Thu.Jan 11, 2024

article thumbnail

How the Merck Case Shapes the Future of Cyber Insurance

Data Breach Today

Merck & Co.'s proposed settlement with insurers over a $1.4 billion claim related to the NotPetya attack will change the language the insurance industry uses to exclude acts of war in its policies, and organizations need to consider how those changes affect risk, said attorney Peter Halprin.

Insurance 318
article thumbnail

X Account of leading cybersecurity firm Mandiant was hacked because not adequately protected

Security Affairs

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. The X account of the Google-owned firm Mandiant has over 120,000 followers.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Top Takeaways From the Hijacking of Mandiant's X Account

Data Breach Today

All Organizations That Use X Should Review Their Two-Factor Authentication Settings Google Cloud's Mandiant says its account at X, formerly Twitter, was hijacked and used to link to cryptocurrency phishing pages after an attacker guessed the account password, apparently after Twitter last year deactivated the account's SMS-based two-factor authentication, leaving it unprotected.

article thumbnail

US School Shooter Emergency Plans Exposed in a Highly Sensitive Database Leak

WIRED Threat Level

More than 4 million school records, including safety procedures, student medical files, and court documents, were also publicly accessible online.

Access 137
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Breach Roundup: FTC Bans Data Broker From Sharing Locations

Data Breach Today

Also: Microsoft Fixes 48 Flaws in January Patch Tuesday But No Zero-Days This week: Microsoft addressed 48 security flaws, AsyncRAT targeted critical infrastructure operators, the Supreme Court rejected X Corp.'s bid to disclose national security requests, hackers hit Beirut airport flight displays, the FTC banned Outlogic from sharing sensitive location data, and more.

Security 303

More Trending

article thumbnail

Turkish Hackers Exploit MS SQL Servers to Deliver Ransomware

Data Breach Today

Financially Motivated Actors Targeting US, EU and LATAM Countries Financially motivated Turkish hackers are targeting Microsoft SQL servers in the United States, Europe and Latin America in hacking that ultimately ends with deployment of Mimic ransomware or the sale of access to infected hosts on criminal online markets.

article thumbnail

Child Abusers Are Getting Better at Using Crypto to Cover Their Tracks

WIRED Threat Level

Crypto tracing firm Chainalysis found that sellers of child sexual abuse materials are successfully using “mixers” and “privacy coins” like Monero to launder their profits and evade law enforcement.

Privacy 133
article thumbnail

Suspected Chinese Hackers Exploit 2 Ivanti Zero-Days

Data Breach Today

Cyber Agencies Urge Users to Apply Workaround in the Absence of Patches Hackers possibly connected to the Chinese government since December have exploited two zero-days in a VPN from software developer Ivanti that is widely used by governments and corporations, and a patch won't be available until later this month.

article thumbnail

Two zero-day bugs in Ivanti Connect Secure actively exploited

Security Affairs

Ivanti revealed that two threat actors are exploiting two zero-day vulnerabilities in its Connect Secure (ICS) and Policy Secure. Software firm Ivanti reported that threat actors are exploiting two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways.

Security 132
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Cryptohack Roundup: It's Raining Phishing Scams on X

Data Breach Today

Also: Bitcoin ETP, Gamma and dYdX Attacks, 2023 Hack Stats This week, hackers ran crypto phishing scams on X accounts, the SEC approved bitcoin ETP, hackers stole $3.4 million from Gamma, dYdX detailed post-hack steps, CertiK published 2023 hack stats, TRM Labs discussed North Korean hacking and Apple India blocked users from offshore crypto exchanges.

Phishing 289
article thumbnail

Microsoft Takes the Lead in Q4 2023 for Alarming Phishing Attempts

KnowBe4

Microsoft was the most impersonated brand last quarter, accounting for a third (33%) of all brand phishing attempts in October, November, and December 2023, according to Check Point’s Brand Phishing Report for Q4 2023.

Phishing 124
article thumbnail

Attackers' GitHub Abuse Poses Growing Risk, Researchers Warn

Data Breach Today

Cybersecurity Researchers Detail Defenses Against Attackers Abusing Cloud Services While cybercriminals and advanced persistent threat groups have long abused legitimate internet services both to scale and disguise various types of attacks, a new report warns of a growing challenge posed by the illegitimate use of GitHub and offers essential defenses for users.

Risk 282
article thumbnail

KnowBe4 Named a Leader in the Winter 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR)

KnowBe4

We are excited to announce that KnowBe4 has been named a leader in the Winter 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the PhishER platform for the eleventh consecutive quarter!

Security 124
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Pharmacies Giving Patient Records to Police without Warrants

Schneier on Security

Add pharmacies to the list of industries that are giving private data to the police without a warrant.

article thumbnail

[New Phishing Template] Formula 1 Exclusive: Gene Haas on Guenther Steiner's Departure

KnowBe4

In a surprising turn of events for Formula 1 enthusiasts, the Haas F1 Team is grappling with the departure of its widely-respected Team Principal, Guenther Steiner. Let's dive into the implications of Guenther Steiner's departure and more information on a new template that our KnowBe4 customers can access in the ModStore now!

