail

Therapy Sessions Exposed by Mental Health Care Firm’s Unsecured Database

WIRED Threat Level

Video and audio of therapy sessions, transcripts, and other patient records were accidentally exposed in a publicly accessible database operated by the virtual medical company Confidant Health.

Access 131
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Moody's Ratings: Cyber Insurance Competition Up, Prices Down

Data Breach Today

Credit Rating Business Says Cyber Insurance Market 'Poised for Significant Growth' Competition has been increasing in the cyber insurance market, leading to a "moderate" decrease in insurance premiums after several years of rate increases. So reports Moody's Ratings, which said that the changes were driven by an influx of new players that is likely to continue.

Insurance 279
article thumbnail

Russia-linked GRU Unit 29155 targeted critical infrastructure globally

Security Affairs

The United States and its allies state that Russia-linked threat actors operating under the GRU are behind global critical infrastructure attacks. The FBI, CISA, and NSA linked threat actors from Russia’s GRU Unit 29155 to global cyber operations since at least 2020. These operations include espionage, sabotage, and reputational damage. The United States and its allies state that GRU is behind global critical infrastructure attacks.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

ISMG Editors: How Arrest of Telegram CEO Affects Encryption

Data Breach Today

Also: AI's Role in Cybersecurity; New Fraud Prevention Rules In the latest weekly update, ISMG editors discussed the implications of the recent arrest of Telegram's CEO in Paris for encrypted messaging services, the transformative impact of artificial intelligence in cybersecurity, and the latest regulations designed to curb fraud in electronic payments.

More Trending

article thumbnail

Absolute Purchases Syxsense to Tackle Cyber Vulnerabilities

Data Breach Today

Acquisition Brings Vulnerability Management to Absolute's Cyber Resilience Platform Absolute Security has strengthened its platform with the acquisition of Syxsense, adding powerful automated vulnerability management tools to its existing endpoint security capabilities. The move aims to improve security compliance and simplify complex remediation tasks for organizations.

article thumbnail

Car rental company Avis discloses a data breach

Security Affairs

Car rental giant Avis disclosed a data breach that impacted one of its business applications in August compromising customers’ personal information. Car rental company Avis notified customers impacted in an Augus data breach. Threat actors breached one of its business applications and gained access to some of the customers’ personal information. “We discovered on August 5, 2024, that an unauthorized third party gained access to one of our business applications.

article thumbnail

Critical GeoServer Flaw Enabling Global Hack Campaigns

Data Breach Today

Targets Includes Technology, Government and Telecommunications Sectors Cybercriminals are using a critical remote code execution vulnerability in an open-source geospatial data platform to spread malware globally across several industries. GeoServer Project maintainers released a patch on July 1. The vulnerability has a CVSS score of 9.8 out of 10.

article thumbnail

YubiKey Side-Channel Attack

Schneier on Security

There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. It’s a complicated attack , requiring the victim’s username and password, and physical access to their YubiKey—as well as some technical expertise and equipment. Still, nice piece of security analysis.

Passwords 104
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Feds Warn Health Sector to Patch Apache Tomcat Flaws

Data Breach Today

Healthcare Sector Heavily Relies on Open-Source Web Server; Older Flaws Pose Risk Federal authorities are alerting healthcare entities of vulnerabilities - including older flaws - that put Apache Tomcat at risk for attacks if left unmitigated. The open-source web server is heavily used in healthcare for hosting electronic health record and other systems and applications.

Risk 182
article thumbnail

Apache fixed a new remote code execution flaw in Apache OFBiz

Security Affairs

Apache addressed a remote code execution vulnerability affecting the Apache OFBiz open-source enterprise resource planning (ERP) system. Apache fixed a high-severity vulnerability, tracked as CVE-2024-45195 (CVSS score: 7.5) affecting the Apache OFBiz open-source enterprise resource planning (ERP) system. Apache OFBiz® is an open source product for the automation of enterprise processes that includes framework components and business applications.

article thumbnail

White House Launches Cyber, Tech and AI Hiring Sprint

Data Breach Today

'Service for America' Will Aim to Attract Diverse Candidates to the Cyber Workforce The White House announced a hiring sprint to fill cyber, technology and artificial intelligence jobs across federal agencies, dubbed Service for America, which aims to attract diverse candidates for critical open positions in the public sector - along with new incentives.

article thumbnail

Why you should stop using your solar-powered power bank (and try this alternative instead)

Collaboration 2.0

I've spent the summer testing solar-powered power banks. It turns out the devices are universally rubbish and potentially unsafe. Here's what I suggest using instead.

