Mon.Jun 03, 2024

article thumbnail

Hacker Sells Apparent Santander Bank Customer Data

Data Breach Today

ShinyHunters Advertises Data Set of '30 Million Customers' for $2 Million A hacker is selling the purported data of 30 million customers of Spanish multinational bank Santander for $2 million on a criminal online forum the FBI recently attempted to shut down. Sample data posted online suggests the data set is genuine.

315
315
article thumbnail

RSAC Fireside Chat: NightVision shines a light on software vulnerabilities, speeds up remediation

The Last Watchdog

When Log4J came to light in 2021, Kinnaird McQuade , then a security engineer at Square , drew the assignment of testing endpoints at some 5,000 users of the popular mobile payments service. Related: The big lesson from Log4J “It took us eight hours to run the scan and I was sweating it because these were all small family businesses that depended on Square, and if any of them got popped, it would be real people that were affected,” McQuade told me.

Security 147
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Snowflake Clients Targeted With Credential Attacks

Data Breach Today

Company Says Single-Factor Authentication Accounts Are to Blame - Not a Flaw Hackers are targeting clients of artificial intelligence data platform provider Snowflake that lack multifactor authentication, the company warns. Threat actors are compromising organizations’ Snowflake customer tenants by using stolen credentials obtained by info-stealing malware, said Mandiant.

article thumbnail

Experts found information of European politicians on the dark web

Security Affairs

Personal information of hundreds of British and EU politicians is available on dark web marketplaces. According to research conducted by Proton and Constella Intelligence, the email addresses and other sensitive information of 918 British MPs, European Parliament members, and French deputies and senators are available in the dark web marketplaces. 40% of 2,280 official government email addresses from the British, European, and French Parliaments were exposed, including passwords, birth dates, an

Passwords 145
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Lawmakers Urge Pentagon to Diversify Cybersecurity Vendors

Data Breach Today

Concerns Grow Over Department of Defense Plans to Invest More in Microsoft Products A bipartisan pair of senators sent a letter to the Department of Defense expressing "serious concern" after a draft memo stated that all department components must further invest in and implement Microsoft's product upgrades despite numerous high-profile security incidents.

More Trending

article thumbnail

OpenAI Disrupts AI-Deployed Influence Operations

Data Breach Today

Low-Impact Disinformation Campaigns Based in Russia, China, Iran, Israel OpenAI said it disrupted covert influence operations, including some from China and Russia, that attempted to use its artificial intelligence services to manipulate public opinion. The operations do not appear to have had much impact on audience engagement or the spreading of manipulative messages.

article thumbnail

CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

CISA adds Oracle WebLogic Server OS command injection vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Oracle WebLogic Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The issue, tracked as CVE-2017-3506 (CVSS score 7.4), is an OS command injection.

IT 139
article thumbnail

New Logpoint CEO Mikkel Drucker Seeks Growth Via M&A, MSSPs

Data Breach Today

SIEM Provider Focuses on Acquisitions, Partner Channels, European Union Compliance New Logpoint CEO Mikkel Drucker is leading the charge for profitable growth with a strategy centered on acquisitions, expanding partner channels and adhering to strict European Union compliance standards. The focus is on enhancing platform capabilities to serve the midmarket.

article thumbnail

Multiple flaws in Cox modems could have impacted millions of devices

Security Affairs

Researcher discovered several authorization bypass vulnerabilities in Cox modems that potentially impacted millions of devices. The security researcher Sam Curry discovered multiple issues in Cox modems that could have been exploited to modify the settings of the vulnerable modem and run malicious commands on them. Cox is the largest private broadband provider in the United States, the third-largest cable television provider, and the seventh-largest telephone carrier in the country.

Passwords 134
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Feds Say Change Healthcare Can Handle Breach Notification

Data Breach Today

HHS OCR Advises HIPAA-Covered Entities to Coordinate Notification Duties With UHG Tens of thousands of hospitals and medical practices can breathe a little easier now. Federal regulators have given the green light for Change Healthcare to handle the breach notification to tens of millions of individuals affected in a February cyberattack. But the devil is in the details.

162
162
article thumbnail

Spanish police shut down illegal TV streaming network

Security Affairs

Spanish police dismantled a pirated TV streaming network that allowed its operators to earn over 5,300,000 euros since 2015. The Spanish National Police dismantled a network that illicitly distributed audiovisual content, earning over 5,300,000 euros since 2015. The police arrested eight individuals in Las Palmas de Gran Canaria, Madrid, Oviedo, and Málaga, and searched two homes.

Marketing 132
article thumbnail

Scaling Threat Intel, Consulting: Mandiant's Way With Google

Data Breach Today

Mandiant's Sandra Joyce, Jurgen Kutscher Talk Post-Acquisition Growth, Innovations Sandra Joyce and Jurgen Kutscher highlight the significant advancements in Mandiant's threat intelligence and consulting services following Google's September 2022 acquisition, emphasizing improved scalability, engineering support and global reach as well as new focuses on AI and cloud threats.

Cloud 162
article thumbnail

AI Will Increase the Quantity—and Quality—of Phishing Scams

Schneier on Security

A piece I coauthored with Fredrik Heiding and Arun Vishwanath in the Harvard Business Review : Summary. Gen AI tools are rapidly making these emails more advanced, harder to spot, and significantly more dangerous. Recent research showed that 60% of participants fell victim to artificial intelligence (AI)-automated phishing, which is comparable to the success rates of non-AI-phishing messages created by human experts.

