Mon.May 13, 2024

article thumbnail

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit’s leader “ LockBitSupp ” claims the feds named the wrong guy, saying the charges don’t explain how they connected him to Khoroshev.

article thumbnail

How 'Radical Transparency' Can Bolster Cybersecurity

Data Breach Today

Ex-DHS Official Suzanne Spaulding and Jim Richberg of Fortinet on Critical Concepts The concept of "responsible radical transparency" plays a critical role in efforts to improve the state of cybersecurity, said Suzanne Spaulding, former undersecretary, Department of Homeland Security, and Jim Richberg, head of global policy and field CISO, Fortinet, who explain why.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Welcome to the Laser Wars

WIRED Threat Level

Amid a rising tide of adversary drones and missile attacks, laser weapons are finally poised to enter the battlefield.

Security 145
article thumbnail

Experts Warn the NVD Backlog Is Reaching a Breaking Point

Data Breach Today

Federal Database Nears 10,000 Unanalyzed Vulnerabilities Amid Halt in Operations The National Vulnerability Database is currently suffering from a backlog of nearly 10,000 unanalyzed common vulnerabilities and exposures amid an apparent halt in data enrichment operations and a growing debate over who should be in charge of overseeing the massive security risk library.

Libraries 173
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Russian hackers defaced local British news sites

Security Affairs

A group of hackers that defines itself as “first-class Russian hackers” claims the defacement of hundreds of local and regional British newspaper websites. A group claiming to be “first-class Russian hackers” defaced numerous local and regional British newspaper websites owned by Newsquest Media Group. The group defaced the home pages of the targeted websites and posted the message “PERVOKLASSNIY RUSSIAN HACKERS ATTACK.” The following image shows an archived version of t

CMS 144

More Trending

article thumbnail

Threat actors may have exploited a zero-day in older iPhones, Apple warns

Security Affairs

Apple rolled out urgent security updates to address code execution vulnerabilities in iPhones, iPads, and macOS. Apple released urgent security updates to address multiple vulnerabilities in iPhones, iPads, macOS. The company also warns of a vulnerability patched in March that the company believes may have been exploited as a zero-day. The issue impacts older iPhone devices, it is tracked as CVE-2024-23296 and is a memory corruption flaw in the RTKit.

Access 143
article thumbnail

Feds, Groups Warn Health Sector of Black Basta Threats

Data Breach Today

Advisories Come As Black Basta Appears Responsible for Ascension Ransomware Attack U.S. federal authorities warn that the Russian-speaking ransomware group Black Basta is actively targeting American critical infrastructure amid reports that it's behind the ransomware attack on hospital chain Ascension. The hospital chain is still operating under downtime procedures.

article thumbnail

Internal Emails Show How a Controversial Gun-Detection System Found Its Way to NYC

WIRED Threat Level

NYC mayor Eric Adams wants to test Evolv’s gun-detection tech in subway stations—despite the company saying it’s not designed for that environment. Emails obtained by WIRED show how the company still found an in.

IT 139
article thumbnail

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. New Jersey’s Cybersecurity and Communications Integration Cell (NJCCIC) reported that since April, threat actors used the the Phorpiex botnet to send millions of phishing emails as part of a LockBit Black ransomware campaign.

Phishing 138
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

News alert: Criminal IP and Quad9 collaborate to exchange domain and IP threat intelligence

The Last Watchdog

Torrance, Calif., May 13, 2024, CyberNewsWire — Criminal IP, a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA, has recently signed a technology partnership to exchange threat intelligence data based on domains and potentially on the IP address to protect users by blocking threats to end users. Criminal IP underwent rigorous data evaluation to integrate with Quad9’s threat-blocking service, demonstrating high data uniqueness and accuracy.

Phishing 130
article thumbnail

Australian Firstmac Limited disclosed a data breach after cyber attack

Security Affairs

Firstmac Limited disclosed a data breach after the new Embargo extortion group leaked over 500GB of data allegedly stolen from the company. Firstmac Limited, one of the largest non-bank lenders in Australia, disclosed a data breach. Firstmac Limited is an Australian owned company with experience in home and investment loans. They have a range of market insurance products backed by international company, Allianz Group.

article thumbnail

Cinterion IoT Cellular Modules Vulnerable to SMS Compromise

Data Breach Today

Modules Widely Deployed in Manufacturing, Telecommunications and Healthcare Devices Multiple types of Telit Cinterion cellular modules for IoT and machine-to-machine devices, which are widely used across industrial, financial services, telecommunications and healthcare environments, are vulnerable to being remotely compromised via malicious SMS messages, security researchers warn.

IoT 130
article thumbnail

The $2.3 Billion Tornado Cash Case Is a Pivotal Moment for Crypto Privacy

WIRED Threat Level

Tuesday’s verdict in the trial of Alexey Pertsev, a creator of crypto-privacy service Tornado Cash, is the first in a string of cases that could make it much harder to skirt financial surveillance.

Privacy 129
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

US and China to Hold Discussions on AI Risks and Security

Data Breach Today

White House Announces High-Level Talks With Beijing on Advanced AI Systems Senior White House officials will hold a series of high-level conversations with Chinese counterparts on the security and risks associated with advanced artificial intelligence systems, U.S. officials told reporters, amid growing tensions and a historic low point in U.S.-China relations.

article thumbnail

LLMs’ Data-Control Path Insecurity

Schneier on Security

Back in the 1960s, if you played a 2,600Hz tone into an AT&T pay phone, you could make calls without paying. A phone hacker named John Draper noticed that the plastic whistle that came free in a box of Captain Crunch cereal worked to make the right sound. That became his hacker name, and everyone who knew the trick made free pay-phone calls. There were all sorts of related hacks, such as faking the tones that signaled coins dropping into a pay phone and faking tones used by repair equipment.

