Thu.Feb 08, 2024

article thumbnail

Breach Roundup: US Bans AI Robocalls

Data Breach Today

Also: A Widespread Linux Bootloader Vulnerability This week, the U.S. banned AI robocalls, researchers discovered a Linux bootloader flaw, France investigated health sector hackings, the feds offered money for Hive information, Verizon disclosed an insider breach, Germany opened a cybersecurity center, and cyberattack victims reported high costs.

article thumbnail

The Far-Right's Favorite Web Host Has a Shadowy New Owner

WIRED Threat Level

Known for doing business with far-right extremist websites, Epik has been acquired by a company that specializes in helping businesses keep their operations secret.

Security 144
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Number of Attacks Against Critical Infrastructure Is Growing

Data Breach Today

New Report Shows a Surge in OT/IoT Threats and a 123% Increase in Hacking Attempts Threats to critical infrastructure are on the rise, as threat actors continue to scan networks, attack networks and devices, and try to get past access controls. At the same time, according to a new report, sectors such as manufacturing have experienced a 230% increase in vulnerabilities.

IoT 301
article thumbnail

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Security Affairs

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technolog y. Cyber Crime Surge: During COVID-19 , cyber crimes shot up by 600%, showing how threats adapt to global changes. Phishing Attacks: Phishing is the top cyber attack, causing 90% of data breaches. Shockingly, 96% of these attacks come through email.

Security 144
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Suspected EncroChat Admin Extradited to France

Data Breach Today

Authorities Hacked the End-to-End Encryption Platform in 2020 The Dominican Republic earlier this month extradited to France a suspected administrator of now-defunct encrypted messaging service EncroChat. The extradition is the latest in a series of actions European authorities have been taking against EncroChat users since authorities penetrated its network.

More Trending

article thumbnail

Cryptohack Roundup: FTX Hacker Was a SIM Swapper

Data Breach Today

Also: AI Fake IDs Pass Crypto Exchange KYC; Treasury and SEC Address Crypto Issues This week, SIM swappers were linked to the FTX hack, AI-generated fake IDs likely bypassed crypto KYC checks, the Treasury addressed the illicit use of crypto, the SEC increased crypto oversight, Quantstamp released January's crypto hack statistics, and South Korea introduced a crypto crime law.

282
282
article thumbnail

London Underground Is Testing Real-Time AI Surveillance Tools to Spot Crime

WIRED Threat Level

In a test at one station, Transport for London used a computer vision system to try and detect crime and weapons, people falling on the tracks, and fare dodgers, documents obtained by WIRED show.

article thumbnail

Cohesity Is Set to Acquire Veritas' Data Protection Business

Data Breach Today

The Combined Company Will Be Worth $7B, Firms Say Data security vendor Cohesity will acquire the data protection business of Veritas in a stock and debt transaction resulting in a combined firm by the end of this year, the companies announced Thursday. The deal values the combined company at approximately $7 billion.

Security 278
article thumbnail

I Stopped Using Passwords. It's Great—and a Total Mess

WIRED Threat Level

Passkeys are here to replace passwords. When they work, it’s a seamless vision of the future. But don’t ditch your old logins just yet.

Passwords 142
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Feds Warn Health Sector About Akira Again, Amid New Attacks

Data Breach Today

Recent Victims Include Pennsylvania Emergency Dispatch System U.S. federal authorities are again warning the healthcare sector about threats from the Akira ransomware group. The latest alert comes on the heels of several recent attacks by the gang, including one last month on Bucks County, Pennsylvania, which affected an IT system used by emergency responders.

article thumbnail

Cisco fixes critical Expressway Series CSRF vulnerabilities

Security Affairs

CISCO fixed two critical flaws in Expressway Series collaboration gateways exposing vulnerable devices to cross-site request forgery (CSRF) attacks. Cisco addressed several vulnerabilities in its Expressway Series collaboration gateways, two of which, tracked as CVE-2024-20252 and CVE-2024-20254, are critical flaws that can lead to cross-site request forgery (CSRF) attacks. “Multiple vulnerabilities in the Cisco Expressway Series could allow an unauthenticated, remote attacker to conduct c

Security 141
article thumbnail

Getting More Out of Investments in Network-Centric Solutions

Data Breach Today

Investor Pramod Gosavi on Network Access, Endpoint Controls in a Zero Trust World Venture capital investor Pramod Gosavi discussed the drawbacks of relying on network-centric cybersecurity solutions that are driving up costs. He recommended proactive strategies, such as zero trust, that emphasize minimal access and continuous verification and investments in AI-based technologies.

article thumbnail

US offers $10 million reward for info on Hive ransomware group leaders

Security Affairs

U.S. Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. The US Department of State announced rewards up to $10,000,000 for information leading to the identification and/or location of the leaders of the Hive ransomware group. The US government also offers rewards up to $5,000,000 for information leading to the arrest and/or conviction of any individual in any country who participated or attempted to par

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Unprecedented Rise of Malvertising as a Precursor to Ransomware

KnowBe4

Cybercriminals increasingly used malvertising to gain initial access to victims’ networks in 2023, according to Malwarebytes’s latest State of Malware report.

article thumbnail

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

China-linked APT Volt Typhoon infiltrated a critical infrastructure network in the US and remained undetected for at least five years. US CISA, the NSA, the FBI, along with partner Five Eyes agencies, published a joint advisory to warn that China-linked APT Volt Typhoon infiltrated a critical infrastructure network in the US and remained undetected for at least five years. “the U.S. authoring agencies have recently observed indications of Volt Typhoon actors maintaining access and foothold

article thumbnail

Cybersecurity Resiliency and Your Board of Directors

KnowBe4

Growing cybersecurity threats, especially ransomware attacks, and the Securities and Exchange Commission’s (SEC) recent rules have made having a cybersecurity-aware Board of Directors (BOD) a critical business requirement.

article thumbnail

2054, Part IV: A Nation Divided

WIRED Threat Level

“The people are in the streets. We can’t ignore them any longer. Really, we have little choice. Either we heal together, or we tear ourselves apart.” An exclusive excerpt from 2054: A Novel.