Phishing 124
article thumbnail

Why BYOD Is the Favored Ransomware Backdoor

eSecurity Planet

When remote workers connect bring-your-own-device (BYOD) laptops, desktops, tablets, and phones to corporate assets, risk dramatically increases. These devices exist outside of direct corporate management and provide a ransomware gang with unchecked platforms for encrypting data. Ransomware remains just one of many different threats and as security teams eliminate key vectors of attack, adversaries will shift tactics.

article thumbnail

FTC Issues Warning About the Dangers of QR Code-Based Scams

KnowBe4

The latest consumer alert posted by the federal trade commission (FTC) signals that the upticks in QR code-based scams are being seen by cybersecurity vendors are indeed a valid growing problem.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

What is an Apple MDM server?

Jamf

Are you diving into the world of device management? In this blog, learn about Apple MDM: from what it is to how to get started with it in your organization.

MDM 115
article thumbnail

Beware of "Get to Know Me" Surveys

KnowBe4

Trained security awareness professionals are aware that whatever someone says about themselves and personal experiences can be used against them in a social engineering scam. It is always good to share that message, at least once a year with co-workers, family members, and friends.

article thumbnail

Modernizing mainframe applications with a boost from generative AI

IBM Big Data Hub

Look behind the scenes of any slick mobile application or commercial interface, and deep beneath the integration and service layers of any major enterprise’s application architecture, you will likely find mainframes running the show. Critical applications and systems of record are using these core systems as part of a hybrid infrastructure. Any interruption in their ongoing operation could be disastrous to the continued operational integrity of the business.

article thumbnail

ARMA Sunshine Conference 2024 Speaker and Schedule

IG Guru

Speakers listed here. The post ARMA Sunshine Conference 2024 Speaker and Schedule first appeared on IG GURU.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Business disaster recovery use cases: How to prepare your business to face real-world threats

IBM Big Data Hub

Successful business owners know how important it is to have a plan in place for when unexpected events shut down normal operations. Modern enterprises face many types of disasters, including pandemics, cyberattacks , large-scale power outages and natural disasters. Last year, companies around the world spent close to USD 219 billion on cybersecurity and security solutions, a 12% increase from the previous year according to the International Data Corporation (IDC) (link resides outside ibm.com.

Cloud 92
article thumbnail

Global analyst firm names OpenText a leader in digital asset management

OpenText Information Management

Billions of rich media assets are created every day for new and emerging channels. With all this creative, consistency is a challenge that goes right to the bottom line. Research shows 68% of businesses say brand consistency has contributed at least 10% in revenue growth while 88% of customers say authenticity is a factor when … The post Global analyst firm names OpenText a leader in digital asset management appeared first on OpenText Blogs.

article thumbnail

5 ways IBM helps manufacturers maximize the benefits of generative AI

IBM Big Data Hub

While still in its early stages, generative AI can provide powerful optimization capabilities to manufacturers in the areas that matter most to them: productivity, product quality, efficiency, worker safety and regulatory compliance. Generative AI can work with other AI models to increase accuracy and performance, such as augmenting images to improve quality evaluation of a computer vision model.

article thumbnail

Unveiling OpenText’s leadership position in digital experience management

OpenText Information Management

Providing a captivating digital experience is challenging. Users form an opinion on a website in just 0.05 seconds, moving on quickly if it doesn’t hold their interest. The way customers interact with the web and the world around them is constantly evolving. In fact, an overwhelming majority of global executives – 95% – say customers … The post Unveiling OpenText’s leadership position in digital experience management appeared first on OpenText Blogs.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Getting back to basics: How manufacturers can navigate a “perfect storm” of challenges

CGI

In this blog, I share key insights from the 2023 Voice of Our Clients (VOC) research gathered from one-on-one conversations with 173 manufacturing executives across sectors, including what digital leaders are doing differently to accelerate results.

article thumbnail

Quantifying the impact of B2B integration on supply chain operations 

OpenText Information Management

Let’s face it: buying strategic IT solutions is not easy. Complexities around technical details, cascading effects across different functions of the organization, and meeting the needs of various stakeholders require intense focus and effective communication when making the purchasing decision. And after succeeding with that, you then have to tackle hurdles around adoption and measuring … The post Quantifying the impact of B2B integration on supply chain operations appeared first on OpenT

B2B 59
article thumbnail

From NBA courtside to global CDO: The journey of data visionary Inderpal Bhandari

Reltio

In the latest episode of the DataDriven podcast, Manish Sood, CEO and Founder of Reltio sat down with Dr. Inderpal Bhandari, a visionary who revolutionized data analytics in professional sports and beyond. Their discussion spanned from his pioneering work in the NBA to his influential role in shaping the position of Chief Data Officer (CDO) in large enterprises.