Risk 118
article thumbnail

Reality Hijacked: Deepfakes, GenAI, and the Emergent Threat of Synthetic Media

KnowBe4

"Reality Hijacked" isn't just a title—it's a wake-up call. The advent and acceleration of GenAI is redefining our relationship with 'reality' and challenging our grip on the truth.

IT 105
article thumbnail

New alert: Logicalis enhances global security services with the launch of Intelligent Security

The Last Watchdog

London, United Kingdom, May 13, 2024, CyberNewsWire — Logicalis, the global technology service provider delivering next-generation digital managed services, has today announced the launch of Intelligent Security, a blueprint approach to its global security portfolio designed to deliver proactive advanced security for customers worldwide. Intelligent Security has been designed by Logicalis’ worldwide team of security specialists to give customers the most comprehensive observability a

Security 100
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

The best travel VPNs of 2024: Expert tested and reviewed

Collaboration 2.0

We tested the best travel VPNs that offer solid security and fast connections while you're on the road, working remotely, or vacationing.

article thumbnail

Scaling generative AI with flexible model choices

IBM Big Data Hub

This blog series demystifies enterprise generative AI (gen AI) for business and technology leaders. It provides simple frameworks and guiding principles for your transformative artificial intelligence (AI) journey. In the previous blog , we discussed the differentiated approach by IBM to delivering enterprise-grade models. In this blog, we delve into why foundation model choices matter and how they empower businesses to scale gen AI with confidence.

article thumbnail

Innovative approaches to literacy: Libraries Change Lives

CILIP

Innovative approaches to literacy: Libraries Change Lives Librarians from across the country have been submitting their stories of impact to share with MPs and political leaders as part of the Libraries Change Lives Campaign. The Games Library initiative by Westminster City Council and the Royal Borough of Kensington and Chelsea (RBKC), has made a positive impact on literacy, language development and communication skills for young people.

article thumbnail

Vulnerability Recap 5/13/24 – F5, Citrix & Chrome

eSecurity Planet

Big vendor vulnerabilities from F5, Citrix, and Chrome will lead the headlines with highly dangerous vulnerabilities in popular products. However, the most dangerous vulnerabilities might be the lesser known Tinyproxy and Cinterion Cellular Modem flaws. Small business owners tend to adopt Tinyproxy and also tend to use part-time IT resources which potentially threatens related supply chains with third-party risk.

IoT 68
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

NIST publishes new guides on AI risk for developers and CISOs via CSO Online

IG Guru

Check out the article here. The post NIST publishes new guides on AI risk for developers and CISOs via CSO Online first appeared on IG GURU.

Risk 65
article thumbnail

Unlocking the Cloud: Microsoft and Thales Spearhead Passwordless & MFA for Organizations moving to Microsoft 365.

Thales Cloud Protection & Licensing

Unlocking the Cloud: Microsoft and Thales Spearhead Passwordless & MFA for Organizations moving to Microsoft 365. madhav Tue, 05/14/2024 - 05:47 Thales and Microsoft: a long partnership in Identity Security Thales and Microsoft recently celebrated their long-term partnership at the Microsoft Security Excellence Award Ceremony during RSA Conference 2024, as Thales won the Identity Trailblazer Award.

Cloud 62
article thumbnail

HID Announces Integration With Q2’s Digital Banking Platform to Help Change How Banking Customers Authenticate

HID Global

HID announces its strategic partnership and integration with Q2 Holdings. Together, they will redefine the banking authentication experience.

article thumbnail

What does AI mean for leaders?

CGI

How to scale AI’s impact and accelerate outcomes Cutting through the noise around AI: Where do we really stand? My conversations with industry executives about AI largely fall into two camps—those who see AI as uniquely transformative, and those who view it as a powerful and disruptive tool, but at the core still a technology that will follow the same patterns they’ve seen before.

IT 52
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

CRN Recognizes Adapture Employees on Women of the Channel List

Adapture

Adapture’s Laura Burdine and Mary Folsom Showcased among Channel Leaders ATLANTA, May 13, 2024 – Adapture is pleased to announce that CRN ® , a brand of The Channel Company , has recognized Laura Burdine, Director of Sales Operations, and Mary Folsom, Manager of Channel Marketing and Demand Generation, on its 2024 Women of the Channel List. Every year, CRN highlights women from vendor, distributor and solution provider organizations whose vision and leadership have a beneficial influence on the

Sales 52
article thumbnail

Look to the future: the art of planning ahead

CILIP

Supporting Professional Registration Ben Lee. Future Libraries is a project that was launched by CILIP earlier this year, in conjunction with Shared Intelligence. The aim was to help public -library services to look to the future and plan ahead – not always an easy task. The result is a step-by-step guide and resource pack that helps library service managers to better understand the risk and opportunity – here Shared Intelligence’s Ben Lee discusses the project ahead of a workshop at this year’s

article thumbnail

MY TAKE: RSAC 2024’s big takeaway: rules-based security is out; contextual security is taking over

The Last Watchdog

KINGSTON, Wash. — U.S. Secretary of State Antony Blinken opened RSA Conference 2024 last week issuing a clarion call for the cybersecurity community to defend national security, nurture economic prosperity and reinforce democratic values. Related: The power of everyman conversing with AI Blinken That’s a tall order. My big takeaway from RSAC 2024 is this: the advanced technology and best practices know-how needed to accomplish the high ideals Secretary Blinken laid out are readily at hand

Security 278