Security 122
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

81% of Organizations Cite Phishing as the Top Security Risk

KnowBe4

Organizations are finally dialing in on where they need to focus their cybersecurity strategies, starting with phishing. But the top four cited security risks all have one element in common.

Phishing 122
article thumbnail

On Software Liabilities

Schneier on Security

Over on Lawfare, Jim Dempsey published a really interesting proposal for software liability: “Standard for Software Liability: Focus on the Product for Liability, Focus on the Process for Safe Harbor.” Section 1 of this paper sets the stage by briefly describing the problem to be solved. Section 2 canvasses the different fields of law (warranty, negligence, products liability, and certification) that could provide a starting point for what would have to be legislative action establis

Paper 118
article thumbnail

Watch Out For Valentine’s Day Romance Scams

KnowBe4

Users should be wary of online romance scams ahead of Valentine’s Day, according to Imogen Byers at ESET. While in the past these scams could often be thwarted by using reverse image search on the scammers’ profile photos, criminals can now use generative AI tools to create realistic photos of people who don’t exist.

Security 116
article thumbnail

Weekly Update 386

Troy Hunt

Somehow, an hour and a half went by in the blink of an eye this week. The Spoutible incident just has so many interesting aspects to it: loads of data that should never be returned publicly, awesome response time to the disclosure, lacklustre transparency in their disclosure, some really fundamental misunderstands about hashing algorithms and a controversy-laden past if you read back over events of the last year.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Ulez fines scandal: Italian police ‘illegally accessed’ thousands of EU drivers’ data

The Guardian Data Protection

Italy’s data protection body investigates claims police shared names and addresses with firm collecting penalties for TfL The names and addresses of thousands of EU drivers were unlawfully accessed by Italian police and shared with the company that collects Ulez penalties on behalf of Transport for London (TfL), investigators believe. The Italian data protection authority is investigating claims by Belgium’s government that an unnamed police department misused official powers to pass the persona

Access 106
article thumbnail

News alert: Diversified, GroCyber form partnership to deliver media-centric cybersecurity solutions

The Last Watchdog

Kenilworth, NJ, Feb. 8, 2024 – Diversified , a leading global technology solutions provider, today announced a partnership and trio of solutions with GroCyber. Together, the companies are empowering AV and media companies to improve their cybersecurity stance by providing a “clean bill of health” for their digital media environments, ensuring hardware and software are current, and protecting media storage and devices against the threat of malware.

article thumbnail

The history of climate change

IBM Big Data Hub

Tackling global climate change and tracking greenhouse gas emissions has become an all-hands-on-deck endeavor. The World Bank recently launched an initiative, in collaboration with NASA and the European Space Agency, to collect and organize satellite-based measurements of concentrations of greenhouse gases in the atmosphere. 1 Back on Earth’s surface, companies around the world are also tracking greenhouse gas emissions —the ones produced by their businesses and value chains.

article thumbnail

GE Lighting, a Savant company, switches up its approach to supplier collaboration

OpenText Information Management

Our journey began at the turn of the century when Thomas Edison invented the carbon filament lamp. Today, GE Lighting, a Savant company, is taking the lead in developing smart home solutions—helping customers around the world design perfectly lit spaces and smart environments to live, work, and play. Every year, we deliver millions of products to … The post GE Lighting, a Savant company, switches up its approach to supplier collaboration appeared first on OpenText Blogs.

IT 69
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Creating exceptional employee experiences

IBM Big Data Hub

As the line between employees’ personal and professional lives becomes more blurred than ever, employees expect a more flexible and empathetic workplace that takes their full selves into account. This shift in employee expectation is happening in a challenging environment of rapid technological advancements, widening skills gaps and unpredictable socioeconomic issues.

Access 86
article thumbnail

An inside look at enterprise document accessibility for PDFs

OpenText Information Management

Accessible PDFs are easy to use – enabling most people to view, read or interact with them. The goal is to create an inclusive experience where all PDFs and documents are crafted with accessibility in mind or appropriate tags are added for those who require such features. For those who don’t, the document maintains its … The post An inside look at enterprise document accessibility for PDFs appeared first on OpenText Blogs.

Access 64
article thumbnail

Preparing for the EU AI Act: Getting governance right

IBM Big Data Hub

The European Artificial Intelligence Act, while not yet law, is driving new levels of human oversight and regulatory compliance for artificial intelligence (AI) within the European Union. Similar to GDPR for privacy, the EU AI Act has potential to set the tone for upcoming AI regulations worldwide. The European Parliament reached a provisional agreement on the EU AI Act in December 2023, it is now making its way through the final phases of the legislative process and is expected to rollout in st