Fri.Dec 29, 2023

article thumbnail

How One University Is Beefing Up Cyber Defenses, Programs

Data Breach Today

Educational institutions are prime targets for ransomware and other cyberattacks due to their open nature and troves of sensitive data, requiring continuous investment in cyber defenses and strong security practices, said Steve Zuromski, CIO at Bridgewater State University in Massachusetts.

Education 302
article thumbnail

Happy 14th Birthday, KrebsOnSecurity!

Krebs on Security

KrebsOnSecurity celebrates its 14th year of existence today! I promised myself this post wouldn’t devolve into yet another Cybersecurity Year in Review. Nor do I wish to hold forth about whatever cyber horrors may await us in 2024. But I do want to thank you all for your continued readership, encouragement and support, without which I could not do what I do.

Paper 257
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft Disables Abused Application Installation Protocol

Data Breach Today

Attackers Have Been Exploiting App Installer to Evade Malware Defenses in Windows Microsoft has deactivated a tool designed to simplify the installation of Windows applications after hacking groups began exploiting the functionality to distribute malware loaders, leading to infections involving backdoors and ransomware.

article thumbnail

New Version of Meduza Stealer Released in Dark Web

Security Affairs

The Resecurity’s HUNTER unit spotted a new version of the Meduza stealer (version (2.2)) that was released in the dark web. On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). One of the key significant improvements are support of more software clients (including browser-based cryptocurrency wallets), upgraded credit card (CC) grabber, and additional advanced mechanisms for password storage dump on var

Passwords 145
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

OpenAI and Microsoft Face New York Times Copyright Lawsuit

Data Breach Today

Media Giant Alleges 'Billions of Dollars in Statutory and Actual Damages' The New York Times is suing OpenAI and its chief backer Microsoft for copyright infringement, alleging that OpenAI used without permission "millions" of its copyrighted articles to train the large language models used by ChatGPT and by extension Bing Chat and Copilot.

IT 302

More Trending

article thumbnail

Iranian Hackers Claim They Disrupted Albanian Institutions

Data Breach Today

Wave of Attacks Hits Parliament, Telecommunications Provider, National Flag Carrier Albania's Parliament and a telecommunications service provider faced online attacks on Christmas day, according to the Albanian National Authority for Electronic Certification and Cyber Security. Iranian hackers called Homeland Justice have claimed responsibility for the latest wave of attacks.

Security 281
article thumbnail

Russia-linked APT28 used new malware in a recent phishing campaign

Security Affairs

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of a new cyber espionage campaign carried out by the Russia-linked group APT28 (aka “ Forest Blizzard ”, “ Fancybear ” or “ Strontium ”). The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks.

Phishing 143
article thumbnail

Russian Military Intelligence Blamed for Blitzkrieg Hacks

Data Breach Today

Ukrainian Cyber Defenders Trace Government Agency Hits to Phishing Campaign Ukrainian cyber defenders report that fast-acting Russian military intelligence hackers have been targeting government agencies as well as organizations in Poland using backdoor malware tied to phishing lures based on a fake letter from the Ukrainian deputy prime minister.

Military 281
article thumbnail

Clash of Clans gamers at risk while using third-party app

Security Affairs

An exposed database and secrets on a third-party app puts Clash of Clans players at risk of attacks from threat actors. The Cybernews research team has discovered that the Clash Base Designer Easy Copy app exposed its Firebase database and user-sensitive information. With 100,000 downloads on the Google Play store, the app enables Clash of Clans players to build a custom base layout and import it into the game.

Risk 139
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Info-Stealing Malware Now Includes Google Session Hijacking

Data Breach Today

Google OAuth2 Vulnerability Being Actively Abused by Attackers, Researchers Warn A previously undiscovered critical exploit can allow threat actors to gain persistent, unauthorized access to Google services and connected accounts even after users have changed their passwords, cybersecurity researchers warn. They said the flaw enables hackers to manipulate the OAuth 2 protocol.

Passwords 277
article thumbnail

The Worst Hacks of 2023

WIRED Threat Level

It was a year of devastating cyberattacks around the globe, from ransomware attacks on casinos to state-sponsored breaches of critical infrastructure.

article thumbnail

AI in 2024: The Top 10 Cutting Edge Social Engineering Threats

KnowBe4

The year 2024 is shaping up to be a pivotal moment in the evolution of artificial intelligence (AI), particularly in the realm of social engineering. As AI capabilities grow exponentially, so too do the opportunities for bad actors to harness these advancements for more sophisticated and potentially damaging social engineering attacks. Let's explore the top 10 expected AI developments of 2024 and their implications for cybersecurity. 1.

article thumbnail

AI Is Scarily Good at Guessing the Location of Random Photos

Schneier on Security

Wow : To test PIGEON’s performance, I gave it five personal photos from a trip I took across America years ago, none of which have been published online. Some photos were snapped in cities, but a few were taken in places nowhere near roads or other easily recognizable landmarks. That didn’t seem to matter much. It guessed a campsite in Yellowstone to within around 35 miles of the actual location.

Privacy 120
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Your KnowBe4 Fresh Content Updates from December 2023

KnowBe4

Check out the 36 new pieces of training content added in December, alongside the always fresh content update highlights, events and new features.

article thumbnail

Comcast Xfinity data breach affects over 35 million people via The Verge

IG Guru

Check out the article here. The post Comcast Xfinity data breach affects over 35 million people via The Verge first appeared on IG GURU.

article thumbnail

AI fuels massive growth in marketing technology

Information Matters

New data reveals artificial intelligence is powering a boom in marketing technology, with over 2,000 new tools launched in the past six months alone. The “Martech 2024” report, published today Read more The post AI fuels massive growth in marketing technology appeared first on Information Matters - Where AI Meets Knowledge Management.

article thumbnail

Friday Squid Blogging: Sqids

Schneier on Security

They’re short unique strings : Sqids (pronounced “squids”) is an open-source library that lets you generate YouTube-looking IDs from numbers. These IDs are short, can be generated from a custom alphabet and are guaranteed to be collision-free. I haven’t dug into the details enough to know how they can be guaranteed to be collision-free.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

The Quest for Relevant Knowledge: What to Look for in Cognitive Search

Information Matters

A new Forrester Wave report provides an in-depth evaluation of the top cognitive search platforms available today that can help organizations efficiently connect employees to the knowledge they need. With Read more The post The Quest for Relevant Knowledge: What to Look for in Cognitive Search appeared first on Information Matters - Where AI Meets Knowledge Management.

52