Phishing 129
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Senator Urges FTC, SEC to Investigate UHG's Cyberattack

Data Breach Today

Asks Agencies Not to 'Scapegoat' Firm's CISO, But to Hold CEO and Board Accountable U.S. Sen. Ron Wyden, D-Ore., is urging the U.S. Securities and Exchange Commission and the Federal Trade Commission to open investigations into the February cyberattack on UnitedHealth Group's Change Healthcare unit and asking the agencies to hold the company's CEO and board responsible.

Security 162
article thumbnail

Your KnowBe4 Compliance Plus Fresh Content Updates from May 2024

KnowBe4

Check out the May updates in Compliance Plus so you can stay on top of featured compliance training content.

article thumbnail

Seeing Like a Data Structure

Schneier on Security

Technology was once simply a tool—and a small one at that—used to amplify human intent and capacity. That was the story of the industrial revolution: we could control nature and build large, complex human societies, and the more we employed and mastered technology, the better things got. We don’t live in that world anymore. Not only has technology become entangled with the structure of society, but we also can no longer see the world around us without it.

article thumbnail

Russia’s Military Intelligence Service Launches Spear Phishing Attacks

KnowBe4

Researchers at Recorded Future warn that BlueDelta, a threat actor tied to Russia’s GRU, is launching spear phishing attacks against European defense and transportation entities.

Phishing 113
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Vulnerability Recap 6/3/24 – Check Point, Okta & Fortinet Issues

eSecurity Planet

Last week, major security vendors Check Point and Okta both notified customers of threats, and an old Fortinet vulnerability reared its head when researchers published a proof of concept for it. Spoofed browser upgrades download malware onto victims’ computers, and threat actors have been actively exploiting a Linux kernel vulnerability. Check your vendors’ security bulletins regularly, and make sure your team is following security news to patch issues as soon as they arise.

article thumbnail

New Transparent Phishing Attacks Leverage Cloudflare Worker Serverless Computing

KnowBe4

An increasing number of phishing campaigns from several threat groups are being tracked as they leverage legitimate Cloudflare services as part of account compromise attacks.

Phishing 109
article thumbnail

Types of central processing units (CPUs)

IBM Big Data Hub

What is a CPU? The central processing unit (CPU) is the computer’s brain. It handles the assignment and processing of tasks and manages operational functions that all types of computers use. CPU types are designated according to the kind of chip that they use for processing data. There’s a wide variety of processors and microprocessors available, with new powerhouse processors always in development.

article thumbnail

The best Bluetooth trackers of 2024: Expert tested

Collaboration 2.0

We tested the best Bluetooth trackers (including AirTags and Tile trackers) to keep tabs on your belongings, whether you use iOS or Android.

76
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Field programmable gate arrays (FPGAs) vs. microcontrollers: What’s the difference?

IBM Big Data Hub

Field programmable gate arrays (FPGAs) and microcontroller units (MCUs) are two types of commonly compared integrated circuits (ICs) that are typically used in embedded systems and digital design. Both FPGAs and microcontrollers can be thought of as “small computers” that can be integrated into devices and larger systems. As processors, the primary difference between FPGAs and microcontrollers comes down to programmability and processing capabilities.

article thumbnail

What Is SOAR? Definition, Benefits & Use Cases

eSecurity Planet

Security orchestration, automation, and response (SOAR) is both a technology and a broad approach to cybersecurity that centralizes common team responsibilities in a single platform. It’s designed to ease the workload on overworked security teams, helping them develop workflows that detect and respond to threats automatically. SOAR combines multiple tasks, including both detection and response, for a more comprehensive cybersecurity strategy.

article thumbnail

Data Defense: Leveraging SaaS Security Tools

Thales Cloud Protection & Licensing

Data Defense: Leveraging SaaS Security Tools madhav Tue, 06/04/2024 - 05:15 The Software-as-a-Service (SaaS) market has burgeoned in recent years, driven by its convenience, scalability, and cost-effectiveness. As per the Thales 2024 Data Threat Report , enterprises reported they were using, on average, 84 SaaS apps in their operations. However, with this growth comes the challenge of organizational SaaS sprawl, as businesses adopt multiple SaaS applications across various departments without a

article thumbnail

Streamlining digital commerce: Integrating IBM API Connect with ONDC 

IBM Big Data Hub

In the dynamic landscape of digital commerce, seamless integration and efficient communication drive the success of buyers, sellers and logistics providers. The Open Network for Digital Commerce (ONDC) platform stands as a revolutionary initiative to streamline the digital commerce ecosystem in India. When coupled with the robust capabilities of IBM API Connect®, this integration presents a game-changing opportunity for buyers, sellers and logistics partners to thrive in the digital marketp

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

4 ways CFOs can navigate the incoming wave of digital finance transformation

CGI

Imagine a world in which digital technologies, like artificial intelligence, run most CFO functions. While this might seem futuristic, it’s here today. IT modernization is rapidly impacting an increasing number of CFO functions, generating a significant return on investment and freeing up the CFO to focus on more strategic and value-added functions.

article thumbnail

Biometrics in Air Travel: Empowering a More Enjoyable Journey From Home to Gate

HID Global

Biometric identification & verification streamlines the air travel journey, improves security and enhances the passenger experience.

article thumbnail

Jamf After Dark: Jamf Executive Threat Protection

Jamf

Learn about how Jamf Executive Threat Protection defends your mobile devices from the most sophisticated cyber threats.

40