IT 98
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Phishing Attack Takes a Two-Step Approach to Leverage Legitimate Sites and Evade Detection

KnowBe4

Analysis of a new phishing attack demonstrates how attackers may take a longer path to reach their malicious goals while staying “under the radar” of security products.

Phishing 103
article thumbnail

Weekly Update 416

Troy Hunt

It's been a while since I've just gone all "AMA" on a weekly update, but this was just one of those weeks that flew by with my head mostly in the code and not doing much else. There's a bit of discussion about that this week, but it's mostly around the ongoing pain of resellers and all the various issues supporting them then creates as a result.

IT 89
article thumbnail

New global standard aims to build security around large language models

Collaboration 2.0

The WDTA framework spans the lifecycle of large language models, offering guidelines to manage integration with other systems.

article thumbnail

The NSA Has a Podcast—Here's How to Decode It

WIRED Threat Level

The spy agency that dared not speak its name is now the Joe Rogan of the SIGINT set. And the pod's actually worth a listen.

IT 89
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

This new self-cleaning robot vacuum can even wipe down your baseboards

Collaboration 2.0

Narwal has just released a new flagship robot vacuum and mop with do-it-all functions that will remind you of The Jetsons.

IT 98
article thumbnail

Live Video of Promachoteuthis Squid

Schneier on Security

The first live video of the Promachoteuthis squid, filmed at a newly discovered seamount off the coast of Chile. Blog moderation policy.

80
article thumbnail

Sonos is failing and millions of devices could become e-waste - why open-source audio is our only hope

Collaboration 2.0

Sonos' recent upheaval highlights the risks of closed systems in home audio. Here's how an open-source platform and universal speaker connectivity standard could benefit everyone.

Risk 98
article thumbnail

How to Use A Password Manager: Setup, Benefits & Best Practices in 2024

eSecurity Planet

We need secure and unique passwords to use business applications , access e-mail, and social media securely, and even watch movies on a streaming service. Password managers take some strain from generating, associating, and remembering those passwords. In this article, we’ll explain how password managers work, how to use a password manager, and how to choose the right one for your purposes.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

How to use Midjourney's website to generate amazing images with AI

Collaboration 2.0

Midjourney is an AI image generator that can conjure impressive logos, artwork, and other graphics based on your imaginative descriptions. Thanks to its new all-access website, it's now much easier to use.

Access 75
article thumbnail

TELUS’s metadata maximization: Driving automation to empower and connect

Collibra

No business connects 16 million customers to the world and brings in $15.5 billion in annual revenue without continuously pioneering the latest technology. For Canadian telecom giant TELUS, that means continual, incremental progress across its entire network — implementing solutions like metadata-driven automation to deliver better services to customers and empower the business.

article thumbnail

Apple will announce two new AirPods models on Monday. Here are the key differences

Collaboration 2.0

Apple's highly anticipated hardware event is this Monday, and two new AirPods will debut. Although they look very similar, here are the main differences you should know.

98
article thumbnail

Texas AG Hopes to Upend HIPAA Rules to Investigate Abortions

Data Breach Today

State Says HHS Erred by Shielding Reproductive Health Info From Law Enforcement Texas Attorney General Ken Paxton is suing the Biden administration alleging that "unlawful" HIPAA privacy rule regulations are hindering the state's law enforcement investigations into abortion and other reproductive health care cases.

Privacy 200
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Get Microsoft 365 for just $40 with this deal

Collaboration 2.0

With this 42% off deal, you can Access Office apps like Word, Excel, PowerPoint, and Outlook, along with 1TB of OneDrive cloud storage, for the lowest price we've seen.

Cloud 98
article thumbnail

The one Mac Studio feature keeping me from buying a new M4 Mac Mini this fall

Collaboration 2.0

Is the new M4 Mac Mini powerful enough to replace your Mac Studio? Maybe, but one missing feature is making me hold off. Could this small detail change your decision?

98
article thumbnail

One of the best rugged smartwatches I've tested uses GPT-4o for coaching and UI control

Collaboration 2.0

Amazfit continues to improve its smartwatch lineup and the T-Rex 3 provides personalized coaching plans, an AI assistant, and advanced health and wellness capabilities.

IT 75